| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Bei Browsernutzung lande ich ständig auf Werbeseiten und auf http://s.mgkaxjfwfc.com/s73bc5wskpmgwwcowokg0w0os4Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
03.09.2013, 11:06
| #1 |
 |  Bei Browsernutzung lande ich ständig auf Werbeseiten und auf http://s.mgkaxjfwfc.com/s73bc5wskpmgwwcowokg0w0os4 Hallo liebe Computerfachmänner/frauen, Ich kämpfe nun schon seit ca. 3 Wochen mit folgendem Problem: Es öffnen sich bei meinem Browser (Firefox) aber auch bei anderen Computerbenutzer, die Explorer verwenden, ständig Werbeseiten! Zum Beispiel beim Klicken ins Leere kann es sogar vorkommen, dass sich neue Seiten öffnen! Aber auch dieser Link: hxxp://s.mgkaxjfwfc.com/s73bc5wskpmgwwcowokg0w0os4 öffnet sich immer wider, der ins Leere führt. Mein Antivir erkennt schon mal gar nichts, wobei mein Norton360 immer wieder Fehlermeldungen aufweist. Ich bin dann mal in meinen NortonVerlauf gegangen und hab bemerkt, dass fast jede Sekunde ein Problem bekämpft wird. Eines davon sieht wie folgt aus: Kategorie: Firewall - Aktivitäten Datum/Uhrzeit,Risiko,Aktivität,Status,Empfohlene Aktion,Kategorie 03.09.2013 11:24:22,Infos,"Regel \"Standardblockierung SSDP\" blockiert (192.168.1.1, Port (2869) ). Eingehende TCP-Verbindung. ",Erkannt,Keine Aktion erforderlich,Firewall - Aktivitäten Regel "Standardblockierung SSDP" blockiert (192.168.1.1, Port (2869) ).<br> Eingehende TCP-Verbindung. <br> Lokale Adresse, Dienst: (192.168.1.8, Port (2869) ).<br> Remote-Adresse, Dienst: (192.168.1.1, Port (3521) ).<br> Prozessname: "System". Ich habe auch schon den CCleaner durchlaufen lassen, hat sich aber noch nichts geändert. Mir kommt auch vor, dass sich auf "neutralen" Webseiten, plötzlich Werbung eingeschlichen hat, also Bilder die zum anklicken sind, wo sich neue Seiten wieder öffnen! Wäre es möglich, mich zu lotsen, wie ich den Virus bzw. das Problem bekämpfen bzw. beheben kann?  Ich wäre dem Helfenden zutiefst dankbar!!!  Da ich aufgrund meiner "Wenignutzung" des Computers wenig Erfahrung habe, würde ich mich freuen eine ausführliche Beschreibung meiner zu machenden Schritte zur Behebung zu bekommen!!   Liebe Grüße, Drumkid |
|
03.09.2013, 11:09
| #2 | |
| /// TB-Ausbilder   | Bei Browsernutzung lande ich ständig auf Werbeseiten und auf http://s.mgkaxjfwfc.com/s73bc5wskpmgwwcowokg0w0os4 Hi,
__________________Zitat:
Damit ich dir helfen kann, benötige ich zuerst noch mehr Informationen: Wenn du deinen Rechner nach Malware untersuchen lassen willst, dann arbeite bitte diese Anleitung ab und poste die resultierenden Logfiles hier.
__________________ |
|
03.09.2013, 13:35
| #3 |
| | Bei Browsernutzung lande ich ständig auf Werbeseiten und auf http://s.mgkaxjfwfc.com/s73bc5wskpmgwwcowokg0w0os4 DIE FRST.TXT DATEI:
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2013 01
Ran by Simon (administrator) on FAMILIEN-PC on 03-09-2013 12:26:40
Running from C:\Users\Simon\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\watchmi\TvdTray.exe
(Dropbox, Inc.) C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [MedionReminder] - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [MedionReminder] - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe /DeleteRunKey [443688 2011-05-26] (CyberLink)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1807272 2013-07-27] (Valve Corporation)
HKCU\...\Run: [Desura] - C:\Program Files (x86)\Desura\desura.exe -autostart [x]
MountPoints2: {20b3ec40-1977-11e2-9546-8c89a596b6dd} - G:\LaunchU3.exe -a
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Guard.Mail.ru.gui] - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-05-17] ()
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKU\Bettina\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3478336 2012-01-24] (DT Soft Ltd)
HKU\Bettina\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [17146504 2012-02-15] (Skype Technologies S.A.)
HKU\Bettina\...\Run: [ICQ] - C:\Program Files (x86)\ICQ7M\ICQ.exe [127040 2012-05-17] (ICQ, LLC.)
HKU\Bettina\...\Run: [Spotify] - C:\Users\Simon\AppData\Roaming\Spotify\Spotify.exe [4640768 2013-07-19] (Spotify Ltd)
HKU\Bettina\...\Run: [Spotify Web Helper] - C:\Users\Simon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-19] (Spotify Ltd)
HKU\Lukas\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [17146504 2012-02-15] (Skype Technologies S.A.)
HKU\Lukas\...\Run: [Spotify] - C:\Users\Lukas\AppData\Roaming\Spotify\spotify.exe [7880664 2012-11-08] (Spotify Ltd)
HKU\Lukas\...\Run: [Spotify Web Helper] - C:\Users\Lukas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2012-11-08] (Spotify Ltd)
HKU\Lukas\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3478336 2012-01-24] (DT Soft Ltd)
HKU\Lukas\...\Run: [ICQ] - C:\Program Files (x86)\ICQ7M\ICQ.exe [127040 2012-05-17] (ICQ, LLC.)
AppInit_DLLs-x32: c:\progra~2\magnipic\assist~1.dll [1224192 2013-06-30] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WN111v2 Setup-Assistent.lnk
ShortcutTarget: NETGEAR WN111v2 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe (NETGEAR)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\watchmi tray.lnk
ShortcutTarget: watchmi tray.lnk -> C:\Windows\Installer\{409DC300-28AF-468F-9624-1F3309701881}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe (Acresso Software Inc.)
Startup: C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Users\Simon\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe (No File)
Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {ACCC5665-D59E-4F8C-B4B6-2746D78248EE} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10262&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGT&apn_dtid=^YYYYYY^YY^CH&apn_uid=725e1590-40e4-4983-94ad-4328f96510df&apn_sauid=0987758F-4850-4FCC-BF1D-E35B116969DF
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Savings Sidekick - {11111111-1111-1111-1111-110011501160} - No File
BHO-x32: hosts2 - {11111111-1111-1111-1111-110311691128} - C:\Program Files (x86)\hosts2\hosts2-bho.dll (DownLite)
BHO-x32: MaaaGuniPic - {316DF548-9578-C6E1-C0DD-4771769EE559} - C:\ProgramData\MaaaGuniPic\8BiOnmp.dll ()
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: 184.73.223.40 session.minecraft.net
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Google
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.at/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\75ffaaa6-513e-452f-b3ef-a355babbf0bd@69687691-91ac-4021-9ac9-b8f93a6c6a10.com
FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\crossriderapp5060@crossrider.com
FF Extension: FireJump - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\firejump@firejump.net
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\toolbar@ask.com
FF Extension: GMX MailCheck - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\toolbar@gmx.net
FF Extension: MaaaGuniPic - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\uj5u7i@ybeue.co.uk
FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\coFFPlgn\
FF HKCU\...\Firefox\Extensions: [firejump@firejump.net] C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\extensions\firejump@firejump.net
FF Extension: FireJump - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\extensions\firejump@firejump.net
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (MaaaGuniPic) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdolmdlcfpdlpffoeckdfidkbdgcajbk\1.5
CHR Extension: (hosts2) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nijjeomamgmmmefdpnkebbikhfbgagfl\1.23.6_0
CHR HKLM-x32\...\Chrome\Extension: [dhdepfaagokllfmhfbcfmocaeigmoebo] - C:\Users\Simon\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\Exts\Chrome.crx
==================== Services (Whitelisted) =================
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-02] (Avira Operations GmbH & Co. KG)
R2 Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-05-17] ()
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe [942080 2008-02-29] (Atheros Communications, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
S4 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2401632 2012-11-29] (TuneUp Software)
S4 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2011-10-07] ()
==================== Drivers (Whitelisted) ====================
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2013-08-17] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-04-20] (Avira Operations GmbH & Co. KG)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-20] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-20] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-27] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\IPSDefs\20130902.001\IDSvia64.sys [520280 2013-08-21] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\IPSDefs\20130902.001\IDSvia64.sys [520280 2013-08-21] (Symantec Corporation)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2013-08-17] ()
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs\20130902.024\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs\20130902.024\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs\20130902.024\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs\20130902.024\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)
S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
R3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564792 2012-01-31] (Duplex Secure Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-08-08] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
R3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [783360 2010-04-27] (Atheros Communications, Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-03 12:25 - 2013-09-03 12:26 - 01950474 _____ (Farbar) C:\Users\Simon\Downloads\FRST64.exe
2013-09-03 12:24 - 2013-09-03 12:24 - 01084685 _____ (Farbar) C:\Users\Simon\Downloads\FRST.exe
2013-09-03 12:12 - 2013-09-03 12:23 - 00000524 _____ C:\Users\Simon\Downloads\defogger_disable.log
2013-09-03 12:12 - 2013-09-03 12:12 - 00000020 _____ C:\Users\Simon\defogger_reenable
2013-09-03 12:11 - 2013-09-03 12:11 - 00050477 _____ C:\Users\Simon\Downloads\Defogger.exe
2013-09-03 03:01 - 2013-09-03 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{FFFFF9EE-B7A6-4A1B-B3EE-5193FDC55763}
2013-09-02 19:01 - 2013-09-03 12:15 - 00007830 _____ C:\Windows\PFRO.log
2013-09-02 03:01 - 2013-09-02 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{5F84A793-D88B-4C8F-885D-EDB5A235633E}
2013-09-01 03:01 - 2013-09-01 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{7A792347-1143-4BD3-9681-C9A9CE50A7DF}
2013-08-31 03:01 - 2013-08-31 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{421DD7FF-034C-4C2B-B3CE-F2C4C0B6A75A}
2013-08-30 14:45 - 2013-08-30 14:45 - 00003150 _____ C:\Windows\System32\Tasks\{D19F593B-D7EA-49EC-8895-03ABF4C105A7}
2013-08-30 14:44 - 2013-08-30 14:46 - 00001031 _____ C:\Users\Public\Desktop\MozBackup.lnk
2013-08-30 14:44 - 2013-08-30 14:44 - 00000000 ____D C:\Program Files (x86)\MozBackup
2013-08-30 14:43 - 2013-08-30 14:43 - 01035926 _____ C:\Users\Simon\Downloads\MozBackup-1.5.1-EN.exe
2013-08-30 03:01 - 2013-08-30 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{43B6587A-E6D9-4087-B8B5-F9787DB4D7A3}
2013-08-29 03:01 - 2013-08-29 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{8A20852E-1EBD-4EA2-B1AE-A33E2801A05E}
2013-08-28 03:02 - 2013-08-28 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{0F843024-D16E-4EA5-AA93-B543105B8192}
2013-08-27 16:50 - 2013-08-27 17:09 - 00000000 ____D C:\Users\Simon\Desktop\Schoren Rockt _ Export
2013-08-27 12:49 - 2013-09-03 12:15 - 00000907 _____ C:\Windows\setupact.log
2013-08-27 12:49 - 2013-08-27 12:49 - 00000000 _____ C:\Windows\setuperr.log
2013-08-27 03:01 - 2013-08-27 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{ECA4DBF8-E442-45F0-B0D9-8643BBDE9405}
2013-08-26 03:01 - 2013-08-26 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{C1AD0292-2523-4631-884F-8AAB684AF4FE}
2013-08-25 03:01 - 2013-08-25 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{A3534C9D-A957-4200-B4D6-C5F99B763D1A}
2013-08-24 03:01 - 2013-08-24 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{D412DD72-A04E-4F0A-B0AD-6A10E8FE6DAC}
2013-08-23 21:46 - 2013-08-23 21:46 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-08-23 21:46 - 2013-08-23 21:46 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-08-23 21:46 - 2013-08-23 21:46 - 00000000 ____D C:\Program Files\CCleaner
2013-08-23 21:44 - 2013-08-23 21:44 - 04429440 _____ (Piriform Ltd) C:\Users\Simon\Downloads\ccsetup404.exe
2013-08-23 03:01 - 2013-08-23 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{1F447426-9FB0-43CA-82EB-AF5AF10C0FF4}
2013-08-22 03:01 - 2013-08-22 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{EE4EBC68-1CF9-4FEA-BF93-FA247AFA37E4}
2013-08-21 03:01 - 2013-08-21 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{DFB004DD-9CF3-4ACE-A645-D3C2853B9331}
2013-08-20 03:01 - 2013-08-20 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{65BDBA74-A190-4D7C-8A3F-B3C22A2BD9E7}
2013-08-19 05:38 - 2013-08-19 05:38 - 04653528 _____ (Systweak Inc ) C:\Users\Bettina\Downloads\rcpsetupmarm1_marm10at.exe
2013-08-19 03:01 - 2013-08-19 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{BBA4889A-1EA9-4CC2-8887-38E0546EC706}
2013-08-18 20:12 - 2013-08-23 16:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-18 07:00 - 2013-08-18 07:00 - 04653592 _____ (Systweak Inc ) C:\Users\Bettina\Downloads\rcpsetupdsnr_ds203911984.exe
2013-08-18 03:01 - 2013-08-18 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{AB624956-ED4A-4731-8E72-172FDEE3AEA0}
2013-08-17 12:00 - 2013-08-17 12:18 - 00303616 _____ C:\Windows\system32\Drivers\atksgt.sys
2013-08-17 12:00 - 2013-08-17 12:18 - 00035328 _____ C:\Windows\system32\Drivers\lirsgt.sys
2013-08-16 12:02 - 2013-08-16 14:32 - 00000000 ____D C:\Users\Simon\Documents\Stronghold 2
2013-08-16 12:01 - 2013-08-16 12:01 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll
2013-08-16 12:01 - 2013-08-16 12:01 - 00002158 _____ C:\Users\Public\Desktop\Stronghold 2 spielen.lnk
2013-08-16 11:53 - 2013-08-16 11:53 - 00000000 ____D C:\Program Files (x86)\Firefly Studios
2013-08-16 11:44 - 2013-08-16 11:44 - 00003744 _____ C:\Windows\System32\Tasks\Updater36928.exe
2013-08-16 11:44 - 2013-08-16 11:44 - 00000000 ____D C:\Users\Simon\AppData\Local\Updater36928
2013-08-16 11:44 - 2013-08-16 11:44 - 00000000 ____D C:\Users\Simon\AppData\Local\hosts2
2013-08-16 11:44 - 2013-08-16 11:44 - 00000000 ____D C:\Program Files (x86)\hosts2
2013-08-16 11:43 - 2013-08-16 11:43 - 00000000 ____D C:\ProgramData\StarApp
2013-08-16 11:43 - 2013-08-16 11:43 - 00000000 ____D C:\ProgramData\MaaaGuniPic
2013-08-16 11:43 - 2013-08-16 11:43 - 00000000 ____D C:\Program Files (x86)\MagniPic
2013-08-16 11:42 - 2013-08-16 11:43 - 00000000 ____D C:\ProgramData\InstallMate
2013-08-16 11:41 - 2013-08-16 11:41 - 00893000 _____ (PrivitizeVPN) C:\Users\Simon\Downloads\Stronghold_Crusader_+_Extreme_[Full]_[Rus]_secure.exe
2013-08-15 03:17 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 03:17 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 03:17 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 03:17 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 03:17 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 03:17 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 03:17 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 03:17 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 03:17 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 03:17 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 03:17 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 03:17 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 03:02 - 2013-08-15 03:05 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 20:49 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 20:49 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 20:49 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 20:49 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 20:49 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 20:49 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 20:49 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 20:49 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 20:49 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 20:49 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 20:49 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 20:49 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 20:49 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 20:49 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 20:49 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 20:49 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 20:49 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 20:49 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 20:49 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 20:49 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 20:49 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 20:48 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 20:48 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 20:48 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 20:48 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 20:48 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 20:48 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 02:48 - 2013-08-14 02:48 - 00003088 _____ C:\Windows\System32\Tasks\{D90E508C-A0B6-4CA1-A662-279347FE177B}
2013-08-13 16:43 - 2013-08-13 17:31 - 00000000 ____D C:\Users\Simon\Documents\Erinnerungen
2013-08-13 03:01 - 2013-08-13 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{4D7B9514-74C6-4EC9-8303-A7900830BD6D}
2013-08-12 03:01 - 2013-08-12 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{AA824801-D690-4400-90E5-19D01FEB4AAE}
2013-08-11 03:01 - 2013-08-11 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{CAD80B25-5887-4B73-B574-A95FD7E17A1D}
2013-08-10 03:00 - 2013-08-10 03:00 - 00003088 _____ C:\Windows\System32\Tasks\{03C8523B-7B1D-4E85-BD49-B8CB3F299259}
2013-08-09 03:01 - 2013-08-09 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{D1193F02-41DB-438E-A5EE-B662E9957D19}
2013-08-08 21:54 - 2013-08-08 21:54 - 00000000 ____D C:\Users\Bettina\Documents\Symantec
2013-08-08 21:45 - 2013-08-08 21:45 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360
2013-08-08 21:41 - 2013-08-08 21:41 - 00003238 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-08-08 21:41 - 2013-08-08 21:41 - 00002499 _____ C:\Users\Public\Desktop\Norton 360.lnk
2013-08-08 03:01 - 2013-08-08 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{E9D5F6B5-31E5-4786-B268-5CA5AB24AB60}
2013-08-07 03:02 - 2013-08-07 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{5A472158-1E26-480E-94A1-6AFF158BE0BD}
2013-08-06 03:02 - 2013-08-06 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{8A1A15BC-3657-4E8E-A947-C38195D6A697}
2013-08-05 03:02 - 2013-08-05 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{33A066C9-0FA2-42D0-AF5E-901A7A87DB72}
2013-08-04 03:02 - 2013-08-04 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{6CD64D40-D526-4957-B6F6-4BD8101DADCA}
2013-08-04 00:17 - 2013-08-08 20:41 - 00000000 ____D C:\Users\TEMP.Familien-PC.002
==================== One Month Modified Files and Folders =======
2013-09-03 12:26 - 2013-09-03 12:26 - 00000000 ____D C:\FRST
2013-09-03 12:26 - 2013-09-03 12:25 - 01950474 _____ (Farbar) C:\Users\Simon\Downloads\FRST64.exe
2013-09-03 12:25 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-03 12:25 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-03 12:24 - 2013-09-03 12:24 - 01084685 _____ (Farbar) C:\Users\Simon\Downloads\FRST.exe
2013-09-03 12:23 - 2013-09-03 12:12 - 00000524 _____ C:\Users\Simon\Downloads\defogger_disable.log
2013-09-03 12:22 - 2012-01-21 15:50 - 01832038 _____ C:\Windows\WindowsUpdate.log
2013-09-03 12:19 - 2012-01-28 18:16 - 00000000 ___RD C:\Users\Simon\Dropbox
2013-09-03 12:19 - 2012-01-28 18:15 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Dropbox
2013-09-03 12:18 - 2013-06-19 22:36 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-03 12:17 - 2013-06-19 21:28 - 00000000 ____D C:\Users\Simon\AppData\Local\LogMeIn Hamachi
2013-09-03 12:16 - 2012-04-22 13:57 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-03 12:15 - 2013-09-02 19:01 - 00007830 _____ C:\Windows\PFRO.log
2013-09-03 12:15 - 2013-08-27 12:49 - 00000907 _____ C:\Windows\setupact.log
2013-09-03 12:15 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-03 12:13 - 2012-01-31 21:39 - 00000000 ____D C:\Users\Bettina\Documents\Outlook-Dateien
2013-09-03 12:12 - 2013-09-03 12:12 - 00000020 _____ C:\Users\Simon\defogger_reenable
2013-09-03 12:12 - 2012-01-21 15:55 - 00000000 ____D C:\Users\Simon
2013-09-03 12:11 - 2013-09-03 12:11 - 00050477 _____ C:\Users\Simon\Downloads\Defogger.exe
2013-09-03 12:01 - 2012-04-22 13:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-03 11:37 - 2012-04-22 13:57 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-03 11:14 - 2013-06-19 22:44 - 00000000 ____D C:\ProgramData\Desura
2013-09-03 11:05 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-09-03 07:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-03 07:27 - 2012-06-22 22:00 - 00000000 ____D C:\Users\Bettina\AppData\Roaming\Skype
2013-09-03 03:01 - 2013-09-03 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{FFFFF9EE-B7A6-4A1B-B3EE-5193FDC55763}
2013-09-03 03:01 - 2012-03-05 19:30 - 00000000 ____D C:\ProgramData\Skype
2013-09-02 19:04 - 2013-06-27 19:08 - 00000000 ____D C:\Users\Bettina\AppData\Local\LogMeIn Hamachi
2013-09-02 19:01 - 2012-05-11 11:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-02 18:56 - 2012-03-05 19:30 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Skype
2013-09-02 16:13 - 2013-07-01 00:29 - 00000000 ____D C:\Users\Lukas\AppData\Local\LogMeIn Hamachi
2013-09-02 16:12 - 2012-01-21 15:56 - 00000000 ____D C:\Users\Simon\AppData\Local\VirtualStore
2013-09-02 16:06 - 2012-05-23 21:33 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Spotify
2013-09-02 15:23 - 2013-05-06 14:07 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-02 15:23 - 2013-04-20 08:06 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-02 15:23 - 2013-04-20 08:06 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-02 03:01 - 2013-09-02 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{5F84A793-D88B-4C8F-885D-EDB5A235633E}
2013-09-01 16:26 - 2012-01-21 16:26 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-09-01 03:01 - 2013-09-01 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{7A792347-1143-4BD3-9681-C9A9CE50A7DF}
2013-08-31 03:01 - 2013-08-31 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{421DD7FF-034C-4C2B-B3CE-F2C4C0B6A75A}
2013-08-30 14:46 - 2013-08-30 14:44 - 00001031 _____ C:\Users\Public\Desktop\MozBackup.lnk
2013-08-30 14:45 - 2013-08-30 14:45 - 00003150 _____ C:\Windows\System32\Tasks\{D19F593B-D7EA-49EC-8895-03ABF4C105A7}
2013-08-30 14:44 - 2013-08-30 14:44 - 00000000 ____D C:\Program Files (x86)\MozBackup
2013-08-30 14:43 - 2013-08-30 14:43 - 01035926 _____ C:\Users\Simon\Downloads\MozBackup-1.5.1-EN.exe
2013-08-30 11:33 - 2011-03-11 11:20 - 00654602 _____ C:\Windows\system32\perfh007.dat
2013-08-30 11:33 - 2011-03-11 11:20 - 00130216 _____ C:\Windows\system32\perfc007.dat
2013-08-30 11:33 - 2009-07-14 07:13 - 01500294 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-30 03:01 - 2013-08-30 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{43B6587A-E6D9-4087-B8B5-F9787DB4D7A3}
2013-08-29 03:01 - 2013-08-29 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{8A20852E-1EBD-4EA2-B1AE-A33E2801A05E}
2013-08-28 03:02 - 2013-08-28 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{0F843024-D16E-4EA5-AA93-B543105B8192}
2013-08-28 03:02 - 2012-01-22 13:03 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-27 17:09 - 2013-08-27 16:50 - 00000000 ____D C:\Users\Simon\Desktop\Schoren Rockt _ Export
2013-08-27 12:49 - 2013-08-27 12:49 - 00000000 _____ C:\Windows\setuperr.log
2013-08-27 08:42 - 2012-03-12 16:21 - 00000000 ___RD C:\Users\Lukas\Dropbox
2013-08-27 08:42 - 2012-03-12 16:19 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Dropbox
2013-08-27 03:01 - 2013-08-27 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{ECA4DBF8-E442-45F0-B0D9-8643BBDE9405}
2013-08-26 03:01 - 2013-08-26 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{C1AD0292-2523-4631-884F-8AAB684AF4FE}
2013-08-25 03:01 - 2013-08-25 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{A3534C9D-A957-4200-B4D6-C5F99B763D1A}
2013-08-24 03:01 - 2013-08-24 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{D412DD72-A04E-4F0A-B0AD-6A10E8FE6DAC}
2013-08-23 21:48 - 2012-05-27 18:30 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Skype
2013-08-23 21:48 - 2012-01-31 19:48 - 00000000 ____D C:\Users\Simon\AppData\Roaming\DAEMON Tools Lite
2013-08-23 21:48 - 2012-01-26 17:01 - 00000000 ____D C:\Users\Simon\AppData\Local\CrashDumps
2013-08-23 21:48 - 2011-03-14 16:03 - 00000000 ____D C:\Windows\Panther
2013-08-23 21:46 - 2013-08-23 21:46 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-08-23 21:46 - 2013-08-23 21:46 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-08-23 21:46 - 2013-08-23 21:46 - 00000000 ____D C:\Program Files\CCleaner
2013-08-23 21:44 - 2013-08-23 21:44 - 04429440 _____ (Piriform Ltd) C:\Users\Simon\Downloads\ccsetup404.exe
2013-08-23 16:46 - 2013-08-18 20:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-23 03:01 - 2013-08-23 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{1F447426-9FB0-43CA-82EB-AF5AF10C0FF4}
2013-08-22 03:01 - 2013-08-22 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{EE4EBC68-1CF9-4FEA-BF93-FA247AFA37E4}
2013-08-21 09:01 - 2012-04-22 13:57 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-21 09:01 - 2012-04-22 13:57 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-21 09:01 - 2011-08-22 19:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-21 03:01 - 2013-08-21 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{DFB004DD-9CF3-4ACE-A645-D3C2853B9331}
2013-08-20 03:01 - 2013-08-20 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{65BDBA74-A190-4D7C-8A3F-B3C22A2BD9E7}
2013-08-19 05:38 - 2013-08-19 05:38 - 04653528 _____ (Systweak Inc ) C:\Users\Bettina\Downloads\rcpsetupmarm1_marm10at.exe
2013-08-19 03:01 - 2013-08-19 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{BBA4889A-1EA9-4CC2-8887-38E0546EC706}
2013-08-18 07:00 - 2013-08-18 07:00 - 04653592 _____ (Systweak Inc ) C:\Users\Bettina\Downloads\rcpsetupdsnr_ds203911984.exe
2013-08-18 03:01 - 2013-08-18 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{AB624956-ED4A-4731-8E72-172FDEE3AEA0}
2013-08-17 12:21 - 2011-08-22 18:03 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-17 12:18 - 2013-08-17 12:00 - 00303616 _____ C:\Windows\system32\Drivers\atksgt.sys
2013-08-17 12:18 - 2013-08-17 12:00 - 00035328 _____ C:\Windows\system32\Drivers\lirsgt.sys
2013-08-16 14:32 - 2013-08-16 12:02 - 00000000 ____D C:\Users\Simon\Documents\Stronghold 2
2013-08-16 12:01 - 2013-08-16 12:01 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll
2013-08-16 12:01 - 2013-08-16 12:01 - 00002158 _____ C:\Users\Public\Desktop\Stronghold 2 spielen.lnk
2013-08-16 12:01 - 2012-02-08 11:09 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-08-16 11:53 - 2013-08-16 11:53 - 00000000 ____D C:\Program Files (x86)\Firefly Studios
2013-08-16 11:44 - 2013-08-16 11:44 - 00003744 _____ C:\Windows\System32\Tasks\Updater36928.exe
2013-08-16 11:44 - 2013-08-16 11:44 - 00000000 ____D C:\Users\Simon\AppData\Local\Updater36928
2013-08-16 11:44 - 2013-08-16 11:44 - 00000000 ____D C:\Users\Simon\AppData\Local\hosts2
2013-08-16 11:44 - 2013-08-16 11:44 - 00000000 ____D C:\Program Files (x86)\hosts2
2013-08-16 11:43 - 2013-08-16 11:43 - 00000000 ____D C:\ProgramData\StarApp
2013-08-16 11:43 - 2013-08-16 11:43 - 00000000 ____D C:\ProgramData\MaaaGuniPic
2013-08-16 11:43 - 2013-08-16 11:43 - 00000000 ____D C:\Program Files (x86)\MagniPic
2013-08-16 11:43 - 2013-08-16 11:42 - 00000000 ____D C:\ProgramData\InstallMate
2013-08-16 11:41 - 2013-08-16 11:41 - 00893000 _____ (PrivitizeVPN) C:\Users\Simon\Downloads\Stronghold_Crusader_+_Extreme_[Full]_[Rus]_secure.exe
2013-08-15 04:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-15 03:05 - 2013-08-15 03:02 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 03:02 - 2011-03-14 16:08 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-14 02:48 - 2013-08-14 02:48 - 00003088 _____ C:\Windows\System32\Tasks\{D90E508C-A0B6-4CA1-A662-279347FE177B}
2013-08-13 23:43 - 2012-02-16 18:47 - 00000000 ____D C:\Users\Lukas
2013-08-13 21:23 - 2012-07-02 14:39 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Spotify
2013-08-13 17:31 - 2013-08-13 16:43 - 00000000 ____D C:\Users\Simon\Documents\Erinnerungen
2013-08-13 17:08 - 2012-07-02 14:40 - 00000000 ____D C:\Users\Simon\AppData\Local\Spotify
2013-08-13 03:01 - 2013-08-13 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{4D7B9514-74C6-4EC9-8303-A7900830BD6D}
2013-08-12 03:01 - 2013-08-12 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{AA824801-D690-4400-90E5-19D01FEB4AAE}
2013-08-11 03:01 - 2013-08-11 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{CAD80B25-5887-4B73-B574-A95FD7E17A1D}
2013-08-10 03:00 - 2013-08-10 03:00 - 00003088 _____ C:\Windows\System32\Tasks\{03C8523B-7B1D-4E85-BD49-B8CB3F299259}
2013-08-09 03:01 - 2013-08-09 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{D1193F02-41DB-438E-A5EE-B662E9957D19}
2013-08-08 21:54 - 2013-08-08 21:54 - 00000000 ____D C:\Users\Bettina\Documents\Symantec
2013-08-08 21:45 - 2013-08-08 21:45 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360
2013-08-08 21:44 - 2012-01-21 16:10 - 00000000 ____D C:\ProgramData\Norton
2013-08-08 21:42 - 2012-01-21 16:12 - 00000000 ____D C:\Windows\system32\Drivers\N360x64
2013-08-08 21:41 - 2013-08-08 21:41 - 00003238 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-08-08 21:41 - 2013-08-08 21:41 - 00002499 _____ C:\Users\Public\Desktop\Norton 360.lnk
2013-08-08 21:38 - 2012-01-21 16:12 - 00177312 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2013-08-08 21:38 - 2012-01-21 16:12 - 00007631 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2013-08-08 20:41 - 2013-08-04 00:17 - 00000000 ____D C:\Users\TEMP.Familien-PC.002
2013-08-08 03:01 - 2013-08-08 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{E9D5F6B5-31E5-4786-B268-5CA5AB24AB60}
2013-08-07 03:02 - 2013-08-07 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{5A472158-1E26-480E-94A1-6AFF158BE0BD}
2013-08-06 03:02 - 2013-08-06 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{8A1A15BC-3657-4E8E-A947-C38195D6A697}
2013-08-05 03:02 - 2013-08-05 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{33A066C9-0FA2-42D0-AF5E-901A7A87DB72}
2013-08-04 03:02 - 2013-08-04 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{6CD64D40-D526-4957-B6F6-4BD8101DADCA}
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-01 00:02
==================== End Of Log ============================
--- --- --- |
|
03.09.2013, 13:38
| #4 |
| | Bei Browsernutzung lande ich ständig auf Werbeseiten und auf http://s.mgkaxjfwfc.com/s73bc5wskpmgwwcowokg0w0os4 DIE ADDITION.TXT DATEI: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2013 01 Ran by Simon at 2013-09-03 12:28:04 Running from C:\Users\Simon\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= µTorrent (x32 Version: 3.1.3) Adobe After Effects CS3 (x32 Version: 8) Adobe After Effects CS3 Presets (x32 Version: 8) Adobe After Effects CS3 Template Projects & Footage (x32 Version: 8) Adobe After Effects CS3 Third Party Content (x32 Version: 3) Adobe AIR (x32 Version: 3.1.0.4880) Adobe Anchor Service CS3 (x32 Version: 1.0) Adobe Asset Services CS3 (x32 Version: 3) Adobe Bridge CS3 (x32 Version: 2) Adobe Bridge Start Meeting (x32 Version: 1.0) Adobe Camera Raw 4.0 (x32 Version: 4.0) Adobe CMaps (x32 Version: 1.0) Adobe Color - Photoshop Specific (x32 Version: 1.0) Adobe Color Common Settings (x32 Version: 1.0) Adobe Color EU Recommended Settings (x32 Version: 1.0) Adobe Color JA Extra Settings (x32 Version: 1.0) Adobe Color NA Extra Settings (x32 Version: 1.0) Adobe Creative Suite 3 Production Premium (x32 Version: 1.0) Adobe Creative Suite 3 Production Premium hinzufügen oder entfernen (x32 Version: 1.0) Adobe Creative Suite 4 Design Standard (x32 Version: 4.0) Adobe Default Language CS3 (x32 Version: 1.0) Adobe Device Central CS3 (x32 Version: 1.0) Adobe Download Assistant (x32 Version: 1.2.3) Adobe Encore CS3 (x32 Version: 3) Adobe Encore CS3 Codecs (x32 Version: 3) Adobe Encore CS3 Library (x32 Version: 3) Adobe ExtendScript Toolkit 2 (x32 Version: 2.0) Adobe Extension Manager CS3 (x32 Version: 1.8) Adobe Flash CS3 (x32 Version: 9.0) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) Adobe Flash Video Encoder (x32 Version: 2.0) Adobe Fonts All (x32 Version: 1.0) Adobe Glyphlet Creation Tool CS3 (x32 Version: 2.0) Adobe Help Viewer CS3 (x32 Version: 1) Adobe Illustrator CS3 (x32 Version: 13.0) Adobe Illustrator CS6 (x32 Version: 16.0) Adobe Linguistics CS3 (x32 Version: 3.0.0) Adobe MotionPicture Color Files (x32 Version: 1.0) Adobe PDF Library Files (x32 Version: 8.0) Adobe Photoshop CS3 (x32 Version: 10) Adobe Premiere Pro CS3 (x32 Version: 3) Adobe Premiere Pro CS3 Functional Content (x32 Version: 8) Adobe Premiere Pro CS3 Third Party Content (x32 Version: 3) Adobe Reader X (10.1.1) MUI (x32 Version: 10.1.1) Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7) Adobe Setup (x32 Version: 1.0) Adobe Setup (x32 Version: 2.0) Adobe Soundbooth CS3 (x32 Version: 1) Adobe Soundbooth CS3 Codecs (x32 Version: 3) Adobe Soundbooth CS3 Scores (x32 Version: 1) Adobe Stock Photos CS3 (x32 Version: 1.5) Adobe Type Support (x32 Version: 1.0) Adobe Update Manager CS3 (x32 Version: 5.1.0) Adobe Version Cue CS3 Client (x32 Version: 3) Adobe Video Profiles (x32 Version: 1.0) Adobe WAS CS3 (x32 Version: 1.0) Adobe WinSoft Linguistics Plugin (x32 Version: 1.0) Adobe XMP DVA Panels CS3 (x32 Version: 1.0) Adobe XMP Panels CS3 (x32 Version: 1.0) AHV content for Acrobat and Flash (x32 Version: 1) AMD APP SDK Runtime (Version: 2.5.793.1) AMD AVIVO64 Codecs (Version: 11.7.0.11013) AMD Catalyst Install Manager (Version: 3.0.851.0) AMD Drag and Drop Transcoding (Version: 2.00.0000) AMD Media Foundation Decoders (Version: 1.0.61013.1636) Apple Application Support (x32 Version: 2.3.4) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) ArcSoft MediaImpression 2 (x32 Version: 2.0.15.1073) Ask Toolbar (x32 Version: 1.15.13.0) Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.12.9.0) Avira Free Antivirus (x32 Version: 13.0.0.4052) Avira SearchFree Toolbar plus Web Protection Updater (HKCU Version: 1.2.3.33021) AVS Video Converter 8 (x32) AVS4YOU Software Navigator 1.4 (x32) Bonjour (Version: 3.0.0.10) CamStudio OSS Desktop Recorder (x32 Version: 2.6 Beta r294) Camtasia Studio 7 (x32 Version: 7.1.1) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32) Canon MG5200 series Benutzerregistrierung (x32) Canon MG5200 series MP Drivers Canon MP Navigator EX 4.0 (x32) Catalyst Control Center (x32 Version: 2011.1013.1702.28713) Catalyst Control Center InstallProxy (x32 Version: 2011.1013.1702.28713) Catalyst Control Center Localization All (x32 Version: 2011.1013.1702.28713) CCC Help Danish (x32 Version: 2011.1013.1701.28713) CCC Help Dutch (x32 Version: 2011.1013.1701.28713) CCC Help English (x32 Version: 2011.1013.1701.28713) CCC Help Finnish (x32 Version: 2011.1013.1701.28713) CCC Help French (x32 Version: 2011.1013.1701.28713) CCC Help German (x32 Version: 2011.1013.1701.28713) CCC Help Italian (x32 Version: 2011.1013.1701.28713) CCC Help Japanese (x32 Version: 2011.1013.1701.28713) CCC Help Norwegian (x32 Version: 2011.1013.1701.28713) CCC Help Spanish (x32 Version: 2011.1013.1701.28713) CCC Help Swedish (x32 Version: 2011.1013.1701.28713) ccc-utility64 (Version: 2011.1013.1702.28713) ClipConverter (x32 Version: 1.0.0) Company of Heroes Single Player Demo (x32 Version: 1.0.0.105) Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2) Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2) Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2) ConvertHelper 2.2 (x32) CyberLink LabelPrint (x32 Version: 2.5.3624) CyberLink Power2Go (x32 Version: 7.0.0.1327) CyberLink PowerDVD Copy (x32 Version: 1.5.1306) CyberLink PowerRecover (x32 Version: 5.5.4125) CyberLink WaveEditor (x32 Version: 1.0.1.2821) D3DX10 (x32 Version: 15.4.2368.0902) DAEMON Tools Lite (x32 Version: 4.45.2.0287) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) Dropbox (HKCU Version: 2.0.22) eaner (Version: 4.04) Evernote v. 4.5.4 (x32 Version: 4.5.4.6498) FastStone Capture 5.3 (x32 Version: 5.3) Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.31.0) FireJump (x32 Version: 1.0.2.5) Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (x32 Version: 15.4.5722.2) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922) Fraps (x32) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922) Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922) Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922) Galerie de photos Windows Live (x32 Version: 15.4.3502.0922) GIMP 2.8.0 (Version: 2.8.0) Gobbler (x32 Version: 0.7.1) Google Toolbar for Internet Explorer (x32 Version: 1.0.0) Google Toolbar for Internet Explorer (x32 Version: 7.5.4413.1752) Google Update Helper (x32 Version: 1.3.21.153) Guard.ICQ (x32) hosts2 (x32 Version: 1.27.153.8) HyperCam 3 (x32 Version: 3.3.1111.16) ICQ7M (x32 Version: 7.8) Intel(R) Control Center (x32 Version: 1.2.1.1007) Intel(R) Management Engine Components (x32 Version: 7.0.0.1144) Intel(R) Rapid Storage Technology (x32 Version: 10.6.0.1002) iPhone Backup Extractor (HKCU Version: 4.5.1.0) iTunes (Version: 11.0.4.4) Java Auto Updater (x32 Version: 2.0.6.1) Java(TM) 6 Update 29 (x32 Version: 6.0.290) Junk Mail filter update (x32 Version: 15.4.3502.0922) Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (x32 Version: 15.4.5722.2) LAME v3.99.3 (for Windows) (x32) LogMeIn Hamachi (x32 Version: 2.1.0.374) MaaaGuniPic (x32 Version: 1.2.0.1190) MAGIX Speed burnR (MSI) (Version: 7.0.2.6) MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6) MAGIX Video deluxe 2013 (Version: 12.0.0.32) MAGIX Video deluxe 2013 (x32 Version: 12.0.0.32) MagniPic (Version: 1.0) McAfee Security Scan Plus (x32 Version: 3.0.318.3) Medion Home Cinema (x32 Version: 8.0.3216) Memeo Instant Backup (x32 Version: 4.60.0.7943) Mesh Runtime (x32 Version: 15.4.5722.2) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office 2010 (x32 Version: 14.0.4763.1000) Microsoft Office 2010 Service Pack 1 (SP1) (x32) Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000) Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000) Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Outlook Connector (x32 Version: 14.0.6106.5001) Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000) Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (x32 Version: 14.0.5120.5000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) MinecraftAlpha (x32) MozBackup 1.5.1 (x32) Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1) Mozilla Maintenance Service (x32 Version: 23.0.1) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0) MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0) MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0) Norton 360 Premier Edition (x32 Version: 20.4.0.40) Pazera Free MOV to AVI Converter 1.4 (x32 Version: 1.4) PDF Settings (x32 Version: 1.0) PlayReady PC Runtime amd64 (Version: 1.3.0) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922) Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922) Pošta Windows Live (x32 Version: 15.4.3502.0922) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922) RangeMax Wireless-N USB Adapter WN111v2 (x32 Version: 3.0.0.5) ReaConverter 6.7 Standard (x32) Realtek Ethernet Controller Driver (x32 Version: 7.46.610.2011) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6438) Savings Sidekick (x32 Version: 1.22.150.150) SCHLECKER Foto Digital Service (x32) Skype™ 5.8 (x32 Version: 5.8.156) Source SDK (x32) Source SDK Base 2006 (x32) Source SDK Base 2007 (x32) Space Pirates and Zombies (x32) Spotify (HKCU Version: 0.9.1.57.ge7405149) Steam (x32 Version: 1.0.0.0) Stronghold 2 (x32 Version: 1.00) TeamSpeak 3 Client (HKCU Version: 3.0.10.1) TuneUp Utilities 2013 (x32 Version: 13.0.3000.132) TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3000.132) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft Office 2010 (KB2494150) (x32) Update for Microsoft Office 2010 (KB2553065) (x32) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2566458) (x32) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32) Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32) Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32) Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32) Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32) Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32) Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (x32 Version: 15.4.5722.2) VLC media player 2.0.1 (x32 Version: 2.0.1) watchmi (x32 Version: 2.7.0) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3555.0308) Windows Live Fotogalerie (x32 Version: 15.4.3502.0922) Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922) Windows Live Fotótár (x32 Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3555.0308) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2) Windows Live Mesh (x32 Version: 15.4.3502.0922) Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2) Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2) Windows Live Mesh ActiveX-objekt til fjernforbindelser (x32 Version: 15.4.5722.2) Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (x32 Version: 15.4.5722.2) Windows Live Messenger (x32 Version: 15.4.3538.0513) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) WinRAR 4.10 (64-bit) (Version: 4.10.0) Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (x32 Version: 15.4.5722.2) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922) ==================== Restore Points ========================= 27-08-2013 01:00:13 Windows Update 28-08-2013 01:00:17 Windows Update 29-08-2013 01:00:11 Windows Update 30-08-2013 01:00:12 Windows Update 31-08-2013 01:00:12 Windows Update 01-09-2013 01:00:10 Windows Update 02-09-2013 01:00:11 Windows Update 03-09-2013 01:00:13 Windows Update ==================== Hosts content: ========================== 2012-09-11 22:42 - 2012-09-11 22:43 - 00000859 ____A C:\Windows\system32\Drivers\etc\hosts 184.73.223.40 session.minecraft.net ==================== Scheduled Tasks (whitelisted) ============= Task: {002ECA4C-FB40-41D9-8AF9-375BC05459A0} - System32\Tasks\{F32A3523-6CB9-47E0-B0E7-2298E651F929} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {006BFF3D-E45F-494A-9490-CACF7DBA6D75} - System32\Tasks\{3C2E0560-E166-40FF-9F10-B272BF138875} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {006DD4B9-E58D-438B-9D08-6E2B3AC1D737} - System32\Tasks\{087E39E4-898B-406F-8FB8-6F9272642EEE} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {00ADB897-EC2B-48BD-9FC9-64C23D2C422E} - System32\Tasks\{3D952E52-9161-4A7F-8800-35083220EA97} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {0158808E-E1A5-4FD2-9522-5F3DE869334A} - System32\Tasks\{022BB06D-1DE7-46BF-BE15-4743F0552F2E} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {02C9957B-A33C-4E25-8453-CF92BE6BBF2D} - System32\Tasks\{A44997B7-B44C-42D7-91EB-7BC62EAFF138} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {02E2102F-59E6-4214-B0A1-225BE72B45DB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21] (Adobe Systems Incorporated) Task: {03575774-CF56-46BD-B121-2EFCD20092BB} - System32\Tasks\{B8EF3577-F59F-42B6-88D1-9BA16DC90123} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {03F567F5-8BD6-4ACB-BF0C-C0E5D189D391} - System32\Tasks\{DF8EB2A3-46E9-49A7-9DB9-2C34434A4513} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {03FB49C4-54CE-4C97-A2C0-483AAEDDEC2C} - System32\Tasks\{5A472158-1E26-480E-94A1-6AFF158BE0BD} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => start w32time task_started Task: {05897557-6EBA-46B6-80D7-2677DEAF9016} - System32\Tasks\{3D342F65-47CB-4E53-AAAF-DCAD5282C784} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {0634197A-E5A6-4E2C-8E07-B642688EA69F} - System32\Tasks\{CA81BE25-B26D-439D-9DA0-DB9C77A9FC43} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {0649CDE3-5085-4C6A-906C-A3222E7C10EF} - System32\Tasks\{9C8D630B-8E92-42AC-B5FE-87BEDBCC3CD7} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {0700164E-55F5-4831-A0A3-A296F6DF3376} - System32\Tasks\{F261BCC2-0383-47DF-8A92-DDE3627AFE04} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {0779236F-56E6-4090-8F3F-3C3A5722FD05} - System32\Tasks\{D976C264-213D-4377-A1A9-8125DD483A61} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {088B3208-50E9-4FF1-A859-5392E7BF2DAC} - System32\Tasks\{62E881AC-D253-45F8-84CA-619A066F157D} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {0896ACFC-DD34-45F1-A304-47A7F3E43A0A} - System32\Tasks\{9396F687-E418-463E-BEBB-CE901B8175A5} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {0AF3B109-F9FC-4B7F-8F03-55AD42B6EC0A} - System32\Tasks\{1AF7F1AA-98E2-476B-B9CA-046963CF6057} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {0BB37F40-3D5C-4511-B0AA-643AD1D27B12} - System32\Tasks\{A8E43576-9D15-49FE-B575-75EAA2AB624C} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {0BF1D93D-3AF2-4AA8-948B-4B1C2C288B19} - System32\Tasks\{3C53EEA0-552A-4358-8084-084131CF88A9} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {0D6FF3CC-1881-431A-A4F4-B2AFF2B18BC5} - System32\Tasks\{5451CE30-EFD2-4A32-A379-D40935D48280} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {0E7C5091-E411-471E-938D-A270E55E8E77} - System32\Tasks\{FE06FB00-A34F-4F74-A86C-2B1004B787BF} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {0F9ED6A8-6445-44D0-B214-87ECCA050C0A} - System32\Tasks\{C1D7C126-0DE8-49AC-8E2D-79D9E470864F} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {0FEB8467-59A8-4B60-9B98-A4A0C1DDE6A2} - System32\Tasks\{E0C0C148-0B37-4E03-A9B8-DB7C4FD0DB81} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {12664A4E-B0F5-4FFD-89E4-747C96C88886} - System32\Tasks\{35AAB91B-6668-46D1-BF65-B05C4F663C2C} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {128C4C43-12FA-477D-8A50-ABF12D86AA7B} - System32\Tasks\{6CD64D40-D526-4957-B6F6-4BD8101DADCA} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {12F52C98-B434-4068-8ECA-107E2E840D1A} - System32\Tasks\{785ED558-0DD7-4DCB-A13E-F96E8C5097AD} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {1455017B-F1F8-4B74-B392-CFFAD4D5E48E} - System32\Tasks\{AC781E00-2472-4CA1-8081-8347B1986EEC} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {153B205A-7FCB-4EC9-8936-9B570C821038} - System32\Tasks\{79705F00-A79D-4AA5-99C3-486A99558120} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {1567DE27-E977-4200-9A46-3AFE63FF024E} - System32\Tasks\{17D2037F-2B71-48FA-B7D5-D0323B95199B} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {173B9453-2B16-4684-AC3D-53917E7DFEFA} - System32\Tasks\{F38B79D0-EDAD-47D5-A7E4-3D8534F90DA8} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {17A25FAF-99FC-4C8F-84F2-33F5AFFAF8FD} - System32\Tasks\{1B774A23-32A8-4A86-B49B-830ACB58D7C4} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {1973F885-2B6F-4402-90FF-9F3F249D1F1C} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation) Task: {19781E9A-1175-49C1-8AED-8E22D88E430F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-22] (Google Inc.) Task: {19869CB7-53BC-4FE3-A686-EC440CEFEEE7} - System32\Tasks\{E8C1E5BF-4D90-4091-BB85-13881EC33671} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {19AA81F3-16E4-4953-9723-F1B723016B5A} - System32\Tasks\{D412DD72-A04E-4F0A-B0AD-6A10E8FE6DAC} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {19E449F1-51E4-4480-A0A8-64D262A534C7} - System32\Tasks\{E6107AEB-1218-461A-8924-A8DCBAC5E17E} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {1C6A0C62-CA7A-4B55-81EE-6325E8CA9A7D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd) Task: {1C8E639F-4AF3-4F57-A4A8-A08A6868B61F} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation) Task: {1F1A587D-B8D0-4423-BA4F-8C6AF56FD659} - System32\Tasks\{390F034A-03FF-4934-8A36-518FED842011} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {1F20A839-00D8-4875-BB4B-84EC193F3A15} - System32\Tasks\{6395DC24-E89A-4B99-8AA9-2F2D0E00C40F} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {1F4EC83A-630C-4965-B9E9-1577C6A63131} - System32\Tasks\{9F689E6E-5675-4B4F-A06B-34F9007E3ADF} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {1FB0BC5E-4BF9-457E-982B-CF86380F0D9B} - System32\Tasks\{0E02487D-F0C8-4137-AC14-E4701D922715} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {2117A9F4-30F7-4010-AB7B-CF8FF842BFD5} - System32\Tasks\{D062E700-B6B2-4E25-BE61-8F39C109AA3C} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {22C32744-9437-4119-BB34-6759A8422C79} - System32\Tasks\{C5DD7383-3340-43FC-B5FB-94B004630A49} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {233ECCDE-7018-4F65-B432-23FD5FCC1F25} - System32\Tasks\{7D1140A5-2A01-40E7-B425-1FF6C4BD32AC} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {236CDF67-AF2C-4D4E-9756-BDDD5721DB04} - System32\Tasks\{3684A897-D41D-4596-AC00-C159500E1434} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {2427614D-1C8F-4621-92DC-A7D8A24A0465} - System32\Tasks\{4FA0E39F-F0F3-461B-ACFF-9863A3CEF5C2} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {24482003-0341-4A2E-B948-8C05FB84470D} - System32\Tasks\{55AFDA45-9C10-48C7-9172-6BD6D2CE6B02} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {24E9EE48-B4CA-41CA-B3A5-272F66EEE122} - System32\Tasks\{64446CAB-68CC-4C6C-909E-EDEEE9219865} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {255558C5-E907-4CD7-BA41-D7164E4C638D} - System32\Tasks\{A236122C-D9FF-436D-A8D8-CD4BF40F6452} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {2806CFD0-354A-43D0-8991-EC24DB645B73} - System32\Tasks\{C21227D0-B839-43DF-B7DF-E206CE4FBFAA} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {28FCFDA9-44B9-44F3-A8F2-F66E5583CC33} - System32\Tasks\{DE9426A3-036C-4758-AEDF-C3F6D67D2D43} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {298D6FE9-85BE-40DC-B1C7-1AD397B16284} - System32\Tasks\{6667C3F0-1EB4-4446-9686-5368ADB927D5} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {299630C6-67B4-4B58-9387-06B63CA0B8BC} - System32\Tasks\{E740DD44-3A12-431E-B611-E122E02B14C7} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {29EF6214-53A1-474F-A037-DAAF3A250D3F} - System32\Tasks\{0CC30E6B-9841-4AC8-B9C6-996668CAD0DE} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {2A35B5CE-9CE6-4C63-95D9-78F4E9B73BD0} - System32\Tasks\{D65E4098-983D-4056-8E86-36A9F465697A} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {2AB045CD-8832-4BD1-8C11-2AA518902E05} - System32\Tasks\{D515A6F8-875C-41DB-B48D-5651D576B078} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {2AC201D9-2A32-4CE9-8266-8980DAD97C1D} - System32\Tasks\{33AE6E29-E83A-4A69-839C-CC0F7835B274} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {2B61ADAC-98DB-4714-8BAA-8967287D1B16} - System32\Tasks\{350312EB-5669-46A2-AD9D-44385D3A2634} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {2C212FBC-CF07-4943-BF11-636FC6BD3253} - System32\Tasks\{D971F7B8-B2C9-43CB-AA40-B240EFA2D366} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {2E71800E-3531-4BFE-AE7E-0BF30724AAB9} - System32\Tasks\{BA5CFCFD-EBED-4FAC-B483-367147994DD8} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {2F11F7B7-3D1A-433C-8898-7A4B757A6992} - System32\Tasks\{D9FAC57B-49C4-4B9C-B4C4-74F6D2E94D72} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {2F533554-02EE-4F8F-9DF6-3D7D9E16AFDA} - System32\Tasks\{BEB8E447-22E2-4C03-B802-31517ECE97C1} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {2F60F236-DF13-46CA-8855-91A7C2FDF568} - System32\Tasks\{43B6587A-E6D9-4087-B8B5-F9787DB4D7A3} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {2FAF29B1-978A-4CA7-81BA-F78B45287F4D} - System32\Tasks\{FE2FAAFA-2FE0-45AC-B048-1720CBF4320A} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {2FD980AD-D1B8-4E85-BD8C-56A7A9C49AA1} - System32\Tasks\{FCB9BF3B-C754-4C13-A7E6-EFDDB8DC5530} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {30527CDB-3CF4-4452-B4AE-70168B18C2B4} - System32\Tasks\{DDBB5A27-D713-425D-9140-25BB5C0DFDBD} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {3062E7AD-003A-48FF-A6A3-51CF64903790} - System32\Tasks\{D815A0E9-908E-4862-B238-535DC259DCF1} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {30E9C1C9-2114-4F5B-BBD6-5380142369CF} - System32\Tasks\{6EBF0461-2747-4282-A9C6-5C31549B03F2} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {31C18DD2-93B5-4301-9D8F-4C149DF10C19} - System32\Tasks\{D1193F02-41DB-438E-A5EE-B662E9957D19} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {32693E7F-722B-458C-B4F1-9D584D90D98B} - System32\Tasks\{A0C6D1A0-B1AD-41F4-A9CB-D7E2346FAD74} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {3273D9DC-794A-43CC-88AF-3FFE347B79F7} - System32\Tasks\{80DC98F8-02E6-4DFE-86FE-A007BC1CF05C} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {32E63CD4-1A34-4667-A45A-3C851AD86E1E} - System32\Tasks\{5C5D85E1-A9A0-4489-AAF3-3371388F88D4} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {330BC7F4-9505-4B99-B43B-204357D70B54} - System32\Tasks\{6CBBED1B-2965-4BBC-9483-9047FA49343D} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {33830BDF-613E-474C-B66D-41500EDF814E} - System32\Tasks\{2CECC419-3185-4263-879A-2621853D38CB} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {35368371-F607-431B-BC0D-9D3DA001A610} - System32\Tasks\{66DCF21F-5280-4728-8542-32379BB633D4} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {361AC1D8-47DA-4691-8BFE-2ECF6480C8B0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => start osppsvc Task: {3743C68F-F141-457F-8A5C-2735B25C02C5} - System32\Tasks\{7CF528BF-3F73-4E38-BBF8-F75F079681B0} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {37A849FF-460C-4E43-987A-71F4B60BE112} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated) Task: {388626EA-9144-4604-83D7-0C21E7E59511} - System32\Tasks\Updater36928.exe => C:\Users\Simon\AppData\Local\Updater36928\Updater36928.exe [2013-08-16] (DownLite) Task: {3A2D0070-A845-441B-8A68-BB541247CEEE} - System32\Tasks\{63C4A481-B6E7-4BB8-9579-D33FE4F43017} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {3A9540D5-6217-48AA-8373-BE7442E53BC5} - System32\Tasks\{CA63422D-3AA8-4FB4-A58F-DE754EA4F48A} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {3AEBA99E-7A35-4C40-BCF2-18ACB1EFDE56} - System32\Tasks\{EBA601F3-AB48-478D-9DE5-F4F923535334} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {3C5EF881-859B-406B-94BE-E6D5A4F541E2} - System32\Tasks\{6242B0C4-45B0-4743-8475-7B58CBF7BEE6} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {404D5A51-CD7C-493A-9371-08AC2F2F1455} - System32\Tasks\{65BDBA74-A190-4D7C-8A3F-B3C22A2BD9E7} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {40566F13-125F-4379-BBFD-6F29BF030DD5} - System32\Tasks\{78979F1F-A14D-41E7-81E6-DF0191AEB43F} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {4075C752-A6FD-4669-8684-3AE955035B17} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation) Task: {40F60C5D-E17A-4175-A818-3B2747B056A4} - System32\Tasks\{CAD80B25-5887-4B73-B574-A95FD7E17A1D} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {42A9B9B9-448C-41BC-B0D3-406B998602F1} - System32\Tasks\{9B4C6D44-BE7C-4827-A746-1FC6737D02ED} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {431BF272-EA99-43B7-A61D-446B44C5E558} - System32\Tasks\{C1DCC9E1-B874-4705-9125-6ACE81602530} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {437C70DB-66BA-48C3-BD40-24BE29A6AF93} - System32\Tasks\{33A71A47-4916-4A99-B2D5-EC7FF71877B0} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {4387745A-1E66-4F13-A9A0-75ADD320572F} - System32\Tasks\{59E39463-5BA0-4D82-BD85-15BB96B8D525} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {43FBFA4B-DA4F-463D-BC91-480B5414DFCD} - System32\Tasks\{C4316CF8-0478-47A5-9E47-5F7DD9C6E13E} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {44DA047A-09D0-4152-ACC9-7339B86C8343} - System32\Tasks\{0D40C300-8278-4C9D-866A-076A83F85EF0} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {4684810B-A3F4-4391-BC7D-AC2389DB0E8E} - System32\Tasks\{FB31E9A4-EC4E-436B-971C-9C64621EB0B3} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {477AA3C6-2EB5-4EB2-80B8-AAABC2721FD5} - System32\Tasks\{E04E25C2-AD03-412E-91BE-ABCE1273BC78} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {47E9C501-DF98-4ED9-9725-98E5C087F501} - System32\Tasks\{13249CCE-B56F-46C7-B536-C346BEA6144E} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {497071DC-51D5-4CFA-9FC0-CF1C3E284196} - System32\Tasks\{6D8A957C-17BC-4939-A1C7-A03E2C603B8A} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {49EC7A86-7AB7-47F5-828F-A1AD84867D2C} - System32\Tasks\{12C63763-7F07-445B-89EA-CE0D9D7920B2} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {4A665397-6691-4ADF-9D3D-82F43F8A02D6} - System32\Tasks\{CFC7AB34-B8EB-491F-80F9-EDCFA8FECEC6} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {4A79653B-6C22-44AD-B6D6-3DD20026FBB9} - System32\Tasks\{D1EC2E45-36F0-4B4B-8211-1328455E165F} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {4ACA2698-4B9C-436E-B954-27B8516DDE0B} - System32\Tasks\{718D0C1B-8210-48F6-B56F-EC87DACB673F} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {4B5165C1-5802-4B28-A2BD-D1DB915DB096} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-12-20] () Task: {4C35BE78-5E5E-4482-90D9-4BA6C03CBF31} - System32\Tasks\{FF98BAF3-10FF-4AE6-BAD6-891A31ECD967} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {4C99D76B-5332-4DCC-8910-77E26D4BDA50} - System32\Tasks\{E7ED3233-747D-4ADE-8243-46EE695FA305} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {4C9B939E-6D6B-422F-BE39-1CBDB55FC5C0} - System32\Tasks\{4D221208-FF24-4204-BD6E-5531EEF48D5D} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {4E542DEA-66ED-43D4-A6DD-EDA2F8D4F81E} - System32\Tasks\{00347F4C-1AF1-4F77-8221-296365F144E1} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {4FCCEEF8-ED30-41E3-9DDA-9E9DC8B8799C} - System32\Tasks\{65B1506F-8C6A-4412-99AE-B36302D1FCF3} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {4FE89EB8-ABA4-4F76-8434-2B4BFE76F29F} - System32\Tasks\{D43640C5-B0B9-4E54-933F-471F4FCBE7FD} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {50293317-B977-42B5-A8DE-BB7B6427F410} - System32\Tasks\{A6466744-5F20-48EE-8BC1-458C9032E93D} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {5038F0E1-5F92-47B2-BDCB-916DAB6C0FD8} - System32\Tasks\{111C3555-C1FB-4BEA-91F7-C8D8B39EE968} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {505BE725-5353-42BD-95CD-9F78589AAB10} - System32\Tasks\{AA1B0BBC-B303-4764-8B29-7806BF7F5A9B} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {50C6E471-438A-423C-9F0D-A08A5904B46B} - System32\Tasks\{86C20303-8C24-4B37-9A0D-C639083F4C93} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {514B08B1-CF8F-4725-9C9E-2094EDF1FF65} - System32\Tasks\{044CD331-EB74-42EB-9B7D-B3B60A687B45} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {519EF1CD-236A-4B14-87BA-0F8D8960D9C5} - System32\Tasks\{6A69C207-2A55-4D3B-83C4-970C955E9186} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {5349D2E1-CA53-4C4C-B193-2538B6579727} - System32\Tasks\{D387AAC5-3EEF-45BF-B693-764EEB70FBEA} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-18] (Mozilla Corporation) Task: {53EDEF82-2080-47C6-A2E9-5280977BC00E} - System32\Tasks\{7815E808-94AE-4E5E-8898-6F8EC72FBD34} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {547226D1-01A6-46A5-A77E-B27DE7F11D8C} - System32\Tasks\{4833C104-09E1-4E13-A93E-940324B0EF9F} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {54910503-93BB-4FA6-8A73-5D4C8685D0B8} - System32\Tasks\{167AEFB8-5F87-4285-8ADC-B01FA24573FD} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {549C3365-A34A-4D0A-BCC9-F0A1540327E3} - System32\Tasks\{D7273D09-F067-4D66-A049-13304E84EC6E} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {54DEF22D-707C-4275-A8C7-BA9EA50B7C5E} - System32\Tasks\{02C92FE4-C53B-4901-BBB4-D17C77468696} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {5576A18D-208F-4461-B6BB-839A8EC5EBD1} - System32\Tasks\{E5527595-0095-4A70-A33F-DE1BC3C6CEE5} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {56AA8437-264F-4E44-901E-34740B784878} - System32\Tasks\{684D4107-E70B-420F-85C0-DF353E0A8653} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {5715B1A0-94DA-4A5E-8C9D-FE208571B59E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\WSCStub.exe [2013-06-03] (Symantec Corporation) Task: {573485C9-3A97-4736-A0C1-97EA7692E3DB} - System32\Tasks\{13B64841-C537-44AC-8986-6ED7A7E8101B} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {57DDBDF9-BB7C-4E66-8882-618932DDC373} - System32\Tasks\{6FA0E5D6-5232-4EC6-8070-555888089953} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {58ACCE7F-3420-4FA7-889D-F1F7282AC57D} - System32\Tasks\{8CBDB430-DEEB-4233-8A03-75D70358B928} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {591BCCEE-B7F9-44D8-AF71-D183144F5D17} - System32\Tasks\{E67FCA38-AEF2-49CF-AAD6-2E08E3901668} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {59C399EF-1473-4063-A12F-24F9D9332BD6} - System32\Tasks\{67A09411-5EBF-420A-93B8-126EDEDA8C9C} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {5A1EB42A-C479-4228-96F8-BA3800F41742} - System32\Tasks\{CF1ADA6D-5FD7-4B3E-A77A-11916A58460E} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {5AAFED41-D3CB-4298-8640-5CD3CD28AB72} - System32\Tasks\{9C38F30B-54AD-4D19-A265-E9B047AD1D98} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {5B61B7F2-14D9-41AF-B946-1C1F8B2A1320} - System32\Tasks\{AA824801-D690-4400-90E5-19D01FEB4AAE} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {5C64355B-F0B6-4E83-89CB-659E48CC357A} - System32\Tasks\{07292CA8-862C-46A8-AFB0-5421A43AD31A} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {5E2DD426-7511-4235-BAD5-F92C9934538B} - System32\Tasks\{CC1518AF-4F7F-4BB3-9607-F5F414F75CFB} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {5E4E0992-1EE9-456C-80EE-6D98F8141F67} - System32\Tasks\{C8BF3CF7-5FE8-426D-A40B-D256DC3A95C5} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {5E820E1C-4536-44FA-9E39-3D361FE0058D} - System32\Tasks\{1D4DBAC5-F385-4A5B-B687-621B08D94B37} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {5E8C7F1F-0C9F-4472-B01F-9974A6B2A8F6} - System32\Tasks\{F35702D6-64C3-4EDD-8A1C-805EF2F74FF6} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {5F3F3ECD-17EF-4DB7-8641-87855C3378CB} - System32\Tasks\{746D9886-890E-4D8F-B8CB-6524D41EC989} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {5F468F7B-92C5-4C94-9AEA-4C67CA5C4602} - System32\Tasks\{91585431-8F24-48B7-B903-B9202B3D7CBB} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {5F852D2C-A708-4120-B068-BCBFD2A4D8CA} - System32\Tasks\{8E33629E-500E-4A55-834C-B027714C307E} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {611DC25A-1564-4B45-AF52-070190A9E8C0} - System32\Tasks\{0C00E193-17BD-41D5-9F69-9996B026709F} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {6127C4DD-41E9-4D94-964D-E27EDEDC839C} - System32\Tasks\{0E1C5968-937F-4E97-86E5-7854BA390320} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {612AD954-AD59-4EAF-8F4E-EE17966AAE80} - System32\Tasks\{2FBB30B0-79D1-4B60-8F6D-1867A72D42DB} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {616A683C-4743-47F3-B782-9AFF1C47979A} - System32\Tasks\{BE50894B-2BD0-46ED-AE51-D07B7EC414C3} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {61830991-07AF-4698-A31D-104BB9D70A66} - System32\Tasks\{7A792347-1143-4BD3-9681-C9A9CE50A7DF} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {61836DBC-553D-48D4-89E8-7032911822D6} - System32\Tasks\{25CB0AB5-EF99-4E75-873C-3DA77FD199B5} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {61A6D846-646F-4400-B3CB-3DE33AA31785} - System32\Tasks\{18BCEE0A-A29D-46B9-A8A1-0CC070808B52} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {621B9DA0-E279-4E47-8555-2F620F51B972} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-22] (Google Inc.) Task: {635E2130-D63F-4DB7-88CD-A6786F2F65FC} - System32\Tasks\{B6444879-FB5F-46FB-BD40-DAE2904E52FB} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {63FEB9D4-C5B6-4374-B827-A2685477CF40} - System32\Tasks\{80E50022-9435-4CC8-8653-E28273A112CE} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {6419C2A1-CCAE-4A61-A127-251FC19ECCE2} - System32\Tasks\{A8EBA46B-4EB8-4CE2-B8D7-61EED038AAF6} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {682E223F-6A56-42D2-BA42-5DC0422EAF8C} - System32\Tasks\{46C1EFAF-C36D-407C-967C-340238742074} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {6B523DD2-4875-46AD-88C8-3B1643ADC501} - System32\Tasks\{F27C7EA3-6499-40C1-A3FF-E24FC2014E4B} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {6D1D2F13-E2E0-4913-878E-5BB34782D145} - System32\Tasks\{9A410BC3-245B-4A77-9FA3-8ABB7891ECD0} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {6F598229-BA03-4FDE-9EDB-ADD538A45AE2} - System32\Tasks\{66723AB1-927E-4393-BF9A-07616D0429CC} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {6FC59502-9514-4DA9-8AFD-C0C6081A5207} - System32\Tasks\{50257B6F-90F8-485A-AC51-52F468DCBD48} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {702155D2-369F-46AA-978B-8C72FCC5EC4E} - System32\Tasks\{0BC6E90D-46AA-4B03-AC09-61F3018CADCF} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {70DB2704-DB7F-4A86-BA9E-093B113ED246} - System32\Tasks\{8A20852E-1EBD-4EA2-B1AE-A33E2801A05E} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {72029B47-172D-4FE3-8934-553C317E11C5} - System32\Tasks\{2B650FBD-47DB-43AA-822A-D0ED91CC973F} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {7277BCA9-4D70-41BB-A5D1-AD7F18703E70} - System32\Tasks\{2D3A55AC-9350-41CD-8A41-FDA469FF92DF} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {74A67F79-A19B-4AA6-931F-63BA7DE81079} - System32\Tasks\{FA01E53E-0425-4034-8B88-A74E7755C016} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {757E3A3A-8898-4282-84B8-1EA9AAF543FC} - System32\Tasks\{F32F30A9-C680-4974-92D1-3363E16F98DB} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {76130C3E-695E-4ECE-8F0F-B28890173193} - System32\Tasks\{C36D236B-5C03-48C7-A32D-2B57D031C02E} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {762BFBC6-EA50-4BC5-824A-9BCABF922DAF} - System32\Tasks\{05D9CB2D-0F97-4BE7-A714-AD22E3AF0515} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {7639A971-07F6-4140-A8C5-5A921D3F9881} - System32\Tasks\{A943B981-EA29-4EA4-84FB-13C13FBCBE7A} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {7651CEAC-664E-4EA9-A947-99E1870705A3} - System32\Tasks\{CB3D4974-D97E-4520-8284-19EF0D2C4C48} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {774ED342-8620-4A5A-86D8-7E70C0CE2262} - System32\Tasks\{44F69761-AA9A-404F-9526-FF1071795EAB} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {77D0D25A-2BAE-46D4-9271-5F3CF8088B6E} - System32\Tasks\{0132E74D-D908-4914-8D91-F6B6FE1F2C07} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {7892F4B0-5A7A-4AC0-9636-4FA209A484DF} - System32\Tasks\{5AD1746B-4994-4B16-A8E5-57298F2850EA} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {79F8E674-5075-4032-8D29-435E3B50730F} - System32\Tasks\{37E1C225-46DE-4D80-B32A-B5B835E83874} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {7A69FED1-C511-4C5F-A435-5F9162C79B79} - System32\Tasks\{4F327D28-55C0-4822-AE34-2E13E5ACFE89} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {7BDD3538-5B2D-4E6C-B587-3BC395FE2CAF} - System32\Tasks\{3178E0B4-2D8B-46A1-A4F1-0ACB1A99C551} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {7C874289-3C30-4348-8992-372D2A34C49C} - System32\Tasks\{86FBF03C-FAB6-4D00-ACF4-0A69B9CF9550} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {7CEAED9D-7178-45AF-B2C4-16E8C4C75B16} - System32\Tasks\{64F5A178-68D0-474A-83EF-B6197F6896A7} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-18] (Mozilla Corporation) Task: {7D04EC41-18D9-4E1F-8592-B1FA4153961B} - System32\Tasks\{A8D2CC4A-CE34-4E4B-922E-C3D5659970ED} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {7D838A45-445A-4BD3-8E47-635688F63D17} - System32\Tasks\{183DBA09-26DE-4F2D-8189-56DC0C84005A} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {7D98D51B-24C1-4439-9028-414E9FBECFEC} - System32\Tasks\{E8E64D8A-A4D4-4B55-922B-C77CB0EB9705} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {7EB5E74F-DB33-47CD-8D80-BC15106853A6} - System32\Tasks\{79CC6F64-B8FE-4938-A57A-94859D447306} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-18] (Mozilla Corporation) Task: {7ED92352-AAE7-4327-970F-9FF16893B6B8} - System32\Tasks\{A932B614-EB87-46B2-8475-7E5F9DD62E57} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {7F1786EB-36A1-48F6-8E66-7948850DC7C5} - System32\Tasks\{96176CCC-BAEF-4076-9023-6FB7D5F39CFA} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {7F340EBE-63F5-4D1C-9A1F-51796B96C785} - System32\Tasks\{C569D5CD-6E67-4C43-B401-381C2FF58CBD} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {80F6055C-6878-4F4D-A004-37DD80071D4D} - System32\Tasks\{199AE634-CB86-4B41-B1C5-E0D563046943} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {811FAC9B-12A0-46C3-A6D6-BA95CBD80B2C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {8162E51D-B935-4C7C-9C21-1F8B8F210F02} - System32\Tasks\{AF861C70-4CA9-4890-95BE-6F0CDDBCEDFB} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {817E341D-9898-4A10-B3CE-A176C77015FB} - System32\Tasks\{318257AE-6561-4325-A7C3-8C755A96F9CA} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-18] (Mozilla Corporation) Task: {81A38E86-B370-4EF5-8485-1C74235AC51F} - System32\Tasks\{F4E6032A-ECB2-4762-90D8-DF1832F2D804} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {81D4BA82-9E55-4474-BE09-0F0394314BAC} - System32\Tasks\{A46BCB6D-D162-44A5-800A-5EB87948CFD0} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {821C4A62-4479-4C9E-B70F-9C25D7331E53} - System32\Tasks\{AECDC0C0-82A3-4BAE-82AD-29F07C809811} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {83989FF3-1B74-41CA-ADC0-59BA11A674BF} - System32\Tasks\{744CEEEA-842F-4DA6-9228-D7E4791648CA} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {83997097-4689-4F2F-BF6F-48FA27E6B99C} - System32\Tasks\{746F0FC5-4B9D-4630-8ECA-60E8F60D38A9} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {8568F2D0-DA82-45A7-A130-1F5DBF699E12} - System32\Tasks\{6C266833-E594-4499-8A46-497C8BEC02AB} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {8912A568-970B-4C69-A850-E2B3CD66EE42} - System32\Tasks\{93D6D95C-A45D-46C7-934B-5EB6CC2EFD8A} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {8942A693-E0B8-45C3-BB8B-6EB9157B6CAA} - System32\Tasks\{03FDDFDD-B1FD-499C-88FF-5ABC0D97D3C2} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {8A819E5C-83F5-4664-9D32-5A5DCA2EB11C} - System32\Tasks\{6425BBC0-0FF3-4B21-A197-9A918290757E} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {8B3F2261-8288-4877-9045-00B06D8CD254} - System32\Tasks\{4FDF4C7E-8B67-4FA6-8E7D-01D625157DAC} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {8BE6B51A-18E3-4838-A491-831FDB78D6DC} - System32\Tasks\{8B5FDAB3-DACA-426B-8030-DB423F4D4B1C} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {8C6D06D1-E75A-4EB2-942A-A5513EE818F7} - System32\Tasks\{B595DAAB-2365-404A-B838-4FBC101CCB65} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {8D17D8D0-489F-4C71-8445-F37B575E3FDF} - System32\Tasks\{4E3E1F75-A749-4100-8CD6-9AC259858A4C} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {8D538FDB-4918-4410-8270-740CB15B956A} - System32\Tasks\{20EA004A-A1D1-4BB3-B94D-CB98B8218EAF} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {8E19C2C5-37F7-43ED-B627-328796DB370D} - System32\Tasks\{7D6F2066-C17F-4C47-96F4-4F277C6C4C03} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {8E496332-CA01-43BE-A1D1-CE266BE8149C} - System32\Tasks\{B9F1658D-7323-4CCE-B866-3DB949E56180} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {8EC18216-6753-436B-8C13-1B1FD752DA83} - System32\Tasks\{5560DD00-C355-4E90-8312-30A4507801FC} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {903A3BE2-AFD5-42F1-8DDE-49D37610D3F9} - System32\Tasks\{B04D8E3B-F679-4E5E-8742-42928E57F651} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {905A3281-9A53-4295-8C23-4F7FD27AE789} - System32\Tasks\{76482FE8-EEE5-472D-BB86-1B7A2AF786D1} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {90F656EA-B9E6-4DA9-A831-F382CC6CF518} - System32\Tasks\{B6AD649C-625C-4094-A684-B4BE88D3D01B} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {91342BF6-45EE-4516-BEF8-961CE4789F1A} - System32\Tasks\{31922A7D-C999-4985-A2A9-137743C5AC7B} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {913DB459-7543-4929-8C1D-0E4DF6D6229F} - System32\Tasks\{1949B973-D9DC-4BF3-9254-EFF06DD056B8} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {91AA02F5-42CC-474A-8055-D95A5ACC29A9} - System32\Tasks\{38EE5F28-61AE-4837-B5E0-FB33B07B0CBC} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {92DA8667-41D7-46E5-9486-7D6BC18D830B} - System32\Tasks\{03751C18-75A6-4F80-AC34-4429A69A600E} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {93131B2F-5C6D-4714-937F-2F6AE82B9B6F} - System32\Tasks\{01158275-2AF7-476F-8BF0-520AED701BFF} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {934E8C22-D575-44A4-98D2-933797E6B285} - System32\Tasks\{9BA39B4B-1F2B-400B-B387-3EE032833909} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {93A061F0-93A3-4000-A9AD-615E8A29CAE0} - System32\Tasks\{0DE8F7D4-4DD5-4BA1-8B9C-30C425EA5749} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {93B5190C-AF9C-479C-A039-1DD3A92C0EF4} - System32\Tasks\{ECA4DBF8-E442-45F0-B0D9-8643BBDE9405} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {954E94B8-0B47-47DB-BC08-DE7DAB91FAA4} - System32\Tasks\{0EA74CF8-9275-453C-8548-1BE2B79995A5} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {95D1C49B-F419-4C5B-AE41-F8FEFB814303} - System32\Tasks\{8B8273B9-2C70-47D4-B609-9DD9908E17AF} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {95D79883-830D-407A-983D-8D90290A3D54} - System32\Tasks\{F71E8908-5E7D-4B15-B3FC-0702C35EE690} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {9703C071-9865-4A40-B944-9F93E4615042} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2012-11-29] (TuneUp Software) Task: {97707394-8F9F-4C48-B647-9853BC7D5724} - System32\Tasks\{1FEAC0DA-8204-43ED-9669-5FAC532FCD12} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {97776FB0-ADE3-4FF2-A7EE-6B2040D2334C} - System32\Tasks\{0DE9800B-B044-4B9B-AB87-28C31DD6CFEB} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {97F587B6-68BC-4199-B8A0-BEB1C44A9757} - System32\Tasks\{D06157DA-FE76-4021-BC52-B8911593B46D} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {9950C019-2DD3-4173-B304-221DE3EFAD25} - System32\Tasks\{E5159F97-4697-4702-8F40-2403B4943917} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {9A09389D-3FE5-4D89-A22E-83CB0C5DFD43} - System32\Tasks\{421DD7FF-034C-4C2B-B3CE-F2C4C0B6A75A} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {9A8D0C8F-AA0D-4375-A2B4-8154DB325478} - System32\Tasks\{D94807D9-5343-4A70-BB2C-5B68D00D966C} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {9AE3E07A-837D-42A2-9B30-DD24590B5048} - System32\Tasks\{B48AE4F1-9F9E-47B0-92EE-7B24AA00B377} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {9AEA7A09-0798-462B-86E1-37B88CA77F83} - System32\Tasks\{43C7538B-3608-4BC1-92B0-210A4CE8125C} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {9B1A1DFA-C859-4A8F-9B49-A575735BD64F} - System32\Tasks\{03C8523B-7B1D-4E85-BD49-B8CB3F299259} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {9B40D1D5-E4F2-458A-B297-59CE1853A5D6} - System32\Tasks\{76F3121F-7C4B-4355-9A24-00B270F85594} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {9BB7CBEF-78AC-41AE-B91B-C7019F44BE13} - System32\Tasks\{AA29C5AC-8372-4DCF-8684-8322E9B1BAD6} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {9C3FC4E9-3D4A-413D-8E56-2181B2312706} - System32\Tasks\{048329AC-E325-4BD4-9B51-265B53218BB3} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {9EC70347-D4D2-464E-A2E6-5E6EE8745FF5} - System32\Tasks\{DAC54CC4-1540-49CE-893F-779FAEEAB04E} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {9FBEFDBB-DF9D-4B5F-82BE-E113FC484E86} - System32\Tasks\{521DBDF3-0AAA-4419-9A02-8215DB032E2E} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {A08096AF-D972-48CC-8194-D2C6F18EC58E} - System32\Tasks\{10790367-A07B-4BB5-8C24-5823FD62184A} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {A0E14CB8-A775-4EEC-B58E-60A02E3BE131} - System32\Tasks\{CC05D105-407A-4613-8899-149D2149E4C7} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {A1EFEFBE-B5E0-43E0-9183-68C2ABC3E7D5} - System32\Tasks\{A1466B53-0C55-4EEF-A728-81482C0DBA91} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {A249D245-EEC2-41DB-ACDE-22993F1480B5} - System32\Tasks\{DD3F58EA-0008-4D0B-81AF-7EEC71A6493B} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {A49BBEED-5CC2-4599-8CF0-B310341CF2E3} - System32\Tasks\{C8DA911F-49FE-4B41-B32D-862BFC764EC8} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {A52F191C-1D71-44FF-88A2-8DBE4564A610} - System32\Tasks\{61F75109-C7AD-45A6-8C33-DAE413E8D4A8} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {A5392547-BB45-403E-B361-1E4AA45BA6EA} - System32\Tasks\{38CF417D-0795-4168-8000-1FD2EA59FFE4} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {A6108C65-A240-4B40-B946-6C83FAC67D3E} - System32\Tasks\{DE8C7D4D-4491-4792-ABA8-BA0A35EC8D61} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {A664A897-0829-47A2-9778-2DAC73B0DE3C} - System32\Tasks\{9F0CDD36-4924-4069-999D-18683A7CE6B2} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {A7D541DC-2C05-481A-BC7B-8AF2DCAAEA4A} - System32\Tasks\{40982CD1-9209-4670-B377-DEEF25534DDC} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {A9CD1B7C-4561-48E8-AF02-67210B3683FD} - System32\Tasks\{7E98588C-093F-416A-8B50-ACD74CB9D098} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {AA1B2E88-0574-4F65-917E-45218615B0B7} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27] (ArcSoft Inc.) Task: {AAE8D49C-C3A0-418E-894A-37BCF99A1BB5} - System32\Tasks\{C1AD0292-2523-4631-884F-8AAB684AF4FE} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {AB22D828-52AF-427F-820A-19742F003A5F} - System32\Tasks\{FDFEF5A0-1B6C-481C-B01B-6C7BCAE6148E} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {AB61AABA-8C36-4744-8850-338E0038D6FD} - System32\Tasks\{6D62B382-8A46-4CAA-A1A6-A683B4E4FD53} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {AD72FF36-1A6A-45D3-8972-7366EC1DE335} - System32\Tasks\{59E8695A-B704-4A4F-9EC5-2F556418D8EA} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {AE29AFE6-37A3-4E1C-ACE8-7887F945F38B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-21] (Microsoft Corporation) Task: {AEAF6E85-8177-46F9-8E5E-CC549F823453} - System32\Tasks\{B6C8BF60-AB5D-4BA5-A567-C0ED4C9B5739} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {AFE23C70-CA8C-4D05-817F-FDB6059B57DE} - System32\Tasks\WPD\SqmUpload_S-1-5-21-1077610589-434635882-1567589071-1003 => C:\Windows\System32\portabledeviceapi.dll [2010-11-21] (Microsoft Corporation) Task: {B0BC4992-114D-4AA6-B7BC-B93DB341C9B5} - System32\Tasks\{A1289F6C-CD6D-4865-8F9E-DB3AC76A0298} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {B3255CF4-D26C-4161-95DE-3B616488EEA8} - System32\Tasks\{1D2F11B1-C1A2-44EE-A35C-D9F26CEFFEFF} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {B3658020-802F-4EB7-901D-1670646348E7} - System32\Tasks\{76EA16A1-AFC3-401B-B70F-E514A29510F4} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {B644ABC3-48F6-4D04-ADF7-D879B2F1DA50} - System32\Tasks\{90817877-0ACB-4989-9E05-1DFD2F746EF6} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {B65B828B-0247-4DBD-939B-2C6F04D25C10} - System32\Tasks\{3BF6519D-49D9-4710-8B6F-36CFC2E3205C} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {B7144D0B-DEE3-45B4-B14B-8601CD887327} - System32\Tasks\{259A95AE-16B2-49C1-9E91-34649C331BED} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {B76D65F9-30A1-483F-B6C4-5C9333F07A13} - System32\Tasks\{B82B1BA7-9879-4DE5-A754-E877A0ADD62C} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {B829AC83-3550-4F4B-BF11-DAFC45A5938F} - System32\Tasks\{3D2F74D3-D263-4389-BA5B-4BF6F3EDD442} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {B954331F-1779-4B01-A27F-9B421FBD63C5} - System32\Tasks\{FEFAB590-A9D2-4D88-BD91-BCC4095A5C63} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {BA001085-A762-44F2-8D6A-DD69DD762337} - System32\Tasks\{5D45DAF5-DD65-4735-857E-ECDE5C1E572C} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {BA62E260-ECEF-4DFE-8B21-96E4756F639F} - System32\Tasks\{55099065-8521-4043-A691-7BFCA1214CCD} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {BB3F92CD-0480-4E9F-AE61-CD1DB19456FB} - System32\Tasks\{607F3B9B-9EFD-46F9-98CF-65C522182D72} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {BC74553D-17F3-4AD8-B2A7-CB786FF2E079} - System32\Tasks\{102907D4-5E97-4C92-93CB-E435BA2D1307} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {BD02BF9E-555E-4509-8D1D-782C534DF4AB} - System32\Tasks\{F1229150-20D5-4A02-A44B-BEE9F59BA9E5} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {BE3318AD-52C6-4194-B662-C2E7AB71E1DA} - System32\Tasks\{E9D5F6B5-31E5-4786-B268-5CA5AB24AB60} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {BF1CCB83-382F-4818-B912-414625B61C24} - System32\Tasks\{5C7D9529-7DD1-4BF0-8899-92F347C466F1} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {C0F4C8FF-83BF-40FE-BB37-76A40C862C4B} - System32\Tasks\{13ACB4F9-8321-4537-A4C4-039646ABCC9F} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {C1DFC0DD-943D-4BBA-8286-90CC54C5F27E} - System32\Tasks\{7E9DC3A7-3FC9-4304-B16A-BD9A319A67B2} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-18] (Mozilla Corporation) Task: {C23F48A9-76EE-4A09-A627-A30EB0053ABE} - System32\Tasks\{D5F2D712-1A15-427C-8E8F-C1578C990D3F} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {C34A5E61-3CEA-43AA-A028-2FA6F4316B3A} - System32\Tasks\{52056E3F-6881-4571-A04E-D866A42528DD} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {C3B31390-6195-4D20-A015-FC38401396DE} - System32\Tasks\{1F447426-9FB0-43CA-82EB-AF5AF10C0FF4} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {C45ECBDA-66E1-4072-AB5B-C6B68FBACA52} - System32\Tasks\{AA724D4C-7D9A-49E2-A2B9-4C563934D635} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {C47F23ED-398B-4DA9-B0C9-FCB75D9101B0} - System32\Tasks\{748E6220-30CE-4244-9E54-6CA14B17E49B} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {C498035A-2062-46B5-A92F-4CFE2CF1D5F3} - System32\Tasks\{7C702F7F-A2DD-47BB-97BA-8A3315FCF05F} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {C5AD19CB-2FEF-4E3D-BAC0-3A267BCF626F} - System32\Tasks\{CDB51A4D-0F86-4995-9D44-2484B1283B18} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-18] (Mozilla Corporation) Task: {C6369B44-F228-47CF-B5C5-A064D3D9C5E6} - System32\Tasks\{571AC3C6-9832-4BD1-AAE0-57482D4345D4} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {C6B9E992-FBD5-401E-AD36-4F694567B8B5} - System32\Tasks\{7B50BCF9-613F-4930-B1DC-C80357F27AEB} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {C720ACCD-24A3-4119-BB11-491ABD06CEAA} - System32\Tasks\{6848AEB2-1DC7-4F64-A818-00C9B3EA2D84} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {C759FDC7-DE56-4407-98D4-9453F6017BD0} - System32\Tasks\{FFFFF9EE-B7A6-4A1B-B3EE-5193FDC55763} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {C75DF8AF-A416-47B3-B07E-E219ED2C0E80} - System32\Tasks\{5CD364C9-A757-40ED-89A7-D8F973610B45} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {C785B9CC-B755-4B59-805C-51C3137E64F8} - System32\Tasks\{59B0B495-38E1-4B53-88D1-59500952F1CD} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {C8B0AA82-F4C7-44D8-AB79-111E6E76B824} - System32\Tasks\{472BD9AC-DE6C-4D72-B20F-33236D136591} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {C8E4EE93-A696-4094-95C4-7B7E6D9B260E} - System32\Tasks\{B69F061C-4297-402B-AEDD-8570EF9C2ABF} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {C8EB6331-3C56-4B50-9BA5-439B0306EF83} - System32\Tasks\{34F698BB-CC7C-41E8-B676-7DE4C23E38AA} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {C92BB24E-3571-4C84-A1A8-A7EA48770873} - System32\Tasks\{E8D5ECC8-D163-48B0-A893-44A3CA4A1FFC} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {C9BA042C-0086-41D2-9EF3-317E8F4E7529} - System32\Tasks\{B7FA6756-2953-4984-9E80-30E210B7D730} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {CA5EAC25-79D6-48CD-BFF3-40FA2447EEC5} - System32\Tasks\{01FA681B-24C5-40E6-B3D7-21F046A624BC} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {CABDB8B5-3FD8-4386-9F13-5CB5550BA35C} - System32\Tasks\{E2993036-697B-46A8-86CB-478C9CD2566F} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {CAF4531B-8EF6-4BA3-9B60-27D51C80A534} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation) Task: {CB308BAC-B321-4A3B-91F6-D448F91D6119} - System32\Tasks\{6D863191-459C-4DFD-AB5A-A8970A8068C4} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {CC2A1FB1-79DD-4B2D-8C49-00AEEE9F13CE} - System32\Tasks\{0416D0DA-7129-4F99-B804-CCD77331597F} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {CC8568CB-02DF-4C0B-A5A6-DEFFD9C5E80C} - System32\Tasks\{9D47AF34-8C71-4E20-A59A-473595513A2F} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {CF0631C3-683C-413E-B5B1-BC27EC0ADEC6} - System32\Tasks\{733451F4-79FC-4FBA-9CF2-F9F9BD5CF3D3} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {CF13F37D-0800-4046-8C57-2A46458A70E9} - System32\Tasks\{B8D0C168-54D5-4C58-B1AA-35656261E930} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {D011D1EB-C522-4FD7-81C6-1702D50BDACE} - System32\Tasks\{F815989C-88D5-49B1-BF00-A746FBA003EC} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {D10C51E0-F399-4F70-91B0-661C3E05A7EE} - System32\Tasks\{22A8A369-2AFC-4A3B-A108-F5E59C351FDA} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {D1BFEAF6-8C84-4336-AA65-45E150DB2744} - System32\Tasks\{DDA35742-60FC-4CB6-965E-0C1425B7E0AB} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {D2156B73-1592-4D78-9FB6-C06EF3B9D9A7} - System32\Tasks\{09EB7B93-55B1-49CA-8FD1-0CDFB5982870} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {D356BF30-6674-46CC-873D-DEE214D7C80B} - System32\Tasks\{CB15F099-60E9-424C-8320-F607E710BEF5} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {D4BBC815-20EB-41D5-9625-15D52A7237BB} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation) Task: {D50A2E66-7494-4F8C-8D1C-97B930FC43A7} - System32\Tasks\{90C6E671-A892-4C9F-A404-5F33A30FD111} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {D53D75F1-8D9E-4B72-A4CB-58B56185443B} - System32\Tasks\{EDE2A608-11A9-4772-863F-1EB0119EF1D4} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {D60083D2-7A6F-4E41-B72E-3D900D128C1B} - System32\Tasks\{228853B9-6BFB-4EF8-9940-77D7B59EED67} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {D6239193-4DD2-4482-B669-88069A6BE321} - System32\Tasks\{98C2F64B-1284-4669-BFA7-CC8770926E76} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {D6A55339-044F-4399-9CF8-BA068191B693} - System32\Tasks\{F1B4D93A-8876-4DAB-90EC-9C7BE11292D3} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {D6CA934C-91AA-4158-94FC-513ED9444861} - System32\Tasks\{8389720D-8128-4E03-BE5E-7740BC91CE93} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-18] (Mozilla Corporation) Task: {D6D8C843-1A07-4EA2-BF07-D8A416A80ABE} - System32\Tasks\{49619330-416C-4659-8937-0EB309F09259} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {D7A16A2F-871F-486B-A792-303C06320A2C} - System32\Tasks\{1AB2B813-7A81-46A5-8403-347D8A1BA241} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {D7B787EA-1FE3-422A-B4E1-57DA9E3F788A} - System32\Tasks\{424B4371-5C1E-4F37-9424-B6F458717610} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {D806B8B3-D9E0-467F-9750-71F3307B4130} - System32\Tasks\{2FE98627-07B4-4817-B56F-77B76C517CFB} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {D852F1A7-B4AF-42B8-BC79-DC1B30180D3A} - System32\Tasks\{946193EE-E73C-4A00-9194-7A6ED069DC83} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {D863F521-64A4-4F80-ADB8-06BE1700DD99} - System32\Tasks\{DFB004DD-9CF3-4ACE-A645-D3C2853B9331} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {D8A2A3B8-5112-41BF-8E2D-D55C19370032} - System32\Tasks\{4EB1817F-AA33-4335-8E59-A4CF3300AEE8} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {D8FF0C6C-B88D-4704-9382-EAB1E37123DB} - System32\Tasks\{1BA75BA8-34D0-43C6-A59E-4046D233CE4F} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {D9E63F05-4136-471B-84E1-03DEF49EB762} - System32\Tasks\{83AB493C-976B-41F2-80B9-7330A8E96F64} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {DA60E2B0-4B05-46B9-91BE-79B5CAE5B3D0} - System32\Tasks\{33A066C9-0FA2-42D0-AF5E-901A7A87DB72} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {DB0C2C57-7B79-4A42-BA08-D6314E61BF92} - System32\Tasks\{4D7B9514-74C6-4EC9-8303-A7900830BD6D} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {DB0EC1E2-7573-4B35-A0E6-BE5D29C5E6A8} - System32\Tasks\{9FA80AD7-88A1-41BE-BA28-3F49792B1D95} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {DD1820BE-7D8C-4675-A71F-456F4450E714} - System32\Tasks\{D90E508C-A0B6-4CA1-A662-279347FE177B} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {DD395129-E7CD-4E68-8325-67BCB7E4CA25} - System32\Tasks\{0F843024-D16E-4EA5-AA93-B543105B8192} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {DDF7E359-1AF0-4050-93BC-FF9221D4E6E3} - System32\Tasks\{17E24633-C87C-4065-8640-8BC9F53B970A} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {DDFD0E9D-F67C-43CB-B5C1-99C9E311F41D} - System32\Tasks\{9C8F6F78-9093-4A56-814A-FF746B935FAC} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {DE61CDC1-4D9B-4605-8049-4B3050B04CA5} - System32\Tasks\{0B384E8E-95F3-4E83-B649-4A1D4EDDD903} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {DE768A56-5F24-4392-AA18-9C9B31903E35} - System32\Tasks\{84E946B0-70AE-4D31-928F-36AA9E50A89E} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {DE859FDF-E95E-48B2-9B8F-D5DCF4B70483} - System32\Tasks\{3CBDC58B-D29B-4E32-96FC-BC2DD6152DE2} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {DF247983-F6D6-467E-A874-58088B033422} - System32\Tasks\{AB624956-ED4A-4731-8E72-172FDEE3AEA0} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {E174E5A6-150F-4CE9-9884-ED02B0A5B87A} - System32\Tasks\{1FED4394-7FB8-4353-9C8C-66DF542007AE} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {E1DF78E9-BF3E-474A-A2F4-2472C07A2215} - System32\Tasks\{A3534C9D-A957-4200-B4D6-C5F99B763D1A} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {E305159F-B7D2-4FF1-9BB4-F22B375DBE24} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {E38B2258-2CCD-4AB1-BBF7-D1F0BC5BC40E} - System32\Tasks\{046CE6B8-35B9-4B52-AE18-8F221DE935EC} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {E38EA328-0662-46A4-8E25-8AB65D9547F3} - System32\Tasks\{14B3267A-43A3-4362-A2B2-AB82C443E8CD} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-18] (Mozilla Corporation) Task: {E51C8B98-3676-44F1-AFED-E0804E332BFE} - System32\Tasks\{121C2E56-2345-4082-93AD-FB43F9C84646} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {E5768325-4369-44B8-BC49-A74F918FF051} - System32\Tasks\{C616E1D1-32DF-49F9-B5A4-4ECA0E7CB551} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {E59D0CC9-F32D-499E-92C8-FB1956BC894B} - System32\Tasks\{667FAB86-AF6E-4748-8575-7BD1B82D9E4B} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {E5D3A1E7-5900-47E4-9021-032C02AEEF15} - System32\Tasks\{E7B1FD8C-EB72-4B46-9770-6CC35C5D03E4} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {E629CC86-1121-4E24-8000-437D026D6B97} - System32\Tasks\{2B82C11D-6012-4B88-8F9D-81F6129B3C99} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {E6563E27-DA04-4792-9110-50D834CBE686} - System32\Tasks\{E9E22E2A-AEB8-4EC9-8B8F-B6F0BB901683} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {E7625093-E05F-41B2-8797-9DD695F1522F} - System32\Tasks\{66805C64-2116-4070-BC84-247B6B3B5617} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {E78D8360-3FA3-4267-9C9F-608DDE492DAD} - System32\Tasks\{816A2267-CC74-4DF5-BA67-B8FF3BA1B1AB} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {E80AD5D6-3E6F-4349-AF1A-6B8D6833F4C7} - System32\Tasks\{5F84A793-D88B-4C8F-885D-EDB5A235633E} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {E83EBD39-6DFA-4320-9DF2-D59BA06AF89D} - System32\Tasks\{F81A8E62-75D3-477C-B443-9745A669586E} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {E855C3D6-50DD-4ED4-A51B-1282302DB147} - System32\Tasks\{69E366AE-047A-4CBB-9B9A-BD98EA8AC4EF} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {E89739C1-2595-485A-9FB6-30B299EAD5C4} - System32\Tasks\{5E029D3B-4CB4-4FDB-AA5D-859AF18A0D91} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {E8B170EC-8EAA-4711-BD40-E80B77EA82E0} - System32\Tasks\{7125AC81-A31C-4E5B-B17B-EDE9112904B3} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {E8DD8971-AB0E-4920-93EA-51BF6AB92371} - System32\Tasks\{2C826C98-3BBE-4233-9730-F31ED9AB1939} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {E928EBF3-4DB9-48EC-BCC4-94A6C4F53856} - System32\Tasks\{D1C3A797-B585-40BE-BC48-45CC9B0A2F42} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {E9711FAA-9A22-4E79-9732-F78CC4CFA376} - System32\Tasks\{973C2003-6977-49D8-8BDF-233B83BC2C19} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {E9A12906-6357-421D-A8FD-21FE47923792} - System32\Tasks\{FDB802CA-BA84-4077-9BC2-E9A44D7ADF3B} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {EB5F7E37-F34F-4FB6-B186-A9CD5B689F21} - System32\Tasks\{10FBF827-B7B7-4EA0-8798-E2199D47D1DB} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {EB769A7E-AE11-4158-8B56-D9181F604023} - System32\Tasks\WPD\SqmUpload_S-1-5-21-1077610589-434635882-1567589071-1004 => C:\Windows\System32\portabledeviceapi.dll [2010-11-21] (Microsoft Corporation) Task: {ED827C86-7D88-47B1-AA4B-903626936718} - System32\Tasks\{BBA4889A-1EA9-4CC2-8887-38E0546EC706} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {EF60745A-412C-4B36-B688-E5581D9EE11E} - System32\Tasks\{18D49608-2B08-4040-A2BC-8C315DD12724} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {F02590B5-DDC5-4951-9375-B348B786A6F3} - System32\Tasks\{7FFC20FB-C94E-493B-AF6F-47AC5C1E7BEA} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {F059776D-7E79-4079-A2A3-907A951728E6} - System32\Tasks\{0B043E3D-BE33-4D86-A11B-BCB56BC81607} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {F0D93801-6700-40D9-96CC-7025E9427DE6} - System32\Tasks\{0C228C41-3C2C-4882-8214-5184F25A0B8A} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {F1AEB1FF-ACBE-4E26-98C2-036235E5365B} - System32\Tasks\{30589B0B-6A56-45AB-BCF3-5C20697C57E0} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {F484B7DE-9946-465C-93A7-FEBFEB3CAD32} - System32\Tasks\{4CCAD6ED-2820-4C82-AC80-3FCE0046B7C6} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {F494C337-5D05-448D-8146-D5FA3F5974E9} - System32\Tasks\{C53B57C4-936B-4EA9-92AC-69B576BC5436} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {F71E213E-7EE8-4698-A533-3CFD00344E74} - System32\Tasks\{648A005A-F936-4A1E-99E7-520B37258D91} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {F71E2459-07B5-46BA-86F4-45A3FBB5C6E9} - System32\Tasks\{DF543961-FEC7-4640-A744-8C7A26FE6347} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {F89CBA53-6288-4EA2-A798-A3365E61F2A9} - System32\Tasks\{00A33F6E-BCA3-4107-B212-0BE5BB76EF0D} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {F8EAB2B2-9259-4D04-ABBE-99382F9457D8} - System32\Tasks\{2D130BC5-62E8-400B-BC4A-F40D4E08BF9C} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {F94EECF9-5C44-4B7C-A57E-30FEE3A9E790} - System32\Tasks\{ECEF11AF-80D3-4C0E-A714-3094C0A96667} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {F9F8704B-A191-4C2A-9F23-EF86C5137967} - System32\Tasks\{5F3741BA-4BD5-4A31-AF7D-68FCAA3E7B4F} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {FA262C41-A752-4EE1-AE78-36D229E40241} - System32\Tasks\{D091599C-F448-4490-94BB-D3FAF7CE9606} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {FA34C009-BF15-462D-93DE-F69869C2D3FF} - System32\Tasks\{7F9E4D48-8F16-4406-91C3-18611703BB37} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {FAE733EC-8C42-4BE9-885C-791ADA5FAF91} - System32\Tasks\{CA8C1ACE-15D1-44C8-ADA7-29D545CCE53C} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {FB171B47-117D-4742-8DBD-498DE4207D06} - System32\Tasks\{F3D27BBF-C389-4C5F-B0E9-BE4C24A303EF} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {FBB22C83-7942-4F89-9736-6876D32459B5} - System32\Tasks\{B64D0B90-E3F7-4FE9-94EC-03AAE95A9F94} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {FBB5EF53-2C8D-4560-B727-1359ACA31337} - System32\Tasks\{4742ECF9-537C-4B59-B82A-8350CCE50920} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {FBD7D7A1-1392-48D8-918F-12885826E89E} - System32\Tasks\{3CE69703-1C48-4AAE-AD37-85E8FA82ABD8} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {FC104E38-2FAD-495D-B9F8-29ED795C5AA0} - System32\Tasks\{EE4EBC68-1CF9-4FEA-BF93-FA247AFA37E4} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {FD7D848B-C138-4472-8045-6C8EAD71C065} - System32\Tasks\{6D8A4024-18F8-45D5-A1FD-C7DB79F2012A} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {FDAC7583-F8A7-48CF-A1C6-42A60E40B852} - System32\Tasks\{6A29C121-5B05-4EEC-8B37-D5A3355627D8} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {FEC1BE0A-C308-4494-9E2B-2A05F776EBDB} - System32\Tasks\{0DA2DC29-6323-4F5E-877B-DB52255BD0E3} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: {FF90C33D-8EEB-48B4-981C-0CC8D3E6C787} - System32\Tasks\{8A1A15BC-3657-4E8E-A947-C38195D6A697} => C:\Program Files\Internet Explorer\iexplore.exe [2013-07-26] (Microsoft Corporation) Task: {FFA2878A-AB80-4D31-AD82-210C6984EDDC} - System32\Tasks\{54250D43-179C-4D97-BD81-7435051B73A3} => C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [2013-07-26] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2009-07-14 02:18 - 2009-07-14 03:38 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\imaadp32.acm 2009-07-14 02:18 - 2009-07-14 03:38 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\msg711.acm 2009-07-14 02:18 - 2009-07-14 03:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\msgsm32.acm 2009-07-14 02:18 - 2009-07-14 03:38 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\msadp32.acm 2009-07-14 02:22 - 2009-07-14 03:38 - 00081408 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm 2011-11-23 20:20 - 2011-10-13 21:52 - 00040960 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll 2011-11-23 20:20 - 2011-10-13 22:33 - 00892416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll 2011-11-23 20:20 - 2011-10-13 22:16 - 05041664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll 2013-05-25 02:36 - 2013-05-25 02:36 - 00164016 _____ (Dropbox, Inc.) C:\Users\Simon\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll 2012-08-16 06:51 - 2012-08-16 06:51 - 06670496 _____ (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL 2012-11-26 04:02 - 2012-11-26 04:02 - 00176456 _____ (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.DLL 2011-03-17 01:07 - 2011-03-17 01:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-29 05:01 - 2010-10-29 05:01 - 08953768 _____ (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\1031\GrooveIntlResource.dll 2013-08-08 21:37 - 2013-05-28 20:41 - 02656592 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.4.0.40\buShell.dll 2013-08-08 21:37 - 2013-05-20 22:44 - 01060232 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.4.0.40\ccL120U.dll 2013-08-08 21:37 - 2013-05-22 23:25 - 00114056 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.4.0.40\EFACli64.dll 2010-11-21 05:23 - 2010-11-21 05:23 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll 2010-03-18 23:27 - 2010-03-18 23:27 - 00048456 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\fusion.dll 2013-04-26 06:36 - 2013-04-26 06:36 - 09797768 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll 2010-03-18 23:27 - 2010-03-18 23:27 - 00827744 _____ (Microsoft Corporation) C:\Windows\system32\MSVCR100_CLR0400.dll 2013-08-08 21:37 - 2013-05-20 22:44 - 00119176 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.4.0.40\ccVrTrst.dll 2013-08-08 21:37 - 2013-05-20 22:44 - 00475528 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.4.0.40\ccSet.dll 2011-10-09 21:50 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2011-10-09 21:50 - 2011-08-16 14:43 - 03200104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2009-07-14 01:19 - 2009-07-14 03:41 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\ktmw32.dll 2009-07-14 01:46 - 2009-07-14 03:41 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\tschannel.dll 2013-07-11 02:53 - 2013-04-24 00:56 - 09991832 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll 2013-07-11 04:50 - 2013-07-11 04:50 - 15577088 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\88744044294787b99dd4a8704ab75a79\mscorlib.ni.dll 2013-01-09 23:31 - 2012-10-05 12:52 - 01574496 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll 2013-08-15 03:42 - 2013-08-15 03:42 - 10655744 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System\af0a0b96a02f9925eb84392ee65a5cfa\System.ni.dll 2013-08-15 03:43 - 2013-08-15 03:43 - 02320384 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\868d117286ad259249f31d3fe813d39a\System.Drawing.ni.dll 2013-08-15 03:43 - 2013-08-15 03:43 - 17383424 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\95674cb72317e3a5380ea450b913786f\System.Windows.Forms.ni.dll 2011-05-05 19:19 - 2010-11-13 02:08 - 00315392 _____ (Microsoft Corporation) C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll 2013-08-15 03:44 - 2013-08-15 03:44 - 01022976 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\bda1d99ab089bb2f18a48ba06d5a4923\System.Runtime.Remoting.ni.dll 2013-08-15 03:44 - 2013-08-15 03:44 - 15270912 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\c804ef4dba76d2aa3db8d22ec5fbf4e0\System.Web.ni.dll 2013-08-15 03:48 - 2013-08-15 03:48 - 03073536 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll 2011-10-07 12:23 - 2011-10-07 12:23 - 00004608 _____ () C:\Program Files (x86)\watchmi\de\TvdTray.resources.dll 2013-08-15 03:42 - 2013-08-15 03:42 - 01320448 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\1031b311ee568364d4ca1c4db634eaf0\System.Configuration.ni.dll 2013-08-15 03:42 - 2013-08-15 03:42 - 06964736 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\3975acf49313ceea1280da91f0383480\System.Xml.ni.dll 2012-01-21 15:53 - 2012-01-21 15:53 - 00058880 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\2.7.0.12__f722db7bec59a14b\Tvd.Remote.dll 2013-08-15 03:44 - 2013-08-15 03:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\bcdc7d59f3f8ed743115a7e706e6232a\System.ServiceProcess.ni.dll 2013-08-15 03:48 - 2013-08-15 03:48 - 23913472 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\0d80cb6532964836205c8aa9eaadb252\System.ServiceModel.ni.dll 2013-08-15 03:48 - 2013-08-15 03:48 - 01445376 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\c7bd02bd6b769ada12cb86ec98e3b853\System.IdentityModel.ni.dll 2013-08-15 03:48 - 2013-08-15 03:48 - 00349184 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\866066edf3131203ffed980bf90092d8\SMDiagnostics.ni.dll 2013-05-16 04:47 - 2013-04-13 07:49 - 00308736 _____ (Microsoft Corporation) C:\Windows\AppPatch\AppPatch64\AcGenral.DLL 2009-04-22 22:13 - 2009-04-22 22:13 - 00045056 _____ (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll 2010-03-04 10:27 - 2010-03-04 10:27 - 00016384 _____ (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll 2011-11-23 20:20 - 2011-10-13 22:31 - 00466944 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll 2013-08-15 03:43 - 2013-08-15 03:43 - 04962816 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\ae3db946d20bb0ad28cf588eef06ecf0\WindowsBase.ni.dll 2009-01-20 23:51 - 2009-01-20 23:51 - 00007168 _____ ( ) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atixclib.dll 2013-08-15 03:43 - 2013-08-15 03:43 - 16542720 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\455f1bf19319ef1c59b3e0c1e45c1c9c\PresentationCore.ni.dll 2013-08-15 03:44 - 2013-08-15 03:44 - 19197952 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\90ad207864957bd667f551bdd1c39ada\PresentationFramework.ni.dll 2013-07-11 02:53 - 2013-04-20 00:54 - 02256032 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll 2011-06-21 16:31 - 2010-11-13 01:26 - 00434176 _____ (Microsoft Corporation) C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll 2011-10-14 03:01 - 2011-10-14 03:01 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2011-11-23 20:20 - 2011-10-13 21:51 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll 2011-11-23 20:20 - 2011-10-13 22:00 - 05510144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll 2011-11-23 20:20 - 2011-10-13 22:19 - 04042752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll 2013-07-11 04:53 - 2013-07-11 04:53 - 00463360 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\56d7206478a1eb28089a8efbdf921bf2\PresentationFramework.Aero.ni.dll 2011-03-11 11:19 - 2011-03-11 11:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll 2011-03-11 11:19 - 2011-03-11 11:19 - 00212992 _____ (Microsoft Corporation) C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll 2013-08-15 03:48 - 2013-08-15 03:48 - 03315712 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\296ad113496c7e97a1689ffef9550b19\System.Core.ni.dll 2009-07-14 03:01 - 2009-06-10 22:31 - 01165664 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll 2009-07-14 01:39 - 2009-07-14 03:41 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\msctfui.dll 2013-08-15 03:52 - 2013-08-15 03:52 - 00329216 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\fffa833a307c3ad981d98b81311f2ad3\WindowsFormsIntegration.ni.dll 2013-08-08 22:44 - 2013-05-20 22:41 - 00290232 _____ (Symantec Corporation) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\BASHDefs\20130715.001\UMEngx86.dll 2013-08-08 21:37 - 2013-05-20 22:44 - 00705928 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccL120U.dll 2013-08-08 21:37 - 2013-05-20 22:44 - 00089480 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccVrTrst.dll 2013-08-08 21:37 - 2013-05-22 23:25 - 00086408 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\EFACli.dll 2013-08-08 21:37 - 2013-05-20 22:44 - 00157576 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvc.dll 2013-08-08 21:37 - 2013-05-20 22:40 - 00410576 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\srtsp32.dll 2013-08-08 21:37 - 2013-05-20 22:44 - 00159624 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccIPC.dll 2013-08-08 21:37 - 2013-06-03 22:43 - 00548688 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360 PREMIER EDITION\ENGINE\20.4.0.40\NPCTRAY.DLL 2013-08-08 21:37 - 2013-05-20 22:44 - 00345480 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSet.dll 2013-08-08 21:37 - 2013-06-03 22:43 - 00962384 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\uiMain.dll 2013-08-08 21:37 - 2013-05-28 01:42 - 02430800 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\SYMHTMDX.DLL 2013-08-08 21:37 - 2013-05-29 19:22 - 00320816 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\diStRptr.dll 2013-08-08 21:37 - 2013-05-29 20:13 - 01337136 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\MClnTask.dll 2013-08-13 22:01 - 2013-06-28 07:17 - 01849168 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\isDataPr.dll 2013-08-08 21:37 - 2013-06-03 22:42 - 00548176 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360 PREMIER EDITION\ENGINE\20.4.0.40\ASHELPER.DLL 2013-08-08 21:37 - 2013-06-03 22:42 - 00579408 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360 PREMIER EDITION\ENGINE\20.4.0.40\ASOEHOOK.DLL 2013-08-08 21:37 - 2013-06-03 22:42 - 00537424 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360 PREMIER EDITION\ENGINE\20.4.0.40\AVPAPP32.DLL 2013-08-08 21:37 - 2013-05-20 16:50 - 00932176 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\cltPE.dll 2013-08-13 22:00 - 2013-07-03 23:42 - 00821552 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\naHelper.dll 2013-08-08 21:37 - 2013-05-23 20:09 - 00502664 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\AVIfc.dll 2013-08-08 21:37 - 2013-05-20 22:44 - 00401288 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccJobMgr.dll 2013-08-08 21:37 - 2013-05-30 19:46 - 00999760 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coDataPr.dll 2013-08-08 21:37 - 2013-05-30 19:48 - 00551760 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coShdObj.dll 2013-08-08 21:37 - 2013-06-03 22:42 - 00145744 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\isPwd.dll 2013-08-08 21:37 - 2013-05-28 20:41 - 00263504 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360 PREMIER EDITION\ENGINE\20.4.0.40\BUUIPLG.DLL 2013-08-08 21:37 - 2013-05-20 16:50 - 01035088 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\cltLMS.dll 2013-08-08 21:37 - 2013-05-20 22:44 - 00289160 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccGEvt.dll 2013-08-08 21:37 - 2013-05-28 20:41 - 00272208 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\buDataCl.dll 2013-08-08 21:37 - 2013-05-20 16:50 - 02651472 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360 PREMIER EDITION\ENGINE\20.4.0.40\CLTALDIS.DLL 2013-08-08 21:37 - 2013-06-10 19:10 - 00629072 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\MUI\20.4.0.40\07\01\cltRes.loc 2013-08-08 21:37 - 2013-05-29 19:22 - 00556336 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\diMaster.dll 2013-08-08 21:37 - 2013-06-03 22:42 - 00528208 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360 PREMIER EDITION\ENGINE\20.4.0.40\FWSESAL.DLL 2013-08-08 21:37 - 2013-05-28 20:41 - 00442192 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\buComm.dll 2013-08-08 21:37 - 2013-05-28 11:52 - 01439056 ____R (SwapDrive, Inc.) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\BuEng.dll 2013-08-08 21:37 - 2013-04-23 03:02 - 00115536 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\tuDataPr.dll 2013-08-08 21:37 - 2013-05-30 19:48 - 01397584 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360 PREMIER EDITION\ENGINE\20.4.0.40\COACTMGR.DLL 2013-08-08 21:37 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON 360 PREMIER EDITION\ENGINE\20.4.0.40\wincfi39.dll 2013-08-08 21:37 - 2013-05-29 20:13 - 01078576 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\DataStor.dll 2013-08-08 21:37 - 2013-05-29 20:13 - 00965936 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\Comm.dll 2013-08-08 21:37 - 2013-06-03 22:43 - 00502608 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360 PREMIER EDITION\ENGINE\20.4.0.40\NUEX.DLL 2013-08-08 21:37 - 2013-06-03 22:43 - 00243024 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360 PREMIER EDITION\ENGINE\20.4.0.40\QSPLUGIN.DLL 2013-08-08 21:37 - 2012-05-15 03:27 - 00588216 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360 PREMIER EDITION\ENGINE\20.4.0.40\SDKCMN.DLL 2013-08-08 21:37 - 2013-06-03 22:43 - 00916304 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360 PREMIER EDITION\ENGINE\20.4.0.40\UIALERT.DLL 2013-08-08 21:37 - 2013-05-29 20:13 - 00028464 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360 PREMIER EDITION\ENGINE\20.4.0.40\USERCTXT.DLL 2013-08-08 21:37 - 2013-06-03 22:42 - 00408400 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\AvScnTsk.dll 2013-08-08 21:37 - 2013-06-03 22:42 - 00612688 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\MCUI.dll 2013-08-08 21:37 - 2013-04-23 03:02 - 00107856 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\tuMCFPlg.dll 2013-08-08 21:37 - 2013-05-20 22:44 - 00207240 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccGLog.dll 2013-08-08 21:37 - 2013-06-03 22:42 - 00712528 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\NAVLogV.dll 2013-08-08 21:37 - 2013-06-03 22:42 - 00372560 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\fwMCPlug.dll 2013-08-08 21:37 - 2013-05-28 20:41 - 00129872 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\buMC.dll 2013-08-08 21:37 - 2013-05-30 19:48 - 00122192 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coMCPlug.dll 2013-08-08 21:37 - 2013-06-03 22:42 - 03857232 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\NCW.dll 2013-08-08 21:37 - 2013-05-20 22:44 - 00324488 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccsubeng.dll 2013-08-08 21:37 - 2013-06-03 22:42 - 00183120 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\FWHelper.dll 2013-08-08 21:37 - 2013-04-24 18:43 - 00240560 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\SymNeti.dll 2013-08-08 21:37 - 2013-05-23 20:09 - 00284552 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\AppMgr32.dll 2013-05-25 02:36 - 2013-05-25 02:36 - 00130736 _____ (Dropbox, Inc.) C:\Users\Simon\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll 2012-08-16 06:43 - 2012-08-16 06:43 - 04171424 _____ (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL 2011-10-09 22:12 - 2011-10-09 22:12 - 00159048 _____ (Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.DLL 2011-03-17 01:11 - 2011-03-17 01:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-29 05:01 - 2010-10-29 05:01 - 08953256 _____ (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\1031\GrooveIntlResource.dll 2009-11-06 02:40 - 2009-11-06 02:40 - 00122152 ____N (Microsoft Corporation) C:\Program Files (x86)\CyberLink\PowerRecover\oledlg.dll 2009-12-18 08:31 - 2009-12-18 08:31 - 01052968 ____N (Microsoft Corporation) C:\Program Files (x86)\CyberLink\PowerRecover\MFC71U.DLL 2009-03-17 16:44 - 2009-03-17 16:44 - 00102400 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Program Files (x86)\NETGEAR\WN111v2\W32N55.dll 2011-10-09 22:12 - 2011-10-09 22:12 - 01101824 _____ (Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL 2011-10-09 22:12 - 2011-10-09 22:12 - 00065536 _____ (Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80DEU.DLL 2013-07-11 02:53 - 2013-04-24 00:57 - 05932696 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll 2013-07-11 04:54 - 2013-07-11 04:54 - 11499520 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll 2013-01-09 23:31 - 2012-10-05 12:53 - 00364656 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll 2013-08-15 03:45 - 2013-08-15 03:45 - 07989760 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll 2013-08-15 03:52 - 2013-08-15 03:52 - 00492032 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\97ce162bb354fcf9c8d9eae8252ee216\IAStorUtil.ni.dll 2013-08-15 03:46 - 2013-08-15 03:46 - 01593344 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll 2013-08-15 03:46 - 2013-08-15 03:46 - 12436480 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll 2013-08-15 03:46 - 2013-08-15 03:46 - 00978432 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8f7d83126a3cf283e5ac97f2d6d99f12\System.Configuration.ni.dll 2013-08-15 03:46 - 2013-08-15 03:46 - 05464064 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll 2011-08-22 18:03 - 2011-05-20 19:06 - 00032768 _____ (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\de-DE\IAStorIcon.resources.dll 2011-08-22 18:03 - 2011-05-20 19:05 - 01318912 _____ (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll 2011-08-22 18:03 - 2011-05-20 19:06 - 00004608 _____ (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\de-DE\IntelVisualDesign.resources.dll 2013-08-15 03:47 - 2013-08-15 03:47 - 00771584 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\dd8f4efb7e81c75fe444a180f6f1aacf\System.Runtime.Remoting.ni.dll 2011-03-11 11:19 - 2011-03-11 11:19 - 00032768 _____ (Microsoft Corporation) C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll 2010-11-21 05:24 - 2010-11-21 05:24 - 00572760 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll 2013-08-15 03:46 - 2013-08-15 03:46 - 03348480 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1f6f220f9efe936d1158c79b9d4b451f\WindowsBase.ni.dll 2013-07-11 05:00 - 2013-07-11 05:00 - 00014336 _____ (Intel Corp.) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\22d36f517c7545fdb65ccddae680a3eb\IAStorCommon.ni.dll 2011-08-22 18:03 - 2011-05-20 19:05 - 00174592 _____ (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUIHelper.dll 2013-08-15 03:47 - 2013-08-15 03:47 - 11833344 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\40b43527d6fdbeb6e905a7b6123f3a42\System.Web.ni.dll 2011-06-11 02:15 - 2011-06-11 02:15 - 05601616 _____ (Microsoft Corporation) C:\Windows\system32\mfc100u.dll 2011-06-11 02:15 - 2011-06-11 02:15 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\MSVCR100.dll 2011-06-11 02:15 - 2011-06-11 02:15 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\MSVCP100.dll 2011-06-11 02:15 - 2011-06-11 02:15 - 00064336 _____ (Microsoft Corporation) C:\Windows\system32\MFC100DEU.DLL 2013-06-30 19:40 - 2013-06-30 19:40 - 01224192 _____ () C:\Program Files (x86)\MagniPic\assistant.dll 2013-08-18 20:12 - 2013-08-18 20:12 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2009-07-14 01:50 - 2009-07-14 03:32 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\security.dll 2012-11-14 01:32 - 2012-11-14 01:32 - 03558400 _____ (wxWidgets development team) C:\Users\Simon\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll 2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\Simon\AppData\Roaming\Dropbox\bin\libcef.dll 2013-03-13 22:48 - 2013-03-13 22:48 - 09956864 _____ (The ICU Project) C:\Users\Simon\AppData\Roaming\Dropbox\bin\icudt.dll 2011-08-22 19:36 - 2010-05-26 20:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\d3dcompiler_43.dll 2011-08-22 19:36 - 2010-05-26 20:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_43.dll 2013-08-21 09:01 - 2013-08-21 09:01 - 16166280 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ==================== Alternate Data Streams (whitelisted) ========== AlternateDataStreams: C:\Users\Bettina\Desktop\Information über den Bezug von Familienbeihilfe und Kinderabsetzbetrag.url:favicon AlternateDataStreams: C:\Users\Lukas\Thumbs.db:encryptable ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/03/2013 00:17:14 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/03/2013 03:01:26 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT) Description: Product: Skype™ 5.10 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeSetup_5.8.0.156.msi Error: (09/03/2013 03:00:14 AM) (Source: VSS) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-1077610589-434635882-1567589071-1000.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig. . Vorgang: OnIdentify-Ereignis Generatordaten werden gesammelt Kontext: Ausführungskontext: Shadow Copy Optimization Writer Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {c0e9ce36-f576-4dda-97b9-9b5bdd915217} Error: (09/02/2013 07:12:48 PM) (Source: CVHSVC) (User: ) Description: Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Error: (09/02/2013 07:02:52 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/02/2013 04:18:14 PM) (Source: ESENT) (User: ) Description: WinMail (4468) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde. Error: (09/02/2013 04:18:05 PM) (Source: ESENT) (User: ) Description: WinMail (15620) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde. Error: (09/02/2013 04:17:30 PM) (Source: Microsoft-Windows-User Profiles Service) (User: Familien-PC) Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren. Error: (09/02/2013 04:17:30 PM) (Source: Microsoft-Windows-User Profiles Service) (User: Familien-PC) Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden. Error: (09/02/2013 04:17:30 PM) (Source: Microsoft-Windows-User Profiles Service) (User: Familien-PC) Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigtes lokales Profil. Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. |
|
03.09.2013, 14:18
| #5 |
| | Bei Browsernutzung lande ich ständig auf Werbeseiten und auf http://s.mgkaxjfwfc.com/s73bc5wskpmgwwcowokg0w0os4 System errors: ============= Error: (09/03/2013 00:16:07 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet: %%577 Error: (09/03/2013 00:16:07 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: %%577 Error: (09/03/2013 11:06:28 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (09/03/2013 11:06:28 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (09/03/2013 03:02:07 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Skype 5.10 für Windows (KB2727727) Error: (09/02/2013 07:02:02 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet: %%577 Error: (09/02/2013 07:01:57 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: %%577 Error: (09/02/2013 04:35:46 PM) (Source: Disk) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR14 gefunden. Error: (09/02/2013 04:35:45 PM) (Source: Disk) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR14 gefunden. Error: (09/02/2013 04:35:45 PM) (Source: Disk) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR14 gefunden. Microsoft Office Sessions: ========================= Error: (09/03/2013 00:17:14 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/03/2013 03:01:26 AM) (Source: MsiInstaller)(User: NT-AUTORITÄT) Description: Product: Skype™ 5.10 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeSetup_5.8.0.156.msi(NULL)(NULL)(NULL)(NULL)(NULL) Error: (09/03/2013 03:00:14 AM) (Source: VSS)(User: ) Description: ConvertStringSidToSid(S-1-5-21-1077610589-434635882-1567589071-1000.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig. Vorgang: OnIdentify-Ereignis Generatordaten werden gesammelt Kontext: Ausführungskontext: Shadow Copy Optimization Writer Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {c0e9ce36-f576-4dda-97b9-9b5bdd915217} Error: (09/02/2013 07:12:48 PM) (Source: CVHSVC)(User: ) Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Error: (09/02/2013 07:02:52 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/02/2013 04:18:14 PM) (Source: ESENT)(User: ) Description: WinMail4468WindowsMail0: Error: (09/02/2013 04:18:05 PM) (Source: ESENT)(User: ) Description: WinMail15620WindowsMail0: Error: (09/02/2013 04:17:30 PM) (Source: Microsoft-Windows-User Profiles Service)(User: Familien-PC) Description: Error: (09/02/2013 04:17:30 PM) (Source: Microsoft-Windows-User Profiles Service)(User: Familien-PC) Description: Error: (09/02/2013 04:17:30 PM) (Source: Microsoft-Windows-User Profiles Service)(User: Familien-PC) Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. CodeIntegrity Errors: =================================== Date: 2013-09-03 12:16:07.592 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-09-03 12:16:07.546 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-09-03 12:16:07.249 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-09-03 12:16:07.171 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-09-02 19:02:02.095 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-09-02 19:02:02.033 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-09-02 19:01:57.447 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-09-02 19:01:57.157 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-08-17 12:18:01.044 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-08-17 12:18:01.002 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Percentage of memory in use: 52% Total physical RAM: 4077.64 MB Available physical RAM: 1932.47 MB Total Pagefile: 8153.46 MB Available Pagefile: 5475.09 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:11.34 GB) NTFS Drive d: (Recover) (Fixed) (Total:50 GB) (Free:30.66 GB) NTFS Drive e: (CTH_V800C) (CDROM) (Total:0.42 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 466 GB) (Disk ID: 1E2B13A9) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=415 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=1 GB) - (Type=12) ==================== End Of Log ============================ Gmer - Datei: GMER Logfile: Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-09-03 15:09:26
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.JC2O 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Simon\AppData\Local\Temp\kglcakod.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 728 fffff800035f40b8 12 bytes [80, 49, B7, 0D, A0, F8, FF, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 743 fffff800035f40c7 8 bytes [00, 00, 00, 00, 00, 00, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe[1488] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 000000007782fcb0 5 bytes JMP 000000010010091c
.text C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe[1488] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007782fe14 5 bytes JMP 0000000100100048
.text C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe[1488] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent 000000007782fea8 5 bytes JMP 00000001001002ee
.text C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe[1488] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 0000000077830004 5 bytes JMP 00000001001004b2
.text C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe[1488] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077830038 5 bytes JMP 00000001001009fe
.text C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe[1488] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread 0000000077830068 5 bytes JMP 0000000100100ae0
.text C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe[1488] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 0000000077830084 5 bytes JMP 000000010002004c
.text C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe[1488] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant 000000007783079c 5 bytes JMP 000000010010012a
.text C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe[1488] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 000000007783088c 5 bytes JMP 0000000100100758
.text C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe[1488] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 00000000778308a4 5 bytes JMP 0000000100100676
.text C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe[1488] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 0000000077830df4 5 bytes JMP 00000001001003d0
.text C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe[1488] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread 0000000077831920 5 bytes JMP 0000000100100594
.text C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe[1488] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 0000000077831be4 5 bytes JMP 000000010010083a
.text C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe[1488] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread 0000000077831d70 5 bytes JMP 000000010010020c
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 000000007782fcb0 5 bytes JMP 000000010011091c
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007782fe14 5 bytes JMP 0000000100110048
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent 000000007782fea8 5 bytes JMP 00000001001102ee
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 0000000077830004 5 bytes JMP 00000001001104b2
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077830038 5 bytes JMP 00000001001109fe
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread 0000000077830068 5 bytes JMP 0000000100110ae0
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 0000000077830084 5 bytes JMP 000000010002004c
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant 000000007783079c 5 bytes JMP 000000010011012a
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 000000007783088c 5 bytes JMP 0000000100110758
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 00000000778308a4 5 bytes JMP 0000000100110676
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 0000000077830df4 5 bytes JMP 00000001001103d0
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread 0000000077831920 5 bytes JMP 0000000100110594
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 0000000077831be4 5 bytes JMP 000000010011083a
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread 0000000077831d70 5 bytes JMP 000000010011020c
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\syswow64\USER32.dll!RecordShutdownReason + 882 0000000076af1492 7 bytes JMP 000000010012059e
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\sechost.dll!SetServiceObjectSecurity + 206 000000007561524f 7 bytes JMP 0000000100110f52
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigA + 380 00000000756153d0 7 bytes JMP 0000000100120210
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 149 0000000075615677 1 byte JMP 0000000100120048
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 151 0000000075615679 5 bytes {JMP 0xffffffff8ab0a9d1}
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\sechost.dll!CreateServiceA + 542 000000007561589a 7 bytes JMP 0000000100110ca6
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\sechost.dll!CreateServiceW + 382 0000000075615a1d 7 bytes JMP 00000001001203d8
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\sechost.dll!QueryServiceConfigW + 370 0000000075615c9b 7 bytes JMP 000000010012012c
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\sechost.dll!ControlServiceExA + 231 0000000075615d87 7 bytes JMP 00000001001202f4
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1700] C:\Windows\SysWOW64\sechost.dll!I_ScBroadcastServiceControlMessage + 123 0000000075617240 7 bytes JMP 0000000100110e6e
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1740] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 000000007782fcb0 5 bytes JMP 000000010018091c
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1740] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007782fe14 5 bytes JMP 0000000100180048
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1740] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent 000000007782fea8 5 bytes JMP 00000001001802ee
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1740] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 0000000077830004 5 bytes JMP 00000001001804b2
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1740] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077830038 5 bytes JMP 00000001001809fe
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1740] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread 0000000077830068 5 bytes JMP 0000000100180ae0
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1740] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 0000000077830084 5 bytes JMP 000000010002004c
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1740] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant 000000007783079c 5 bytes JMP 000000010018012a
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1740] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 000000007783088c 5 bytes JMP 0000000100180758
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1740] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 00000000778308a4 5 bytes JMP 0000000100180676
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1740] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 0000000077830df4 5 bytes JMP 00000001001803d0
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1740] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread 0000000077831920 5 bytes JMP 0000000100180594
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1740] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 0000000077831be4 5 bytes JMP 000000010018083a
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1740] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread 0000000077831d70 5 bytes JMP 000000010018020c
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 000000007782fcb0 5 bytes JMP 000000010014091c
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007782fe14 5 bytes JMP 0000000100140048
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent 000000007782fea8 5 bytes JMP 00000001001402ee
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 0000000077830004 5 bytes JMP 00000001001404b2
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077830038 5 bytes JMP 00000001001409fe
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread 0000000077830068 5 bytes JMP 0000000100140ae0
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 0000000077830084 5 bytes JMP 000000010002004c
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant 000000007783079c 5 bytes JMP 000000010014012a
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 000000007783088c 5 bytes JMP 0000000100140758
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 00000000778308a4 5 bytes JMP 0000000100140676
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 0000000077830df4 5 bytes JMP 00000001001403d0
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread 0000000077831920 5 bytes JMP 0000000100140594
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 0000000077831be4 5 bytes JMP 000000010014083a
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread 0000000077831d70 5 bytes JMP 000000010014020c
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\syswow64\USER32.dll!RecordShutdownReason + 882 0000000076af1492 7 bytes JMP 000000010015059e
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\sechost.dll!SetServiceObjectSecurity + 206 000000007561524f 7 bytes JMP 0000000100140f52
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigA + 380 00000000756153d0 7 bytes JMP 0000000100150210
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 149 0000000075615677 1 byte JMP 0000000100150048
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 151 0000000075615679 5 bytes {JMP 0xffffffff8ab3a9d1}
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\sechost.dll!CreateServiceA + 542 000000007561589a 7 bytes JMP 0000000100140ca6
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\sechost.dll!CreateServiceW + 382 0000000075615a1d 7 bytes JMP 00000001001503d8
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\sechost.dll!QueryServiceConfigW + 370 0000000075615c9b 7 bytes JMP 000000010015012c
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\sechost.dll!ControlServiceExA + 231 0000000075615d87 7 bytes JMP 00000001001502f4
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\SysWOW64\sechost.dll!I_ScBroadcastServiceControlMessage + 123 0000000075617240 7 bytes JMP 0000000100140e6e
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076cb1465 2 bytes [CB, 76]
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[1228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076cb14bb 2 bytes [CB, 76]
.text ... * 2
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 000000007782fcb0 5 bytes JMP 000000010028091c
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007782fe14 5 bytes JMP 0000000100280048
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent 000000007782fea8 5 bytes JMP 00000001002802ee
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 0000000077830004 5 bytes JMP 00000001002804b2
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077830038 5 bytes JMP 00000001002809fe
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread 0000000077830068 5 bytes JMP 0000000100280ae0
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 0000000077830084 5 bytes JMP 000000010002004c
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant 000000007783079c 5 bytes JMP 000000010028012a
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 000000007783088c 5 bytes JMP 0000000100280758
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 00000000778308a4 5 bytes JMP 0000000100280676
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 0000000077830df4 5 bytes JMP 00000001002803d0
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread 0000000077831920 5 bytes JMP 0000000100280594
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 0000000077831be4 5 bytes JMP 000000010028083a
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread 0000000077831d70 5 bytes JMP 000000010028020c
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\syswow64\USER32.dll!RecordShutdownReason + 882 0000000076af1492 7 bytes JMP 000000010029059e
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\sechost.dll!SetServiceObjectSecurity + 206 000000007561524f 7 bytes JMP 0000000100280f52
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigA + 380 00000000756153d0 7 bytes JMP 0000000100290210
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 149 0000000075615677 1 byte JMP 0000000100290048
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 151 0000000075615679 5 bytes {JMP 0xffffffff8ac7a9d1}
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\sechost.dll!CreateServiceA + 542 000000007561589a 7 bytes JMP 0000000100280ca6
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\sechost.dll!CreateServiceW + 382 0000000075615a1d 7 bytes JMP 00000001002903d8
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\sechost.dll!QueryServiceConfigW + 370 0000000075615c9b 7 bytes JMP 000000010029012c
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\sechost.dll!ControlServiceExA + 231 0000000075615d87 7 bytes JMP 00000001002902f4
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[1844] C:\Windows\SysWOW64\sechost.dll!I_ScBroadcastServiceControlMessage + 123 0000000075617240 7 bytes JMP 0000000100280e6e
? C:\Windows\system32\mssprxy.dll [2752] entry point in ".rdata" section 0000000074d571e6
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2256] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076cb1465 2 bytes [CB, 76]
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2256] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076cb14bb 2 bytes [CB, 76]
.text ... * 2
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 000000007782fcb0 5 bytes JMP 000000010024091c
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007782fe14 5 bytes JMP 0000000100240048
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent 000000007782fea8 5 bytes JMP 00000001002402ee
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 0000000077830004 5 bytes JMP 00000001002404b2
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077830038 5 bytes JMP 00000001002409fe
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread 0000000077830068 5 bytes JMP 0000000100240ae0
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 0000000077830084 5 bytes JMP 000000010002004c
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant 000000007783079c 5 bytes JMP 000000010024012a
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 000000007783088c 5 bytes JMP 0000000100240758
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 00000000778308a4 5 bytes JMP 0000000100240676
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 0000000077830df4 5 bytes JMP 00000001002403d0
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread 0000000077831920 5 bytes JMP 0000000100240594
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 0000000077831be4 5 bytes JMP 000000010024083a
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread 0000000077831d70 5 bytes JMP 000000010024020c
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\sechost.dll!SetServiceObjectSecurity + 206 000000007561524f 7 bytes JMP 0000000100240f52
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigA + 380 00000000756153d0 7 bytes JMP 0000000100250210
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 149 0000000075615677 1 byte JMP 0000000100250048
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 151 0000000075615679 5 bytes {JMP 0xffffffff8ac3a9d1}
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\sechost.dll!CreateServiceA + 542 000000007561589a 7 bytes JMP 0000000100240ca6
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\sechost.dll!CreateServiceW + 382 0000000075615a1d 7 bytes JMP 00000001002503d8
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\sechost.dll!QueryServiceConfigW + 370 0000000075615c9b 7 bytes JMP 000000010025012c
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\sechost.dll!ControlServiceExA + 231 0000000075615d87 7 bytes JMP 00000001002502f4
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\SysWOW64\sechost.dll!I_ScBroadcastServiceControlMessage + 123 0000000075617240 7 bytes JMP 0000000100240e6e
.text C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE[3216] C:\Windows\syswow64\USER32.dll!RecordShutdownReason + 882 0000000076af1492 7 bytes JMP 0000000100250762
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 000000007782fcb0 5 bytes JMP 000000010032091c
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007782fe14 5 bytes JMP 0000000100320048
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent 000000007782fea8 5 bytes JMP 00000001003202ee
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 0000000077830004 5 bytes JMP 00000001003204b2
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077830038 5 bytes JMP 00000001003209fe
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread 0000000077830068 5 bytes JMP 0000000100320ae0
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 0000000077830084 5 bytes JMP 000000010024004c
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant 000000007783079c 5 bytes JMP 000000010032012a
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 000000007783088c 5 bytes JMP 0000000100320758
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 00000000778308a4 5 bytes JMP 0000000100320676
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 0000000077830df4 5 bytes JMP 00000001003203d0
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread 0000000077831920 5 bytes JMP 0000000100320594
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 0000000077831be4 5 bytes JMP 000000010032083a
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread 0000000077831d70 5 bytes JMP 000000010032020c
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\syswow64\USER32.dll!RecordShutdownReason + 882 0000000076af1492 7 bytes JMP 000000010033059e
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\sechost.dll!SetServiceObjectSecurity + 206 000000007561524f 7 bytes JMP 0000000100320f52
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigA + 380 00000000756153d0 7 bytes JMP 0000000100330210
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 149 0000000075615677 1 byte JMP 0000000100330048
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 151 0000000075615679 5 bytes {JMP 0xffffffff8ad1a9d1}
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\sechost.dll!CreateServiceA + 542 000000007561589a 7 bytes JMP 0000000100320ca6
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\sechost.dll!CreateServiceW + 382 0000000075615a1d 7 bytes JMP 00000001003303d8
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\sechost.dll!QueryServiceConfigW + 370 0000000075615c9b 7 bytes JMP 000000010033012c
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\sechost.dll!ControlServiceExA + 231 0000000075615d87 7 bytes JMP 00000001003302f4
.text C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe[3884] C:\Windows\SysWOW64\sechost.dll!I_ScBroadcastServiceControlMessage + 123 0000000075617240 7 bytes JMP 0000000100320e6e
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 000000007782fcb0 5 bytes JMP 00000001000f091c
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007782fe14 5 bytes JMP 00000001000f0048
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent 000000007782fea8 5 bytes JMP 00000001000f02ee
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 0000000077830004 5 bytes JMP 00000001000f04b2
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077830038 5 bytes JMP 00000001000f09fe
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread 0000000077830068 5 bytes JMP 00000001000f0ae0
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 0000000077830084 5 bytes JMP 000000010002004c
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant 000000007783079c 5 bytes JMP 00000001000f012a
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 000000007783088c 5 bytes JMP 00000001000f0758
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 00000000778308a4 5 bytes JMP 00000001000f0676
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 0000000077830df4 5 bytes JMP 00000001000f03d0
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread 0000000077831920 5 bytes JMP 00000001000f0594
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 0000000077831be4 5 bytes JMP 00000001000f083a
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread 0000000077831d70 5 bytes JMP 00000001000f020c
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\syswow64\USER32.dll!RecordShutdownReason + 882 0000000076af1492 7 bytes JMP 00000001001004bc
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\sechost.dll!SetServiceObjectSecurity + 206 000000007561524f 7 bytes JMP 00000001000f0f52
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigA + 380 00000000756153d0 7 bytes JMP 0000000100100210
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 149 0000000075615677 1 byte JMP 0000000100100048
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 151 0000000075615679 5 bytes {JMP 0xffffffff8aaea9d1}
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\sechost.dll!CreateServiceA + 542 000000007561589a 7 bytes JMP 00000001000f0ca6
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\sechost.dll!CreateServiceW + 382 0000000075615a1d 7 bytes JMP 00000001001003d8
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\sechost.dll!QueryServiceConfigW + 370 0000000075615c9b 7 bytes JMP 000000010010012c
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\sechost.dll!ControlServiceExA + 231 0000000075615d87 7 bytes JMP 00000001001002f4
.text C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe[3832] C:\Windows\SysWOW64\sechost.dll!I_ScBroadcastServiceControlMessage + 123 0000000075617240 7 bytes JMP 00000001000f0e6e
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 000000007782fcb0 5 bytes JMP 000000010028091c
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007782fe14 5 bytes JMP 0000000100280048
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent 000000007782fea8 5 bytes JMP 00000001002802ee
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 0000000077830004 5 bytes JMP 00000001002804b2
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077830038 5 bytes JMP 00000001002809fe
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread 0000000077830068 5 bytes JMP 0000000100280ae0
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 0000000077830084 5 bytes JMP 000000010002004c
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant 000000007783079c 5 bytes JMP 000000010028012a
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 000000007783088c 5 bytes JMP 0000000100280758
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 00000000778308a4 5 bytes JMP 0000000100280676
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 0000000077830df4 5 bytes JMP 00000001002803d0
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread 0000000077831920 5 bytes JMP 0000000100280594
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 0000000077831be4 5 bytes JMP 000000010028083a
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread 0000000077831d70 5 bytes JMP 000000010028020c
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076cb1465 2 bytes [CB, 76]
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076cb14bb 2 bytes [CB, 76]
.text ... * 2
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\sechost.dll!SetServiceObjectSecurity + 206 000000007561524f 7 bytes JMP 0000000100280f52
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigA + 380 00000000756153d0 7 bytes JMP 0000000100290210
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 149 0000000075615677 1 byte JMP 0000000100290048
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 151 0000000075615679 5 bytes {JMP 0xffffffff8ac7a9d1}
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\sechost.dll!CreateServiceA + 542 000000007561589a 7 bytes JMP 0000000100280ca6
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\sechost.dll!CreateServiceW + 382 0000000075615a1d 7 bytes JMP 00000001002903d8
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\sechost.dll!QueryServiceConfigW + 370 0000000075615c9b 7 bytes JMP 000000010029012c
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\sechost.dll!ControlServiceExA + 231 0000000075615d87 7 bytes JMP 00000001002902f4
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\SysWOW64\sechost.dll!I_ScBroadcastServiceControlMessage + 123 0000000075617240 7 bytes JMP 0000000100280e6e
.text C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe[2784] C:\Windows\syswow64\USER32.dll!RecordShutdownReason + 882 0000000076af1492 7 bytes JMP 000000010029059e
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 000000007782fcb0 5 bytes JMP 000000010025091c
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007782fe14 5 bytes JMP 0000000100250048
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent 000000007782fea8 5 bytes JMP 00000001002502ee
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 0000000077830004 5 bytes JMP 00000001002504b2
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077830038 5 bytes JMP 00000001002509fe
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread 0000000077830068 5 bytes JMP 0000000100250ae0
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 0000000077830084 5 bytes JMP 000000010003004c
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant 000000007783079c 5 bytes JMP 000000010025012a
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 000000007783088c 5 bytes JMP 0000000100250758
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 00000000778308a4 5 bytes JMP 0000000100250676
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 0000000077830df4 5 bytes JMP 00000001002503d0
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread 0000000077831920 5 bytes JMP 0000000100250594
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 0000000077831be4 5 bytes JMP 000000010025083a
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread 0000000077831d70 5 bytes JMP 000000010025020c
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\syswow64\USER32.dll!RecordShutdownReason + 882 0000000076af1492 7 bytes JMP 000000010026059e
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\sechost.dll!SetServiceObjectSecurity + 206 000000007561524f 7 bytes JMP 0000000100250f52
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigA + 380 00000000756153d0 7 bytes JMP 0000000100260210
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 149 0000000075615677 1 byte JMP 0000000100260048
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 151 0000000075615679 5 bytes {JMP 0xffffffff8ac4a9d1}
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\sechost.dll!CreateServiceA + 542 000000007561589a 7 bytes JMP 0000000100250ca6
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\sechost.dll!CreateServiceW + 382 0000000075615a1d 7 bytes JMP 00000001002603d8
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\sechost.dll!QueryServiceConfigW + 370 0000000075615c9b 7 bytes JMP 000000010026012c
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\sechost.dll!ControlServiceExA + 231 0000000075615d87 7 bytes JMP 00000001002602f4
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\SysWOW64\sechost.dll!I_ScBroadcastServiceControlMessage + 123 0000000075617240 7 bytes JMP 0000000100250e6e
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076cb1465 2 bytes [CB, 76]
.text C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe[4180] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076cb14bb 2 bytes [CB, 76]
.text ... * 2
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 000000007782fcb0 5 bytes JMP 000000010028091c
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007782fe14 5 bytes JMP 0000000100280048
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent 000000007782fea8 5 bytes JMP 00000001002802ee
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 0000000077830004 5 bytes JMP 00000001002804b2
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077830038 5 bytes JMP 00000001002809fe
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread 0000000077830068 5 bytes JMP 0000000100280ae0
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 0000000077830084 5 bytes JMP 000000010002004c
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant 000000007783079c 5 bytes JMP 000000010028012a
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 000000007783088c 5 bytes JMP 0000000100280758
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 00000000778308a4 5 bytes JMP 0000000100280676
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 0000000077830df4 5 bytes JMP 00000001002803d0
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread 0000000077831920 5 bytes JMP 0000000100280594
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 0000000077831be4 5 bytes JMP 000000010028083a
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread 0000000077831d70 5 bytes JMP 000000010028020c
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\syswow64\USER32.dll!RecordShutdownReason + 882 0000000076af1492 7 bytes JMP 00000001002904bc
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\sechost.dll!SetServiceObjectSecurity + 206 000000007561524f 7 bytes JMP 0000000100280f52
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigA + 380 00000000756153d0 7 bytes JMP 0000000100290210
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 149 0000000075615677 1 byte JMP 0000000100290048
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 151 0000000075615679 5 bytes {JMP 0xffffffff8ac7a9d1}
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\sechost.dll!CreateServiceA + 542 000000007561589a 7 bytes JMP 0000000100280ca6
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\sechost.dll!CreateServiceW + 382 0000000075615a1d 7 bytes JMP 00000001002903d8
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\sechost.dll!QueryServiceConfigW + 370 0000000075615c9b 7 bytes JMP 000000010029012c
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\sechost.dll!ControlServiceExA + 231 0000000075615d87 7 bytes JMP 00000001002902f4
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\SysWOW64\sechost.dll!I_ScBroadcastServiceControlMessage + 123 0000000075617240 7 bytes JMP 0000000100280e6e
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000076cb1465 2 bytes [CB, 76]
.text C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe[4644] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 0000000076cb14bb 2 bytes [CB, 76]
.text ... * 2
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 000000007782fcb0 5 bytes JMP 000000010028091c
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007782fe14 5 bytes JMP 0000000100280048
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent 000000007782fea8 5 bytes JMP 00000001002802ee
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 0000000077830004 5 bytes JMP 00000001002804b2
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077830038 5 bytes JMP 00000001002809fe
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread 0000000077830068 5 bytes JMP 0000000100280ae0
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 0000000077830084 5 bytes JMP 000000010002004c
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant 000000007783079c 5 bytes JMP 000000010028012a
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 000000007783088c 5 bytes JMP 0000000100280758
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 00000000778308a4 5 bytes JMP 0000000100280676
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 0000000077830df4 5 bytes JMP 00000001002803d0
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread 0000000077831920 5 bytes JMP 0000000100280594
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 0000000077831be4 5 bytes JMP 000000010028083a
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread 0000000077831d70 5 bytes JMP 000000010028020c
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\syswow64\USER32.dll!RecordShutdownReason + 882 0000000076af1492 7 bytes JMP 000000010029059e
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\sechost.dll!SetServiceObjectSecurity + 206 000000007561524f 7 bytes JMP 0000000100280f52
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigA + 380 00000000756153d0 7 bytes JMP 0000000100290210
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 149 0000000075615677 1 byte JMP 0000000100290048
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 151 0000000075615679 5 bytes {JMP 0xffffffff8ac7a9d1}
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\sechost.dll!CreateServiceA + 542 000000007561589a 7 bytes JMP 0000000100280ca6
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\sechost.dll!CreateServiceW + 382 0000000075615a1d 7 bytes JMP 00000001002903d8
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\sechost.dll!QueryServiceConfigW + 370 0000000075615c9b 7 bytes JMP 000000010029012c
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\sechost.dll!ControlServiceExA + 231 0000000075615d87 7 bytes JMP 00000001002902f4
.text C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe[4952] C:\Windows\SysWOW64\sechost.dll!I_ScBroadcastServiceControlMessage + 123 0000000075617240 7 bytes JMP 0000000100280e6e
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 000000007782fcb0 5 bytes JMP 000000010024091c
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007782fe14 5 bytes JMP 0000000100240048
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent 000000007782fea8 5 bytes JMP 00000001002402ee
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 0000000077830004 5 bytes JMP 00000001002404b2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077830038 5 bytes JMP 00000001002409fe
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread 0000000077830068 5 bytes JMP 0000000100240ae0
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 0000000077830084 5 bytes JMP 000000010002004c
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant 000000007783079c 5 bytes JMP 000000010024012a
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 000000007783088c 5 bytes JMP 0000000100240758
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 00000000778308a4 5 bytes JMP 0000000100240676
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 0000000077830df4 5 bytes JMP 00000001002403d0
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread 0000000077831920 5 bytes JMP 0000000100240594
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 0000000077831be4 5 bytes JMP 000000010024083a
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread 0000000077831d70 5 bytes JMP 000000010024020c
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\sechost.dll!SetServiceObjectSecurity + 206 000000007561524f 7 bytes JMP 0000000100240f52
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigA + 380 00000000756153d0 7 bytes JMP 0000000100250210
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 149 0000000075615677 1 byte JMP 0000000100250048
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 151 0000000075615679 5 bytes {JMP 0xffffffff8ac3a9d1}
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\sechost.dll!CreateServiceA + 542 000000007561589a 7 bytes JMP 0000000100240ca6
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\sechost.dll!CreateServiceW + 382 0000000075615a1d 7 bytes JMP 00000001002503d8
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\sechost.dll!QueryServiceConfigW + 370 0000000075615c9b 7 bytes JMP 000000010025012c
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\sechost.dll!ControlServiceExA + 231 0000000075615d87 7 bytes JMP 00000001002502f4
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\SysWOW64\sechost.dll!I_ScBroadcastServiceControlMessage + 123 0000000075617240 7 bytes JMP 0000000100240e6e
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2872] C:\Windows\syswow64\USER32.dll!RecordShutdownReason + 882 0000000076af1492 7 bytes JMP 00000001002504bc
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 000000007782fcb0 5 bytes JMP 000000010029091c
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007782fe14 5 bytes JMP 0000000100290048
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent 000000007782fea8 5 bytes JMP 00000001002902ee
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 0000000077830004 5 bytes JMP 00000001002904b2
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077830038 5 bytes JMP 00000001002909fe
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread 0000000077830068 5 bytes JMP 0000000100290ae0
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 0000000077830084 5 bytes JMP 000000010003004c
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant 000000007783079c 5 bytes JMP 000000010029012a
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 000000007783088c 5 bytes JMP 0000000100290758
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 00000000778308a4 5 bytes JMP 0000000100290676
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 0000000077830df4 5 bytes JMP 00000001002903d0
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread 0000000077831920 5 bytes JMP 0000000100290594
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 0000000077831be4 5 bytes JMP 000000010029083a
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread 0000000077831d70 5 bytes JMP 000000010029020c
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\sechost.dll!SetServiceObjectSecurity + 206 000000007561524f 7 bytes JMP 0000000100290f52
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigA + 380 00000000756153d0 7 bytes JMP 00000001002a0210
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 149 0000000075615677 1 byte JMP 00000001002a0048
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 151 0000000075615679 5 bytes {JMP 0xffffffff8ac8a9d1}
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\sechost.dll!CreateServiceA + 542 000000007561589a 7 bytes JMP 0000000100290ca6
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\sechost.dll!CreateServiceW + 382 0000000075615a1d 7 bytes JMP 00000001002a03d8
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\sechost.dll!QueryServiceConfigW + 370 0000000075615c9b 7 bytes JMP 00000001002a012c
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\sechost.dll!ControlServiceExA + 231 0000000075615d87 7 bytes JMP 00000001002a02f4
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\SysWOW64\sechost.dll!I_ScBroadcastServiceControlMessage + 123 0000000075617240 7 bytes JMP 0000000100290e6e
.text C:\Users\Simon\Downloads\gmer_2.1.19163.exe[5240] C:\Windows\syswow64\USER32.dll!RecordShutdownReason + 882 0000000076af1492 7 bytes JMP 00000001002a04bc
---- Threads - GMER 2.1 ----
Thread C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1228:1612] 0000000000020060
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xED 0x3A 0xD3 0x08 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xE0 0x85 0xE7 0x2A ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xA8 0x04 0x72 0xC5 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xED 0x3A 0xD3 0x08 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xE0 0x85 0xE7 0x2A ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xA8 0x04 0x72 0xC5 ...
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Defogger_Disable datei: defogger_disable by jpshortstuff (23.02.10.1) Log created at 12:23 on 03/09/2013 (Simon) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... SPTD -> Already disabled -=E.O.F=- |
|
03.09.2013, 14:36
| #6 |
| /// TB-Ausbilder | Bei Browsernutzung lande ich ständig auf Werbeseiten und auf http://s.mgkaxjfwfc.com/s73bc5wskpmgwwcowokg0w0os4 Ok, dann legen wir los: Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Starte noch einmal FRST.
__________________ --> Bei Browsernutzung lande ich ständig auf Werbeseiten und auf http://s.mgkaxjfwfc.com/s73bc5wskpmgwwcowokg0w0os4 |
|
03.09.2013, 15:46
| #7 |
| | Bei Browsernutzung lande ich ständig auf Werbeseiten und auf http://s.mgkaxjfwfc.com/s73bc5wskpmgwwcowokg0w0os4 Danke für deine Hilfe !! Und es tut mir leid, wenn ich nicht immer zurückschreiben kann, da ich nebenbei noch anderes zu erledigen hab! kennst du sicher!   AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.002 - Bericht erstellt am 03/09/2013 um 15:46:57
# Updated 01/09/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Simon - FAMILIEN-PC
# Gestartet von : C:\Users\Simon\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\IBUpdaterService
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\StarApp
Ordner Gelöscht : C:\ProgramData\MaaaGuniPic
Ordner Gelöscht : C:\Program Files (x86)\MagniPic
Ordner Gelöscht : C:\Program Files (x86)\Savings Sidekick
Ordner Gelöscht : C:\Users\Simon\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Simon\AppData\Local\Savings Sidekick
Ordner Gelöscht : C:\Users\Simon\AppData\LocalLow\MaaaGuniPic
Ordner Gelöscht : C:\Users\Simon\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\Simon\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Simon\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Bettina\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Bettina\AppData\LocalLow\MaaaGuniPic
Ordner Gelöscht : C:\Users\Lukas\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Lukas\AppData\LocalLow\MaaaGuniPic
Ordner Gelöscht : C:\Users\Lukas\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\9k15kvtb.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
Ordner Gelöscht : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\firejump@firejump.net
Datei Gelöscht : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\searchplugins\Askcom.xml
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [firejump@firejump.net]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_008a99b9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0036928.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0036928.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0036928.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0036928.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_free-youtube-download_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_free-youtube-download_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hypercam_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hypercam_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_idump_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_idump_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{316DF548-9578-C6E1-C0DD-4771769EE559}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011501160}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311691128}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322692228}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355695528}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366696628}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344694428}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{316DF548-9578-C6E1-C0DD-4771769EE559}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501160}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311691128}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{316DF548-9578-C6E1-C0DD-4771769EE559}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311691128}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{316DF548-9578-C6E1-C0DD-4771769EE559}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311691128}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{316DF548-9578-C6E1-C0DD-4771769EE559}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311691128}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160}
Schlüssel Gelöscht : HKCU\Software\Cr_Installer
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\PrivitizeVPNInstallDates
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Savings Sidekick
Schlüssel Gelöscht : HKLM\Software\SP Global
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Savings Sidekick
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Mozilla Firefox v23.0.1 (de)
[ Datei : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\prefs.js ]
Zeile gelöscht : user_pref("aol_toolbar.default.homepage.check", false);
Zeile gelöscht : user_pref("aol_toolbar.default.search.check", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.js", "\n\n /************************************************************************************\[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return app[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_122.code", "if(!(/^hxxps\\:\\/\\//.test(document.location.href))){appAPI.dom.addRem[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_13.name", "CrossriderAppUtils");
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_137.code", "(function() {\n function injectScript(geo) {\n var prot = window.locat[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_14.name", "CrossriderUtils");
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.a[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.que[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_con[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_31.code", "if (!appAPI.monetize || appAPI.monetize.isNeedToRun(\"monitzation_80\"))[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_78.name", "CrossriderInfo");
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.thankyou", "hxxp://crossrider.com/thank_you/36928");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "1408684245deb8d002585237de7e9521");
Zeile gelöscht : user_pref("extensions.xNim7RrzD.scode", "if(window.self==window.top){var script=document.createElement(\"script\");script.type=\"text/javascript\";script.src=\"//cdncache-a.akamaihd.net/loaders/1499/l[...]
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "");
[ Datei : C:\Users\Bettina\AppData\Roaming\Mozilla\Firefox\Profiles\awy1gsh3.default\prefs.js ]
Zeile gelöscht : user_pref("aol_toolbar.default.homepage.check", false);
Zeile gelöscht : user_pref("aol_toolbar.default.search.check", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.js", "\n\n /************************************************************************************\[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return app[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_122.code", "if(!(/^hxxps\\:\\/\\//.test(document.location.href))){appAPI.dom.addRem[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_13.name", "CrossriderAppUtils");
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_137.code", "(function() {\n function injectScript(geo) {\n var prot = window.locat[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_14.name", "CrossriderUtils");
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.a[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.que[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_con[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_31.code", "if (!appAPI.monetize || appAPI.monetize.isNeedToRun(\"monitzation_80\"))[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());[...]
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.plugins.plugin_78.name", "CrossriderInfo");
Zeile gelöscht : user_pref("extensions.a75ffaaa6513e452fb3efa355babbf0bd6968769191ac40219ac9b8f93a6c6a10com36928.36928.thankyou", "hxxp://crossrider.com/thank_you/36928");
Zeile gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "139b73eb47eed907cacbefa12451d72e");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.InstallationTime", 1347399104);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.active", true);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.addressbar", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG_NEW&&appAPI.webRequest&&appAPI.webRequest.onBeforeNavigate?_GPL_BG_NEW.preinit():\"undefined\"!=typeof _G[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.backgroundver", 7);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.can_run_bg_code", true);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.certdomaininstaller", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.changeprevious", false);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.value", "1347399104");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.value", "1347399104");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.expiration", "Sat Dec 01 2012 11:53:04 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.value", "%22nonexistantdomain.com%22");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.expiration", "Fri Dec 07 2012 18:40:17 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.value", "%22AT%22");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.value", "1354358883");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.value", "%221%22");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%220%22%2C%22sub_id%22%3A%220%22%2C%22uzid%22%3A%220%22%7D");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.value", "%2214019%22");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.value", "1347642650268");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.value", "%221224%22");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.value", "%2280672%22");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.value", "1347560805941");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.description", "Savings Sidekick");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.domain", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.enablesearch", false);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.fbremoteurl", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.group", 0);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.homepage", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.iframe", false);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.value", "38");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.value", "0");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.value", "%7B%7D");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.expiration", "Sat Dec 01 2012 15:47:55 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.value", "true");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.value", "%7B%7D");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.started||_GPL_PLUGIN.prepare({pid:1224,baseCDN:\"savingsside-a.akamaihd.ne[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.manifesturl", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.name", "Savings Sidekick");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.newtab", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.opensearch", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return appAPI.appInfo.id}else{return appAPI.appID}}};$jquery.extend[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.name", "base");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.ver", 3);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.code", "Array.prototype.indexOf||(Array.prototype.indexOf=function(a){if(void 0===this||null===this)throw new TypeError;var b=Object[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.ver", 7);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rules:{},started:!1,log:function(d){console.log(d)},factor:1,preinit:function(){null!=appAPI.db.get(\"_[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.name", "GPL Background (BG)");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.ver", 4);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSelection){return window.getSelection()}else{if(document.getS[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.name", "CrossriderAppUtils");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.ver", 2);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={}}appAPI.JSON={};if(typeof JSON!==\"undefined\"){appAPI.JSON=JSON}else{(function(){fun[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.name", "CrossriderUtils");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.ver", 2);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.code", "(function(f){var u={};var e=Math.floor(Math.random()*99999);var g=Math.floor(Math.random()*99999999999999)+\"Z\"+(new Date()).get[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.name", "FacebookFFIE");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.ver", 1);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!=true)&&(typeof _firefoxVersion!==\"undefined\"&&_firefoxVersion>14)&&typeo[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.name", "FFAppAPIWrapper");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.ver", 4);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1.4.2\n * hxxp://jquery.com/\n *\n * Copyright 2010, John [...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.name", "jQuery");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.ver", 3);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.appID(),url:appAPI._cr_config.debug_app};return h.Class.ex[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.name", "debug");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.ver", 3);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.queue.push(b)}};appAPI.ready=function(c,b){a.when.apply(null[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.name", "resources");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.ver", 2);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_config.appID()},b,g=new e.Deferred(),f;return e.Class.extend[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.name", "initializer");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.ver", 2);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com | jquery.org/license */\n(function(a,b){function cy(a){return f.isWindow(a)?a:a.nodeType===9?a.defaul[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.name", "jquery_1_7_1");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.ver", 3);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a)}}());var CrossRiderResourcesManager=(function(){var A={appId:(fu[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.name", "resources_background");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.ver", 1);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_0", "17,14,16,47,1000015");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_1", "17,14,13,16,15,4,1,21,22,1000014,28");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.pluginsurl", "hxxp://app-static.crossrider.com/plugin/apps/5060/plugins/085/ff/plugins.json");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.pluginsversion", 16);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.publisher", "215 Apps");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.searchstatus", 0);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.setnewtab", false);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.settingsurl", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.thankyou", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.updateinterval", 360);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.ver", 38);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.adsOldValue", -1);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.apps", "5060");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.bic", "139b73eb47eed907cacbefa12451d72e");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.cid", 5060);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.firstrun", false);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.hadappinstalled", true);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.installationdate", 1347399104);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.lastcheck", 22572528);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.lastcheckitem", 22572652);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.modetype", "production");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10262&locale=de_CH&apn_uid=725e1590-40e4-4983-94ad-4328f96510df&apn_ptnrs=%5EAGT&apn_sauid=0987758F-4850-4FCC[...]
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "");
[ Datei : C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\9k15kvtb.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "13a7cbbdb7ce8522f04b1e9f4b7c41c3");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.InstallationTime", 1350712417);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.active", true);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.addressbar", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.addressbarenhanced", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.backgroundjs", "\n\n//\n");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.backgroundver", 42);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.can_run_bg_code", true);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.certdomaininstaller", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.changeprevious", false);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.value", "1350712417");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.value", "1350712417");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_arbitrary_code.expiration", "Thu May 23 2013 00:28:40 GMT+0200");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_arbitrary_code.value", "%22var%20start_time%3D1368590400%3C%3DMath.floor%28new%20Date/1E3%29%3F378693E4%3A1368504E3%3B_GPL_PLUGIN.st%3D%7B%5C%2[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.expiration", "Thu May 23 2013 00:28:40 GMT+0200");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.value", "%22nonexistantdomain.com%22");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.expiration", "Wed May 29 2013 23:44:11 GMT+0200");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.value", "%22AT%22");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.value", "1369261000");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_currenttime.value", "%221368551425%22");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.value", "%221%22");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_delay.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_delay.value", "24");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_disclosure.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_disclosure.value", "1369259096");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_list.expiration", "Thu May 23 2013 05:44:56 GMT+0200");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_list.value", "%7B%225a0a78b4cf7a0f072d270b686d9c51f5%22%3A%7B%22p%22%3A%22/%22%7D%2C%2201cc4ace90709935c880901565cc0d2c%22%3A%7B%22p%22%3A%2[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%220%22%2C%22sub_id%22%3A%220%22%2C%22uzid%22%3A%220%22%7D");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installtime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installtime.value", "%221368551425%22");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.value", "%2214019%22");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.value", "1369259188376");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.value", "%221224%22");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.value", "%2295913%22");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.value", "1369259045066");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.description", "Savings Sidekick");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.domain", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.enablesearch", false);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.fbremoteurl", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.group", 0);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.homepage", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.iframe", false);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.value", "89");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.value", "0");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.value", "%7B%7D");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.expiration", "Thu May 23 2013 05:44:00 GMT+0200");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.value", "true");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.value", "%7B%7D");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.started||_GPL_PLUGIN.prepare({pid:1224,baseCDN:\"savingsside-a.akamaihd.ne[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.manifesturl", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.name", "Savings Sidekick");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.newtab", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.opensearch", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return appAPI.appInfo.id;}else{return appAPI.appID;}}};$jquery.exte[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.name", "base");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.ver", 6);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.code", "Array.prototype.indexOf||(Array.prototype.indexOf=function(b){if(void 0===this||null===this)throw new TypeError;var c=Object[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.ver", 15);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.code", "var a=appAPI.db.getList(),cf_ran=!1,_GPL_BG={vars:{},rules:{},started:!1,allowed:!1,log:function(b){console.log(b)},factor:1[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.name", "GPL Background (BG)");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.ver", 38);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSelection){return window.getSelection();}else{if(document.get[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.name", "CrossriderAppUtils");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.ver", 3);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={};}var CR__bIsIEWindow=false;if(typeof window!==\"undefined\"&&typeof window.navigator[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.name", "CrossriderUtils");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.ver", 3);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _firefoxVersion!==\"undefined\"&&_firefoxVersion>14)&&type[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.name", "FFAppAPIWrapper");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.ver", 7);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1.4.2\n * hxxp://jquery.com/\n *\n * Copyright 2010, John [...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.name", "jQuery");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.ver", 4);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.appID(),url:appAPI._cr_config.debug_app};return h.Class.ex[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.name", "debug");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.ver", 4);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.queue.push(b);}};appAPI.ready=function(c,b){a.when.apply(nul[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.name", "resources");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.ver", 4);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_config.appID()},b,g=new e.Deferred(),f;return e.Class.extend[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.name", "initializer");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.ver", 3);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.code", "var jQuery = $jquery_171 = $jquery = null;\n\nif (document && typeof document.getElementById !== \"undefined\") {\n\n/*! jQuery v1[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.name", "jquery_1_7_1");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.ver", 4);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());var CrossRiderResourcesManager=(function(){var C={appId:([...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.name", "resources_background");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.ver", 3);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPTY_CHANNEL__\";var d=function(j){return(typeof j===\"object\"&&j!==null);};var b=function(j){return(![...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_64.name", "appApiMessage");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_64.ver", 2);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function(){var k={};var f=appAPI.appInfo.name;var l=function(s,r,t){var q=\"[\"[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_72.name", "appApiValidation");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_72.ver", 3);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof navigator!==\"undefined\"&&typeof navigator.userAgent!==\"undefined\"){(functi[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_78.name", "CrossriderInfo");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_78.ver", 3);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_98.code", "(function(){var b=\"cr_\"+appAPI.appID+\"internalMessage\";var a=function(){var d=function(g){if(g===true){unsafeWindow.appAPI=ap[...]
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_98.name", "omniCommands");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_98.ver", 2);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_0", "4,14,78,16,64,47,72,98,1000015");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,72,98,1000014,28");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/5060/plugins/086/ff/plugins.json");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.pluginsversion", 65);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.publisher", "Innovative Apps");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.searchstatus", 0);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.setnewtab", false);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.settingsurl", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.thankyou", "");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.updateinterval", 360);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.5060.ver", 89);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.adsOldValue", -1);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.apps", "5060");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.bic", "13a7cbbdb7ce8522f04b1e9f4b7c41c3");
Zeile gelöscht : user_pref("extensions.crossriderapp5060.cid", 5060);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.firstrun", false);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.hadappinstalled", true);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.installationdate", 1350712417);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.lastcheck", 22820984);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.lastcheckitem", 22821025);
Zeile gelöscht : user_pref("extensions.crossriderapp5060.modetype", "production");
Zeile gelöscht : user_pref("extensions.enabledAddons", "crossriderapp5060%40crossrider.com:0.86.40,%7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.12,%7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.5,%7B972ce4c6-7e08-4474[...]
Zeile gelöscht : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10262&locale=de_CH&apn_uid=725e1590-40e4-4983-94ad-4328f96510df&apn_ptnrs=%5EAGT&apn_sauid=0987758F-4850-4FCC[...]
*************************
AdwCleaner[R0].txt - [48621 octets] - [03/09/2013 15:45:14]
AdwCleaner[S0].txt - [48162 octets] - [03/09/2013 15:46:57]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [48223 octets] ##########
Und jetzt noch den FRST ....  FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2013 01
Ran by Simon (administrator) on FAMILIEN-PC on 03-09-2013 16:44:54
Running from C:\Users\Simon\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
() C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
() C:\Program Files (x86)\watchmi\TvdTray.exe
(Dropbox, Inc.) C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [MedionReminder] - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [MedionReminder] - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe /DeleteRunKey [443688 2011-05-26] (CyberLink)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1811880 2013-08-28] (Valve Corporation)
HKCU\...\Run: [Desura] - C:\Program Files (x86)\Desura\desura.exe -autostart [x]
MountPoints2: {20b3ec40-1977-11e2-9546-8c89a596b6dd} - G:\LaunchU3.exe -a
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Guard.Mail.ru.gui] - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-05-17] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKU\Bettina\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3478336 2012-01-24] (DT Soft Ltd)
HKU\Bettina\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [17146504 2012-02-15] (Skype Technologies S.A.)
HKU\Bettina\...\Run: [ICQ] - C:\Program Files (x86)\ICQ7M\ICQ.exe [127040 2012-05-17] (ICQ, LLC.)
HKU\Bettina\...\Run: [Spotify] - C:\Users\Simon\AppData\Roaming\Spotify\Spotify.exe [4640768 2013-07-19] (Spotify Ltd)
HKU\Bettina\...\Run: [Spotify Web Helper] - C:\Users\Simon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-19] (Spotify Ltd)
HKU\Lukas\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [17146504 2012-02-15] (Skype Technologies S.A.)
HKU\Lukas\...\Run: [Spotify] - C:\Users\Lukas\AppData\Roaming\Spotify\spotify.exe [7880664 2012-11-08] (Spotify Ltd)
HKU\Lukas\...\Run: [Spotify Web Helper] - C:\Users\Lukas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2012-11-08] (Spotify Ltd)
HKU\Lukas\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3478336 2012-01-24] (DT Soft Ltd)
HKU\Lukas\...\Run: [ICQ] - C:\Program Files (x86)\ICQ7M\ICQ.exe [127040 2012-05-17] (ICQ, LLC.)
AppInit_DLLs-x32: c:\progra~2\magnipic\assist~1.dll [127040 2012-05-17] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WN111v2 Setup-Assistent.lnk
ShortcutTarget: NETGEAR WN111v2 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe (NETGEAR)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\watchmi tray.lnk
ShortcutTarget: watchmi tray.lnk -> C:\Windows\Installer\{409DC300-28AF-468F-9624-1F3309701881}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe (Acresso Software Inc.)
Startup: C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Users\Simon\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe (No File)
Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {ACCC5665-D59E-4F8C-B4B6-2746D78248EE} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10262&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGT&apn_dtid=^YYYYYY^YY^CH&apn_uid=725e1590-40e4-4983-94ad-4328f96510df&apn_sauid=0987758F-4850-4FCC-BF1D-E35B116969DF
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: 184.73.223.40 session.minecraft.net
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Google
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.at/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\75ffaaa6-513e-452f-b3ef-a355babbf0bd@69687691-91ac-4021-9ac9-b8f93a6c6a10.com
FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\crossriderapp5060@crossrider.com
FF Extension: GMX MailCheck - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\toolbar@gmx.net
FF Extension: MaaaGuniPic - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\uj5u7i@ybeue.co.uk
FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\coFFPlgn\
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (MaaaGuniPic) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdolmdlcfpdlpffoeckdfidkbdgcajbk\1.5
CHR Extension: (hosts2) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nijjeomamgmmmefdpnkebbikhfbgagfl\1.23.6_0
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\Exts\Chrome.crx
==================== Services (Whitelisted) =================
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-05-17] ()
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe [942080 2008-02-29] (Atheros Communications, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
S4 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2401632 2012-11-29] (TuneUp Software)
S4 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2011-10-07] ()
==================== Drivers (Whitelisted) ====================
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2013-08-17] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-20] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-20] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-27] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\IPSDefs\20130902.001\IDSvia64.sys [520280 2013-08-21] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\IPSDefs\20130902.001\IDSvia64.sys [520280 2013-08-21] (Symantec Corporation)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2013-08-17] ()
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs\20130903.001\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs\20130903.001\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs\20130903.001\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs\20130903.001\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)
S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
R3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564792 2012-01-31] (Duplex Secure Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-08-08] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
R3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [783360 2010-04-27] (Atheros Communications, Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-03 15:59 - 2013-09-03 15:59 - 00000334 _____ C:\Windows\PFRO.log
2013-09-03 15:59 - 2013-09-03 15:59 - 00000056 _____ C:\Windows\setupact.log
2013-09-03 15:59 - 2013-09-03 15:59 - 00000000 ____D C:\Windows\Minidump
2013-09-03 15:59 - 2013-09-03 15:59 - 00000000 _____ C:\Windows\setuperr.log
2013-09-03 15:44 - 2013-09-03 15:47 - 00000000 ____D C:\AdwCleaner
2013-09-03 15:44 - 2013-09-03 15:44 - 01037134 _____ C:\Users\Simon\Downloads\adwcleaner.exe
2013-09-03 15:13 - 2013-09-03 15:13 - 00024411 _____ C:\Users\Simon\Desktop\defogger_disable.lnk
2013-09-03 15:09 - 2013-09-03 15:09 - 00076463 _____ C:\Users\Simon\Desktop\Gmer.txt
2013-09-03 14:40 - 2013-09-03 14:40 - 00377856 _____ C:\Users\Simon\Downloads\gmer_2.1.19163.exe
2013-09-03 12:28 - 2013-09-03 12:29 - 00050641 _____ C:\Users\Simon\Desktop\FRST.txt
2013-09-03 12:28 - 2013-09-03 12:28 - 00129271 _____ C:\Users\Simon\Desktop\Addition.txt
2013-09-03 12:26 - 2013-09-03 12:26 - 00000000 ____D C:\FRST
2013-09-03 12:25 - 2013-09-03 12:26 - 01950474 _____ (Farbar) C:\Users\Simon\Downloads\FRST64.exe
2013-09-03 12:24 - 2013-09-03 12:24 - 01084685 _____ (Farbar) C:\Users\Simon\Downloads\FRST.exe
2013-09-03 12:12 - 2013-09-03 12:23 - 00000524 _____ C:\Users\Simon\Downloads\defogger_disable.log
2013-09-03 12:12 - 2013-09-03 12:12 - 00000020 _____ C:\Users\Simon\defogger_reenable
2013-09-03 12:11 - 2013-09-03 12:11 - 00050477 _____ C:\Users\Simon\Downloads\Defogger.exe
2013-09-03 03:01 - 2013-09-03 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{FFFFF9EE-B7A6-4A1B-B3EE-5193FDC55763}
2013-09-02 03:01 - 2013-09-02 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{5F84A793-D88B-4C8F-885D-EDB5A235633E}
2013-09-01 03:01 - 2013-09-01 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{7A792347-1143-4BD3-9681-C9A9CE50A7DF}
2013-08-31 03:01 - 2013-08-31 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{421DD7FF-034C-4C2B-B3CE-F2C4C0B6A75A}
2013-08-30 14:45 - 2013-08-30 14:45 - 00003150 _____ C:\Windows\System32\Tasks\{D19F593B-D7EA-49EC-8895-03ABF4C105A7}
2013-08-30 14:44 - 2013-08-30 14:46 - 00001031 _____ C:\Users\Public\Desktop\MozBackup.lnk
2013-08-30 14:44 - 2013-08-30 14:44 - 00000000 ____D C:\Program Files (x86)\MozBackup
2013-08-30 14:43 - 2013-08-30 14:43 - 01035926 _____ C:\Users\Simon\Downloads\MozBackup-1.5.1-EN.exe
2013-08-30 03:01 - 2013-08-30 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{43B6587A-E6D9-4087-B8B5-F9787DB4D7A3}
2013-08-29 03:01 - 2013-08-29 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{8A20852E-1EBD-4EA2-B1AE-A33E2801A05E}
2013-08-28 03:02 - 2013-08-28 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{0F843024-D16E-4EA5-AA93-B543105B8192}
2013-08-27 16:50 - 2013-08-27 17:09 - 00000000 ____D C:\Users\Simon\Desktop\Schoren Rockt _ Export
2013-08-27 03:01 - 2013-08-27 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{ECA4DBF8-E442-45F0-B0D9-8643BBDE9405}
2013-08-26 03:01 - 2013-08-26 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{C1AD0292-2523-4631-884F-8AAB684AF4FE}
2013-08-25 03:01 - 2013-08-25 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{A3534C9D-A957-4200-B4D6-C5F99B763D1A}
2013-08-24 03:01 - 2013-08-24 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{D412DD72-A04E-4F0A-B0AD-6A10E8FE6DAC}
2013-08-23 21:46 - 2013-08-23 21:46 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-08-23 21:46 - 2013-08-23 21:46 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-08-23 21:46 - 2013-08-23 21:46 - 00000000 ____D C:\Program Files\CCleaner
2013-08-23 21:44 - 2013-08-23 21:44 - 04429440 _____ (Piriform Ltd) C:\Users\Simon\Downloads\ccsetup404.exe
2013-08-23 03:01 - 2013-08-23 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{1F447426-9FB0-43CA-82EB-AF5AF10C0FF4}
2013-08-22 03:01 - 2013-08-22 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{EE4EBC68-1CF9-4FEA-BF93-FA247AFA37E4}
2013-08-21 03:01 - 2013-08-21 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{DFB004DD-9CF3-4ACE-A645-D3C2853B9331}
2013-08-20 03:01 - 2013-08-20 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{65BDBA74-A190-4D7C-8A3F-B3C22A2BD9E7}
2013-08-19 05:38 - 2013-08-19 05:38 - 04653528 _____ (Systweak Inc ) C:\Users\Bettina\Downloads\rcpsetupmarm1_marm10at.exe
2013-08-19 03:01 - 2013-08-19 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{BBA4889A-1EA9-4CC2-8887-38E0546EC706}
2013-08-18 20:12 - 2013-08-23 16:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-18 07:00 - 2013-08-18 07:00 - 04653592 _____ (Systweak Inc ) C:\Users\Bettina\Downloads\rcpsetupdsnr_ds203911984.exe
2013-08-18 03:01 - 2013-08-18 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{AB624956-ED4A-4731-8E72-172FDEE3AEA0}
2013-08-17 12:00 - 2013-08-17 12:18 - 00303616 _____ C:\Windows\system32\Drivers\atksgt.sys
2013-08-17 12:00 - 2013-08-17 12:18 - 00035328 _____ C:\Windows\system32\Drivers\lirsgt.sys
2013-08-16 12:02 - 2013-08-16 14:32 - 00000000 ____D C:\Users\Simon\Documents\Stronghold 2
2013-08-16 12:01 - 2013-08-16 12:01 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll
2013-08-16 12:01 - 2013-08-16 12:01 - 00002158 _____ C:\Users\Public\Desktop\Stronghold 2 spielen.lnk
2013-08-16 11:53 - 2013-08-16 11:53 - 00000000 ____D C:\Program Files (x86)\Firefly Studios
2013-08-16 11:44 - 2013-08-16 11:44 - 00003744 _____ C:\Windows\System32\Tasks\Updater36928.exe
2013-08-16 11:44 - 2013-08-16 11:44 - 00000000 ____D C:\Users\Simon\AppData\Local\Updater36928
2013-08-16 11:44 - 2013-08-16 11:44 - 00000000 ____D C:\Users\Simon\AppData\Local\hosts2
2013-08-16 11:44 - 2013-08-16 11:44 - 00000000 ____D C:\Program Files (x86)\hosts2
2013-08-16 11:42 - 2013-08-16 11:43 - 00000000 ____D C:\ProgramData\InstallMate
2013-08-16 11:41 - 2013-08-16 11:41 - 00893000 _____ (PrivitizeVPN) C:\Users\Simon\Downloads\Stronghold_Crusader_+_Extreme_[Full]_[Rus]_secure.exe
2013-08-15 03:17 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 03:17 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 03:17 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 03:17 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 03:17 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 03:17 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 03:17 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 03:17 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 03:17 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 03:17 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 03:17 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 03:17 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 03:02 - 2013-08-15 03:05 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 20:49 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 20:49 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 20:49 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 20:49 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 20:49 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 20:49 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 20:49 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 20:49 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 20:49 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 20:49 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 20:49 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 20:49 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 20:49 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 20:49 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 20:49 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 20:49 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 20:49 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 20:49 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 20:49 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 20:49 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 20:49 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 20:48 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 20:48 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 20:48 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 20:48 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 20:48 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 20:48 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 02:48 - 2013-08-14 02:48 - 00003088 _____ C:\Windows\System32\Tasks\{D90E508C-A0B6-4CA1-A662-279347FE177B}
2013-08-13 16:43 - 2013-08-13 17:31 - 00000000 ____D C:\Users\Simon\Documents\Erinnerungen
2013-08-13 03:01 - 2013-08-13 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{4D7B9514-74C6-4EC9-8303-A7900830BD6D}
2013-08-12 03:01 - 2013-08-12 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{AA824801-D690-4400-90E5-19D01FEB4AAE}
2013-08-11 03:01 - 2013-08-11 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{CAD80B25-5887-4B73-B574-A95FD7E17A1D}
2013-08-10 03:00 - 2013-08-10 03:00 - 00003088 _____ C:\Windows\System32\Tasks\{03C8523B-7B1D-4E85-BD49-B8CB3F299259}
2013-08-09 03:01 - 2013-08-09 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{D1193F02-41DB-438E-A5EE-B662E9957D19}
2013-08-08 21:54 - 2013-08-08 21:54 - 00000000 ____D C:\Users\Bettina\Documents\Symantec
2013-08-08 21:45 - 2013-08-08 21:45 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360
2013-08-08 21:41 - 2013-08-08 21:41 - 00003238 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-08-08 21:41 - 2013-08-08 21:41 - 00002499 _____ C:\Users\Public\Desktop\Norton 360.lnk
2013-08-08 03:01 - 2013-08-08 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{E9D5F6B5-31E5-4786-B268-5CA5AB24AB60}
2013-08-07 03:02 - 2013-08-07 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{5A472158-1E26-480E-94A1-6AFF158BE0BD}
2013-08-06 03:02 - 2013-08-06 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{8A1A15BC-3657-4E8E-A947-C38195D6A697}
2013-08-05 03:02 - 2013-08-05 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{33A066C9-0FA2-42D0-AF5E-901A7A87DB72}
2013-08-04 03:02 - 2013-08-04 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{6CD64D40-D526-4957-B6F6-4BD8101DADCA}
2013-08-04 00:17 - 2013-08-08 20:41 - 00000000 ____D C:\Users\TEMP.Familien-PC.002
==================== One Month Modified Files and Folders =======
2013-09-03 16:41 - 2013-06-19 22:36 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-03 16:40 - 2013-06-19 21:28 - 00000000 ____D C:\Users\Simon\AppData\Local\LogMeIn Hamachi
2013-09-03 16:40 - 2012-04-22 13:57 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-03 16:40 - 2012-01-28 18:16 - 00000000 ___RD C:\Users\Simon\Dropbox
2013-09-03 16:40 - 2012-01-28 18:15 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Dropbox
2013-09-03 16:37 - 2012-04-22 13:57 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-03 16:07 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-03 16:07 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-03 16:04 - 2012-01-21 15:50 - 01966001 _____ C:\Windows\WindowsUpdate.log
2013-09-03 16:01 - 2012-04-22 13:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-03 16:00 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-03 15:59 - 2013-09-03 15:59 - 00527496 _____ C:\Windows\Minidump\090313-59467-01.dmp
2013-09-03 15:59 - 2013-09-03 15:59 - 00000334 _____ C:\Windows\PFRO.log
2013-09-03 15:59 - 2013-09-03 15:59 - 00000056 _____ C:\Windows\setupact.log
2013-09-03 15:59 - 2013-09-03 15:59 - 00000000 ____D C:\Windows\Minidump
2013-09-03 15:59 - 2013-09-03 15:59 - 00000000 _____ C:\Windows\setuperr.log
2013-09-03 15:47 - 2013-09-03 15:44 - 00000000 ____D C:\AdwCleaner
2013-09-03 15:44 - 2013-09-03 15:44 - 01037134 _____ C:\Users\Simon\Downloads\adwcleaner.exe
2013-09-03 15:37 - 2013-02-04 15:37 - 00000000 ____D C:\ProgramData\Avira
2013-09-03 15:13 - 2013-09-03 15:13 - 00024411 _____ C:\Users\Simon\Desktop\defogger_disable.lnk
2013-09-03 15:09 - 2013-09-03 15:09 - 00076463 _____ C:\Users\Simon\Desktop\Gmer.txt
2013-09-03 14:40 - 2013-09-03 14:40 - 00377856 _____ C:\Users\Simon\Downloads\gmer_2.1.19163.exe
2013-09-03 12:29 - 2013-09-03 12:28 - 00050641 _____ C:\Users\Simon\Desktop\FRST.txt
2013-09-03 12:28 - 2013-09-03 12:28 - 00129271 _____ C:\Users\Simon\Desktop\Addition.txt
2013-09-03 12:26 - 2013-09-03 12:26 - 00000000 ____D C:\FRST
2013-09-03 12:26 - 2013-09-03 12:25 - 01950474 _____ (Farbar) C:\Users\Simon\Downloads\FRST64.exe
2013-09-03 12:24 - 2013-09-03 12:24 - 01084685 _____ (Farbar) C:\Users\Simon\Downloads\FRST.exe
2013-09-03 12:23 - 2013-09-03 12:12 - 00000524 _____ C:\Users\Simon\Downloads\defogger_disable.log
2013-09-03 12:13 - 2012-01-31 21:39 - 00000000 ____D C:\Users\Bettina\Documents\Outlook-Dateien
2013-09-03 12:12 - 2013-09-03 12:12 - 00000020 _____ C:\Users\Simon\defogger_reenable
2013-09-03 12:12 - 2012-01-21 15:55 - 00000000 ____D C:\Users\Simon
2013-09-03 12:11 - 2013-09-03 12:11 - 00050477 _____ C:\Users\Simon\Downloads\Defogger.exe
2013-09-03 11:14 - 2013-06-19 22:44 - 00000000 ____D C:\ProgramData\Desura
2013-09-03 11:05 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-09-03 07:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-03 07:27 - 2012-06-22 22:00 - 00000000 ____D C:\Users\Bettina\AppData\Roaming\Skype
2013-09-03 03:01 - 2013-09-03 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{FFFFF9EE-B7A6-4A1B-B3EE-5193FDC55763}
2013-09-03 03:01 - 2012-03-05 19:30 - 00000000 ____D C:\ProgramData\Skype
2013-09-02 19:04 - 2013-06-27 19:08 - 00000000 ____D C:\Users\Bettina\AppData\Local\LogMeIn Hamachi
2013-09-02 19:01 - 2012-05-11 11:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-02 18:56 - 2012-03-05 19:30 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Skype
2013-09-02 16:13 - 2013-07-01 00:29 - 00000000 ____D C:\Users\Lukas\AppData\Local\LogMeIn Hamachi
2013-09-02 16:12 - 2012-01-21 15:56 - 00000000 ____D C:\Users\Simon\AppData\Local\VirtualStore
2013-09-02 16:06 - 2012-05-23 21:33 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Spotify
2013-09-02 03:01 - 2013-09-02 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{5F84A793-D88B-4C8F-885D-EDB5A235633E}
2013-09-01 16:26 - 2012-01-21 16:26 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-09-01 03:01 - 2013-09-01 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{7A792347-1143-4BD3-9681-C9A9CE50A7DF}
2013-08-31 03:01 - 2013-08-31 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{421DD7FF-034C-4C2B-B3CE-F2C4C0B6A75A}
2013-08-30 14:46 - 2013-08-30 14:44 - 00001031 _____ C:\Users\Public\Desktop\MozBackup.lnk
2013-08-30 14:45 - 2013-08-30 14:45 - 00003150 _____ C:\Windows\System32\Tasks\{D19F593B-D7EA-49EC-8895-03ABF4C105A7}
2013-08-30 14:44 - 2013-08-30 14:44 - 00000000 ____D C:\Program Files (x86)\MozBackup
2013-08-30 14:43 - 2013-08-30 14:43 - 01035926 _____ C:\Users\Simon\Downloads\MozBackup-1.5.1-EN.exe
2013-08-30 11:33 - 2011-03-11 11:20 - 00654602 _____ C:\Windows\system32\perfh007.dat
2013-08-30 11:33 - 2011-03-11 11:20 - 00130216 _____ C:\Windows\system32\perfc007.dat
2013-08-30 11:33 - 2009-07-14 07:13 - 01500294 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-30 03:01 - 2013-08-30 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{43B6587A-E6D9-4087-B8B5-F9787DB4D7A3}
2013-08-29 03:01 - 2013-08-29 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{8A20852E-1EBD-4EA2-B1AE-A33E2801A05E}
2013-08-28 03:02 - 2013-08-28 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{0F843024-D16E-4EA5-AA93-B543105B8192}
2013-08-28 03:02 - 2012-01-22 13:03 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-27 17:09 - 2013-08-27 16:50 - 00000000 ____D C:\Users\Simon\Desktop\Schoren Rockt _ Export
2013-08-27 08:42 - 2012-03-12 16:21 - 00000000 ___RD C:\Users\Lukas\Dropbox
2013-08-27 08:42 - 2012-03-12 16:19 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Dropbox
2013-08-27 03:01 - 2013-08-27 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{ECA4DBF8-E442-45F0-B0D9-8643BBDE9405}
2013-08-26 03:01 - 2013-08-26 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{C1AD0292-2523-4631-884F-8AAB684AF4FE}
2013-08-25 03:01 - 2013-08-25 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{A3534C9D-A957-4200-B4D6-C5F99B763D1A}
2013-08-24 03:01 - 2013-08-24 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{D412DD72-A04E-4F0A-B0AD-6A10E8FE6DAC}
2013-08-23 21:48 - 2012-05-27 18:30 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Skype
2013-08-23 21:48 - 2012-01-31 19:48 - 00000000 ____D C:\Users\Simon\AppData\Roaming\DAEMON Tools Lite
2013-08-23 21:48 - 2012-01-26 17:01 - 00000000 ____D C:\Users\Simon\AppData\Local\CrashDumps
2013-08-23 21:48 - 2011-03-14 16:03 - 00000000 ____D C:\Windows\Panther
2013-08-23 21:46 - 2013-08-23 21:46 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-08-23 21:46 - 2013-08-23 21:46 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-08-23 21:46 - 2013-08-23 21:46 - 00000000 ____D C:\Program Files\CCleaner
2013-08-23 21:44 - 2013-08-23 21:44 - 04429440 _____ (Piriform Ltd) C:\Users\Simon\Downloads\ccsetup404.exe
2013-08-23 16:46 - 2013-08-18 20:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-23 03:01 - 2013-08-23 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{1F447426-9FB0-43CA-82EB-AF5AF10C0FF4}
2013-08-22 03:01 - 2013-08-22 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{EE4EBC68-1CF9-4FEA-BF93-FA247AFA37E4}
2013-08-21 09:01 - 2012-04-22 13:57 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-21 09:01 - 2012-04-22 13:57 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-21 09:01 - 2011-08-22 19:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-21 03:01 - 2013-08-21 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{DFB004DD-9CF3-4ACE-A645-D3C2853B9331}
2013-08-20 03:01 - 2013-08-20 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{65BDBA74-A190-4D7C-8A3F-B3C22A2BD9E7}
2013-08-19 05:38 - 2013-08-19 05:38 - 04653528 _____ (Systweak Inc ) C:\Users\Bettina\Downloads\rcpsetupmarm1_marm10at.exe
2013-08-19 03:01 - 2013-08-19 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{BBA4889A-1EA9-4CC2-8887-38E0546EC706}
2013-08-18 07:00 - 2013-08-18 07:00 - 04653592 _____ (Systweak Inc ) C:\Users\Bettina\Downloads\rcpsetupdsnr_ds203911984.exe
2013-08-18 03:01 - 2013-08-18 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{AB624956-ED4A-4731-8E72-172FDEE3AEA0}
2013-08-17 12:21 - 2011-08-22 18:03 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-17 12:18 - 2013-08-17 12:00 - 00303616 _____ C:\Windows\system32\Drivers\atksgt.sys
2013-08-17 12:18 - 2013-08-17 12:00 - 00035328 _____ C:\Windows\system32\Drivers\lirsgt.sys
2013-08-16 14:32 - 2013-08-16 12:02 - 00000000 ____D C:\Users\Simon\Documents\Stronghold 2
2013-08-16 12:01 - 2013-08-16 12:01 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll
2013-08-16 12:01 - 2013-08-16 12:01 - 00002158 _____ C:\Users\Public\Desktop\Stronghold 2 spielen.lnk
2013-08-16 12:01 - 2012-02-08 11:09 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-08-16 11:53 - 2013-08-16 11:53 - 00000000 ____D C:\Program Files (x86)\Firefly Studios
2013-08-16 11:44 - 2013-08-16 11:44 - 00003744 _____ C:\Windows\System32\Tasks\Updater36928.exe
2013-08-16 11:44 - 2013-08-16 11:44 - 00000000 ____D C:\Users\Simon\AppData\Local\Updater36928
2013-08-16 11:44 - 2013-08-16 11:44 - 00000000 ____D C:\Users\Simon\AppData\Local\hosts2
2013-08-16 11:44 - 2013-08-16 11:44 - 00000000 ____D C:\Program Files (x86)\hosts2
2013-08-16 11:43 - 2013-08-16 11:42 - 00000000 ____D C:\ProgramData\InstallMate
2013-08-16 11:41 - 2013-08-16 11:41 - 00893000 _____ (PrivitizeVPN) C:\Users\Simon\Downloads\Stronghold_Crusader_+_Extreme_[Full]_[Rus]_secure.exe
2013-08-15 04:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-15 03:05 - 2013-08-15 03:02 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 03:02 - 2011-03-14 16:08 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-14 02:48 - 2013-08-14 02:48 - 00003088 _____ C:\Windows\System32\Tasks\{D90E508C-A0B6-4CA1-A662-279347FE177B}
2013-08-13 23:43 - 2012-02-16 18:47 - 00000000 ____D C:\Users\Lukas
2013-08-13 21:23 - 2012-07-02 14:39 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Spotify
2013-08-13 17:31 - 2013-08-13 16:43 - 00000000 ____D C:\Users\Simon\Documents\Erinnerungen
2013-08-13 17:08 - 2012-07-02 14:40 - 00000000 ____D C:\Users\Simon\AppData\Local\Spotify
2013-08-13 03:01 - 2013-08-13 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{4D7B9514-74C6-4EC9-8303-A7900830BD6D}
2013-08-12 03:01 - 2013-08-12 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{AA824801-D690-4400-90E5-19D01FEB4AAE}
2013-08-11 03:01 - 2013-08-11 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{CAD80B25-5887-4B73-B574-A95FD7E17A1D}
2013-08-10 03:00 - 2013-08-10 03:00 - 00003088 _____ C:\Windows\System32\Tasks\{03C8523B-7B1D-4E85-BD49-B8CB3F299259}
2013-08-09 03:01 - 2013-08-09 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{D1193F02-41DB-438E-A5EE-B662E9957D19}
2013-08-08 21:54 - 2013-08-08 21:54 - 00000000 ____D C:\Users\Bettina\Documents\Symantec
2013-08-08 21:45 - 2013-08-08 21:45 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360
2013-08-08 21:44 - 2012-01-21 16:10 - 00000000 ____D C:\ProgramData\Norton
2013-08-08 21:42 - 2012-01-21 16:12 - 00000000 ____D C:\Windows\system32\Drivers\N360x64
2013-08-08 21:41 - 2013-08-08 21:41 - 00003238 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-08-08 21:41 - 2013-08-08 21:41 - 00002499 _____ C:\Users\Public\Desktop\Norton 360.lnk
2013-08-08 21:38 - 2012-01-21 16:12 - 00177312 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2013-08-08 21:38 - 2012-01-21 16:12 - 00007631 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2013-08-08 20:41 - 2013-08-04 00:17 - 00000000 ____D C:\Users\TEMP.Familien-PC.002
2013-08-08 03:01 - 2013-08-08 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{E9D5F6B5-31E5-4786-B268-5CA5AB24AB60}
2013-08-07 03:02 - 2013-08-07 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{5A472158-1E26-480E-94A1-6AFF158BE0BD}
2013-08-06 03:02 - 2013-08-06 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{8A1A15BC-3657-4E8E-A947-C38195D6A697}
2013-08-05 03:02 - 2013-08-05 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{33A066C9-0FA2-42D0-AF5E-901A7A87DB72}
2013-08-04 03:02 - 2013-08-04 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{6CD64D40-D526-4957-B6F6-4BD8101DADCA}
Files to move or delete:
====================
C:\Users\Simon\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-01 00:02
==================== End Of Log ============================
--- --- --- |
|
03.09.2013, 15:54
| #8 |
| /// TB-Ausbilder | Bei Browsernutzung lande ich ständig auf Werbeseiten und auf http://s.mgkaxjfwfc.com/s73bc5wskpmgwwcowokg0w0os4 Hallo, kein Problem, ich renne hier nicht davon..  Besteht das Problem nach diesem Fix immer noch oder ist es danach verschwunden (wir wären aber noch nicht fertig!)? Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter AppInit_DLLs-x32: c:\progra~2\magnipic\assist~1.dll [127040 2012-05-17] ()
SearchScopes: HKCU - {ACCC5665-D59E-4F8C-B4B6-2746D78248EE} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10262&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGT&apn_dtid=^YYYYYY^YY^CH&apn_uid=725e1590-40e4-4983-94ad-4328f96510df&apn_sauid=0987758F-4850-4FCC-BF1D-E35B116969DF
FF Extension: MaaaGuniPic - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\uj5u7i@ybeue.co.uk
FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\crossriderapp5060@crossrider.com
CHR Extension: (MaaaGuniPic) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdolmdlcfpdlpffoeckdfidkbdgcajbk\1.5
CHR Extension: (hosts2) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nijjeomamgmmmefdpnkebbikhfbgagfl\1.23.6_0
2013-08-16 11:44 - 2013-08-16 11:44 - 00003744 _____ C:\Windows\System32\Tasks\Updater36928.exe
2013-08-16 11:44 - 2013-08-16 11:44 - 00000000 ____D C:\Users\Simon\AppData\Local\Updater36928
2013-08-16 11:44 - 2013-08-16 11:44 - 00000000 ____D C:\Users\Simon\AppData\Local\hosts2
2013-08-16 11:44 - 2013-08-16 11:44 - 00000000 ____D C:\Program Files (x86)\hosts2
2013-08-16 11:42 - 2013-08-16 11:43 - 00000000 ____D C:\ProgramData\InstallMate
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ cheers, Leo |
|
03.09.2013, 15:55
| #9 |
| | Bei Browsernutzung lande ich ständig auf Werbeseiten und auf http://s.mgkaxjfwfc.com/s73bc5wskpmgwwcowokg0w0os4 Ich möcht noch erwähnen, dass bei mir immer wider folgende Warnung eintrifft und wenn ich die dann öffne bei Norton folgendes Bild erscheint (könnt vielleicht auch noch nützlich sein!)  LG |
|
03.09.2013, 15:56
| #10 |
| /// TB-Ausbilder | Bei Browsernutzung lande ich ständig auf Werbeseiten und auf http://s.mgkaxjfwfc.com/s73bc5wskpmgwwcowokg0w0os4 Dieses bild ist viel zu klein, dass ich etwas darauf erkennen könnte. Der nächste Schritt steht bereits in meinem vorherigen Post (damit du es nicht übersiehst).
__________________ cheers, Leo |
|
03.09.2013, 16:13
| #11 |
| | Bei Browsernutzung lande ich ständig auf Werbeseiten und auf http://s.mgkaxjfwfc.com/s73bc5wskpmgwwcowokg0w0os4 Ups sorry.. : nochmal - Pic-Upload.de - Eindringungsversuch---WebAttack.png Pic-Upload.de - Eindringungsversuch---WebAttack.png Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2013 01 Ran by Simon at 2013-09-03 17:10:05 Run:1 Running from C:\Users\Simon\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** AppInit_DLLs-x32: c:\progra~2\magnipic\assist~1.dll [127040 2012-05-17] () SearchScopes: HKCU - {ACCC5665-D59E-4F8C-B4B6-2746D78248EE} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10262&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGT&apn_dtid=^YYYYYY^YY^CH&apn_uid=725e1590-40e4-4983-94ad-4328f96510df&apn_sauid=0987758F-4850-4FCC-BF1D-E35B116969DF FF Extension: MaaaGuniPic - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\uj5u7i@ybeue.co.uk FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\crossriderapp5060@crossrider.com CHR Extension: (MaaaGuniPic) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdolmdlcfpdlpffoeckdfidkbdgcajbk\1.5 CHR Extension: (hosts2) - C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nijjeomamgmmmefdpnkebbikhfbgagfl\1.23.6_0 2013-08-16 11:44 - 2013-08-16 11:44 - 00003744 _____ C:\Windows\System32\Tasks\Updater36928.exe 2013-08-16 11:44 - 2013-08-16 11:44 - 00000000 ____D C:\Users\Simon\AppData\Local\Updater36928 2013-08-16 11:44 - 2013-08-16 11:44 - 00000000 ____D C:\Users\Simon\AppData\Local\hosts2 2013-08-16 11:44 - 2013-08-16 11:44 - 00000000 ____D C:\Program Files (x86)\hosts2 2013-08-16 11:42 - 2013-08-16 11:43 - 00000000 ____D C:\ProgramData\InstallMate ***************** HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ACCC5665-D59E-4F8C-B4B6-2746D78248EE} => Key deleted successfully. HKCR\CLSID\{ACCC5665-D59E-4F8C-B4B6-2746D78248EE} => Key not found. C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\uj5u7i@ybeue.co.uk => Moved successfully. C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\crossriderapp5060@crossrider.com => Moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdolmdlcfpdlpffoeckdfidkbdgcajbk => Moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nijjeomamgmmmefdpnkebbikhfbgagfl => Moved successfully. C:\Windows\System32\Tasks\Updater36928.exe => Moved successfully. C:\Users\Simon\AppData\Local\Updater36928 => Moved successfully. C:\Users\Simon\AppData\Local\hosts2 => Moved successfully. C:\Program Files (x86)\hosts2 => Moved successfully. C:\ProgramData\InstallMate => Moved successfully. ==== End of Fixlog ==== Ich muss sagen, mir kommt das Internet jetzt schneller vor als zuvor, jedoch erscheinen immer noch Werbungen beim Klicken oder generell wenn ich neue Seiten öffne (Youtube bsp.) hm... |
|
03.09.2013, 16:14
| #12 |
| /// TB-Ausbilder | Bei Browsernutzung lande ich ständig auf Werbeseiten und auf http://s.mgkaxjfwfc.com/s73bc5wskpmgwwcowokg0w0os4 Ok, dann: Starte noch einmal FRST.
__________________ cheers, Leo |
|
03.09.2013, 16:16
| #13 |
| | Bei Browsernutzung lande ich ständig auf Werbeseiten und auf http://s.mgkaxjfwfc.com/s73bc5wskpmgwwcowokg0w0os4FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2013 01
Ran by Simon (administrator) on FAMILIEN-PC on 03-09-2013 17:15:39
Running from C:\Users\Simon\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
() C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
() C:\Program Files (x86)\watchmi\TvdTray.exe
(Dropbox, Inc.) C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [MedionReminder] - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [MedionReminder] - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe /DeleteRunKey [443688 2011-05-26] (CyberLink)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1811880 2013-08-28] (Valve Corporation)
HKCU\...\Run: [Desura] - C:\Program Files (x86)\Desura\desura.exe -autostart [x]
MountPoints2: {20b3ec40-1977-11e2-9546-8c89a596b6dd} - G:\LaunchU3.exe -a
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Guard.Mail.ru.gui] - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-05-17] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKU\Bettina\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3478336 2012-01-24] (DT Soft Ltd)
HKU\Bettina\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [17146504 2012-02-15] (Skype Technologies S.A.)
HKU\Bettina\...\Run: [ICQ] - C:\Program Files (x86)\ICQ7M\ICQ.exe [127040 2012-05-17] (ICQ, LLC.)
HKU\Bettina\...\Run: [Spotify] - C:\Users\Simon\AppData\Roaming\Spotify\Spotify.exe [4640768 2013-07-19] (Spotify Ltd)
HKU\Bettina\...\Run: [Spotify Web Helper] - C:\Users\Simon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-19] (Spotify Ltd)
HKU\Lukas\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [17146504 2012-02-15] (Skype Technologies S.A.)
HKU\Lukas\...\Run: [Spotify] - C:\Users\Lukas\AppData\Roaming\Spotify\spotify.exe [7880664 2012-11-08] (Spotify Ltd)
HKU\Lukas\...\Run: [Spotify Web Helper] - C:\Users\Lukas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2012-11-08] (Spotify Ltd)
HKU\Lukas\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3478336 2012-01-24] (DT Soft Ltd)
HKU\Lukas\...\Run: [ICQ] - C:\Program Files (x86)\ICQ7M\ICQ.exe [127040 2012-05-17] (ICQ, LLC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WN111v2 Setup-Assistent.lnk
ShortcutTarget: NETGEAR WN111v2 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe (NETGEAR)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\watchmi tray.lnk
ShortcutTarget: watchmi tray.lnk -> C:\Windows\Installer\{409DC300-28AF-468F-9624-1F3309701881}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe (Acresso Software Inc.)
Startup: C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Users\Simon\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe (No File)
Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: 184.73.223.40 session.minecraft.net
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Google
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.at/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\75ffaaa6-513e-452f-b3ef-a355babbf0bd@69687691-91ac-4021-9ac9-b8f93a6c6a10.com
FF Extension: GMX MailCheck - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\toolbar@gmx.net
FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\coFFPlgn\
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\Exts\Chrome.crx
==================== Services (Whitelisted) =================
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-05-17] ()
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe [942080 2008-02-29] (Atheros Communications, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
S4 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2401632 2012-11-29] (TuneUp Software)
S4 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2011-10-07] ()
==================== Drivers (Whitelisted) ====================
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2013-08-17] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-20] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-20] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-27] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\IPSDefs\20130902.001\IDSvia64.sys [520280 2013-08-21] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\IPSDefs\20130902.001\IDSvia64.sys [520280 2013-08-21] (Symantec Corporation)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2013-08-17] ()
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs\20130903.001\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs\20130903.001\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs\20130903.001\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs\20130903.001\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)
S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
R3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564792 2012-01-31] (Duplex Secure Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-08-08] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
R3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [783360 2010-04-27] (Atheros Communications, Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-03 17:07 - 2013-09-03 17:07 - 00001381 _____ C:\Users\Simon\Desktop\Fixlist.txt
2013-09-03 15:59 - 2013-09-03 15:59 - 00527496 _____ C:\Windows\Minidump\090313-59467-01.dmp
2013-09-03 15:59 - 2013-09-03 15:59 - 00000334 _____ C:\Windows\PFRO.log
2013-09-03 15:59 - 2013-09-03 15:59 - 00000056 _____ C:\Windows\setupact.log
2013-09-03 15:59 - 2013-09-03 15:59 - 00000000 ____D C:\Windows\Minidump
2013-09-03 15:59 - 2013-09-03 15:59 - 00000000 _____ C:\Windows\setuperr.log
2013-09-03 15:44 - 2013-09-03 15:47 - 00000000 ____D C:\AdwCleaner
2013-09-03 15:44 - 2013-09-03 15:44 - 01037134 _____ C:\Users\Simon\Downloads\adwcleaner.exe
2013-09-03 15:13 - 2013-09-03 15:13 - 00024411 _____ C:\Users\Simon\Desktop\defogger_disable.lnk
2013-09-03 15:09 - 2013-09-03 15:09 - 00076463 _____ C:\Users\Simon\Desktop\Gmer.txt
2013-09-03 14:40 - 2013-09-03 14:40 - 00377856 _____ C:\Users\Simon\Downloads\gmer_2.1.19163.exe
2013-09-03 12:28 - 2013-09-03 12:29 - 00050641 _____ C:\Users\Simon\Desktop\FRST.txt
2013-09-03 12:28 - 2013-09-03 12:28 - 00129271 _____ C:\Users\Simon\Desktop\Addition.txt
2013-09-03 12:26 - 2013-09-03 12:26 - 00000000 ____D C:\FRST
2013-09-03 12:25 - 2013-09-03 12:26 - 01950474 _____ (Farbar) C:\Users\Simon\Downloads\FRST64.exe
2013-09-03 12:24 - 2013-09-03 12:24 - 01084685 _____ (Farbar) C:\Users\Simon\Downloads\FRST.exe
2013-09-03 12:12 - 2013-09-03 12:23 - 00000524 _____ C:\Users\Simon\Downloads\defogger_disable.log
2013-09-03 12:12 - 2013-09-03 12:12 - 00000020 _____ C:\Users\Simon\defogger_reenable
2013-09-03 12:11 - 2013-09-03 12:11 - 00050477 _____ C:\Users\Simon\Downloads\Defogger.exe
2013-09-03 03:01 - 2013-09-03 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{FFFFF9EE-B7A6-4A1B-B3EE-5193FDC55763}
2013-09-02 03:01 - 2013-09-02 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{5F84A793-D88B-4C8F-885D-EDB5A235633E}
2013-09-01 03:01 - 2013-09-01 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{7A792347-1143-4BD3-9681-C9A9CE50A7DF}
2013-08-31 03:01 - 2013-08-31 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{421DD7FF-034C-4C2B-B3CE-F2C4C0B6A75A}
2013-08-30 14:45 - 2013-08-30 14:45 - 00003150 _____ C:\Windows\System32\Tasks\{D19F593B-D7EA-49EC-8895-03ABF4C105A7}
2013-08-30 14:44 - 2013-08-30 14:46 - 00001031 _____ C:\Users\Public\Desktop\MozBackup.lnk
2013-08-30 14:44 - 2013-08-30 14:44 - 00000000 ____D C:\Program Files (x86)\MozBackup
2013-08-30 14:43 - 2013-08-30 14:43 - 01035926 _____ C:\Users\Simon\Downloads\MozBackup-1.5.1-EN.exe
2013-08-30 03:01 - 2013-08-30 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{43B6587A-E6D9-4087-B8B5-F9787DB4D7A3}
2013-08-29 03:01 - 2013-08-29 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{8A20852E-1EBD-4EA2-B1AE-A33E2801A05E}
2013-08-28 03:02 - 2013-08-28 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{0F843024-D16E-4EA5-AA93-B543105B8192}
2013-08-27 16:50 - 2013-08-27 17:09 - 00000000 ____D C:\Users\Simon\Desktop\Schoren Rockt _ Export
2013-08-27 03:01 - 2013-08-27 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{ECA4DBF8-E442-45F0-B0D9-8643BBDE9405}
2013-08-26 03:01 - 2013-08-26 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{C1AD0292-2523-4631-884F-8AAB684AF4FE}
2013-08-25 03:01 - 2013-08-25 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{A3534C9D-A957-4200-B4D6-C5F99B763D1A}
2013-08-24 03:01 - 2013-08-24 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{D412DD72-A04E-4F0A-B0AD-6A10E8FE6DAC}
2013-08-23 21:46 - 2013-08-23 21:46 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-08-23 21:46 - 2013-08-23 21:46 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-08-23 21:46 - 2013-08-23 21:46 - 00000000 ____D C:\Program Files\CCleaner
2013-08-23 21:44 - 2013-08-23 21:44 - 04429440 _____ (Piriform Ltd) C:\Users\Simon\Downloads\ccsetup404.exe
2013-08-23 03:01 - 2013-08-23 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{1F447426-9FB0-43CA-82EB-AF5AF10C0FF4}
2013-08-22 03:01 - 2013-08-22 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{EE4EBC68-1CF9-4FEA-BF93-FA247AFA37E4}
2013-08-21 03:01 - 2013-08-21 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{DFB004DD-9CF3-4ACE-A645-D3C2853B9331}
2013-08-20 03:01 - 2013-08-20 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{65BDBA74-A190-4D7C-8A3F-B3C22A2BD9E7}
2013-08-19 05:38 - 2013-08-19 05:38 - 04653528 _____ (Systweak Inc ) C:\Users\Bettina\Downloads\rcpsetupmarm1_marm10at.exe
2013-08-19 03:01 - 2013-08-19 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{BBA4889A-1EA9-4CC2-8887-38E0546EC706}
2013-08-18 20:12 - 2013-08-23 16:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-18 07:00 - 2013-08-18 07:00 - 04653592 _____ (Systweak Inc ) C:\Users\Bettina\Downloads\rcpsetupdsnr_ds203911984.exe
2013-08-18 03:01 - 2013-08-18 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{AB624956-ED4A-4731-8E72-172FDEE3AEA0}
2013-08-17 12:00 - 2013-08-17 12:18 - 00303616 _____ C:\Windows\system32\Drivers\atksgt.sys
2013-08-17 12:00 - 2013-08-17 12:18 - 00035328 _____ C:\Windows\system32\Drivers\lirsgt.sys
2013-08-16 12:02 - 2013-08-16 14:32 - 00000000 ____D C:\Users\Simon\Documents\Stronghold 2
2013-08-16 12:01 - 2013-08-16 12:01 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll
2013-08-16 12:01 - 2013-08-16 12:01 - 00002158 _____ C:\Users\Public\Desktop\Stronghold 2 spielen.lnk
2013-08-16 11:53 - 2013-08-16 11:53 - 00000000 ____D C:\Program Files (x86)\Firefly Studios
2013-08-16 11:41 - 2013-08-16 11:41 - 00893000 _____ (PrivitizeVPN) C:\Users\Simon\Downloads\Stronghold_Crusader_+_Extreme_[Full]_[Rus]_secure.exe
2013-08-15 03:17 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 03:17 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 03:17 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 03:17 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 03:17 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 03:17 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 03:17 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 03:17 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 03:17 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 03:17 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 03:17 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 03:17 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 03:17 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 03:17 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 03:02 - 2013-08-15 03:05 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 20:49 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 20:49 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 20:49 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 20:49 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 20:49 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 20:49 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 20:49 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 20:49 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 20:49 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 20:49 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 20:49 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 20:49 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 20:49 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 20:49 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 20:49 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 20:49 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 20:49 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 20:49 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 20:49 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 20:49 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 20:49 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 20:48 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 20:48 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 20:48 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 20:48 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 20:48 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 20:48 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 02:48 - 2013-08-14 02:48 - 00003088 _____ C:\Windows\System32\Tasks\{D90E508C-A0B6-4CA1-A662-279347FE177B}
2013-08-13 16:43 - 2013-08-13 17:31 - 00000000 ____D C:\Users\Simon\Documents\Erinnerungen
2013-08-13 03:01 - 2013-08-13 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{4D7B9514-74C6-4EC9-8303-A7900830BD6D}
2013-08-12 03:01 - 2013-08-12 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{AA824801-D690-4400-90E5-19D01FEB4AAE}
2013-08-11 03:01 - 2013-08-11 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{CAD80B25-5887-4B73-B574-A95FD7E17A1D}
2013-08-10 03:00 - 2013-08-10 03:00 - 00003088 _____ C:\Windows\System32\Tasks\{03C8523B-7B1D-4E85-BD49-B8CB3F299259}
2013-08-09 03:01 - 2013-08-09 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{D1193F02-41DB-438E-A5EE-B662E9957D19}
2013-08-08 21:54 - 2013-08-08 21:54 - 00000000 ____D C:\Users\Bettina\Documents\Symantec
2013-08-08 21:45 - 2013-08-08 21:45 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360
2013-08-08 21:41 - 2013-08-08 21:41 - 00003238 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-08-08 21:41 - 2013-08-08 21:41 - 00002499 _____ C:\Users\Public\Desktop\Norton 360.lnk
2013-08-08 03:01 - 2013-08-08 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{E9D5F6B5-31E5-4786-B268-5CA5AB24AB60}
2013-08-07 03:02 - 2013-08-07 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{5A472158-1E26-480E-94A1-6AFF158BE0BD}
2013-08-06 03:02 - 2013-08-06 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{8A1A15BC-3657-4E8E-A947-C38195D6A697}
2013-08-05 03:02 - 2013-08-05 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{33A066C9-0FA2-42D0-AF5E-901A7A87DB72}
2013-08-04 03:02 - 2013-08-04 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{6CD64D40-D526-4957-B6F6-4BD8101DADCA}
2013-08-04 00:17 - 2013-08-08 20:41 - 00000000 ____D C:\Users\TEMP.Familien-PC.002
==================== One Month Modified Files and Folders =======
2013-09-03 17:07 - 2013-09-03 17:07 - 00001381 _____ C:\Users\Simon\Desktop\Fixlist.txt
2013-09-03 17:01 - 2012-04-22 13:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-03 16:41 - 2013-06-19 22:36 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-03 16:40 - 2013-06-19 21:28 - 00000000 ____D C:\Users\Simon\AppData\Local\LogMeIn Hamachi
2013-09-03 16:40 - 2012-04-22 13:57 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-03 16:40 - 2012-01-28 18:16 - 00000000 ___RD C:\Users\Simon\Dropbox
2013-09-03 16:40 - 2012-01-28 18:15 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Dropbox
2013-09-03 16:37 - 2012-04-22 13:57 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-03 16:07 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-03 16:07 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-03 16:04 - 2012-01-21 15:50 - 01966001 _____ C:\Windows\WindowsUpdate.log
2013-09-03 16:00 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-03 15:59 - 2013-09-03 15:59 - 00527496 _____ C:\Windows\Minidump\090313-59467-01.dmp
2013-09-03 15:59 - 2013-09-03 15:59 - 00000334 _____ C:\Windows\PFRO.log
2013-09-03 15:59 - 2013-09-03 15:59 - 00000056 _____ C:\Windows\setupact.log
2013-09-03 15:59 - 2013-09-03 15:59 - 00000000 ____D C:\Windows\Minidump
2013-09-03 15:59 - 2013-09-03 15:59 - 00000000 _____ C:\Windows\setuperr.log
2013-09-03 15:47 - 2013-09-03 15:44 - 00000000 ____D C:\AdwCleaner
2013-09-03 15:44 - 2013-09-03 15:44 - 01037134 _____ C:\Users\Simon\Downloads\adwcleaner.exe
2013-09-03 15:37 - 2013-02-04 15:37 - 00000000 ____D C:\ProgramData\Avira
2013-09-03 15:13 - 2013-09-03 15:13 - 00024411 _____ C:\Users\Simon\Desktop\defogger_disable.lnk
2013-09-03 15:09 - 2013-09-03 15:09 - 00076463 _____ C:\Users\Simon\Desktop\Gmer.txt
2013-09-03 14:40 - 2013-09-03 14:40 - 00377856 _____ C:\Users\Simon\Downloads\gmer_2.1.19163.exe
2013-09-03 12:29 - 2013-09-03 12:28 - 00050641 _____ C:\Users\Simon\Desktop\FRST.txt
2013-09-03 12:28 - 2013-09-03 12:28 - 00129271 _____ C:\Users\Simon\Desktop\Addition.txt
2013-09-03 12:26 - 2013-09-03 12:26 - 00000000 ____D C:\FRST
2013-09-03 12:26 - 2013-09-03 12:25 - 01950474 _____ (Farbar) C:\Users\Simon\Downloads\FRST64.exe
2013-09-03 12:24 - 2013-09-03 12:24 - 01084685 _____ (Farbar) C:\Users\Simon\Downloads\FRST.exe
2013-09-03 12:23 - 2013-09-03 12:12 - 00000524 _____ C:\Users\Simon\Downloads\defogger_disable.log
2013-09-03 12:13 - 2012-01-31 21:39 - 00000000 ____D C:\Users\Bettina\Documents\Outlook-Dateien
2013-09-03 12:12 - 2013-09-03 12:12 - 00000020 _____ C:\Users\Simon\defogger_reenable
2013-09-03 12:12 - 2012-01-21 15:55 - 00000000 ____D C:\Users\Simon
2013-09-03 12:11 - 2013-09-03 12:11 - 00050477 _____ C:\Users\Simon\Downloads\Defogger.exe
2013-09-03 11:14 - 2013-06-19 22:44 - 00000000 ____D C:\ProgramData\Desura
2013-09-03 11:05 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-09-03 07:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-03 07:27 - 2012-06-22 22:00 - 00000000 ____D C:\Users\Bettina\AppData\Roaming\Skype
2013-09-03 03:01 - 2013-09-03 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{FFFFF9EE-B7A6-4A1B-B3EE-5193FDC55763}
2013-09-03 03:01 - 2012-03-05 19:30 - 00000000 ____D C:\ProgramData\Skype
2013-09-02 19:04 - 2013-06-27 19:08 - 00000000 ____D C:\Users\Bettina\AppData\Local\LogMeIn Hamachi
2013-09-02 19:01 - 2012-05-11 11:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-02 18:56 - 2012-03-05 19:30 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Skype
2013-09-02 16:13 - 2013-07-01 00:29 - 00000000 ____D C:\Users\Lukas\AppData\Local\LogMeIn Hamachi
2013-09-02 16:12 - 2012-01-21 15:56 - 00000000 ____D C:\Users\Simon\AppData\Local\VirtualStore
2013-09-02 16:06 - 2012-05-23 21:33 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Spotify
2013-09-02 03:01 - 2013-09-02 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{5F84A793-D88B-4C8F-885D-EDB5A235633E}
2013-09-01 16:26 - 2012-01-21 16:26 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-09-01 03:01 - 2013-09-01 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{7A792347-1143-4BD3-9681-C9A9CE50A7DF}
2013-08-31 03:01 - 2013-08-31 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{421DD7FF-034C-4C2B-B3CE-F2C4C0B6A75A}
2013-08-30 14:46 - 2013-08-30 14:44 - 00001031 _____ C:\Users\Public\Desktop\MozBackup.lnk
2013-08-30 14:45 - 2013-08-30 14:45 - 00003150 _____ C:\Windows\System32\Tasks\{D19F593B-D7EA-49EC-8895-03ABF4C105A7}
2013-08-30 14:44 - 2013-08-30 14:44 - 00000000 ____D C:\Program Files (x86)\MozBackup
2013-08-30 14:43 - 2013-08-30 14:43 - 01035926 _____ C:\Users\Simon\Downloads\MozBackup-1.5.1-EN.exe
2013-08-30 11:33 - 2011-03-11 11:20 - 00654602 _____ C:\Windows\system32\perfh007.dat
2013-08-30 11:33 - 2011-03-11 11:20 - 00130216 _____ C:\Windows\system32\perfc007.dat
2013-08-30 11:33 - 2009-07-14 07:13 - 01500294 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-30 03:01 - 2013-08-30 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{43B6587A-E6D9-4087-B8B5-F9787DB4D7A3}
2013-08-29 03:01 - 2013-08-29 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{8A20852E-1EBD-4EA2-B1AE-A33E2801A05E}
2013-08-28 03:02 - 2013-08-28 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{0F843024-D16E-4EA5-AA93-B543105B8192}
2013-08-28 03:02 - 2012-01-22 13:03 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-27 17:09 - 2013-08-27 16:50 - 00000000 ____D C:\Users\Simon\Desktop\Schoren Rockt _ Export
2013-08-27 08:42 - 2012-03-12 16:21 - 00000000 ___RD C:\Users\Lukas\Dropbox
2013-08-27 08:42 - 2012-03-12 16:19 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Dropbox
2013-08-27 03:01 - 2013-08-27 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{ECA4DBF8-E442-45F0-B0D9-8643BBDE9405}
2013-08-26 03:01 - 2013-08-26 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{C1AD0292-2523-4631-884F-8AAB684AF4FE}
2013-08-25 03:01 - 2013-08-25 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{A3534C9D-A957-4200-B4D6-C5F99B763D1A}
2013-08-24 03:01 - 2013-08-24 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{D412DD72-A04E-4F0A-B0AD-6A10E8FE6DAC}
2013-08-23 21:48 - 2012-05-27 18:30 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Skype
2013-08-23 21:48 - 2012-01-31 19:48 - 00000000 ____D C:\Users\Simon\AppData\Roaming\DAEMON Tools Lite
2013-08-23 21:48 - 2012-01-26 17:01 - 00000000 ____D C:\Users\Simon\AppData\Local\CrashDumps
2013-08-23 21:48 - 2011-03-14 16:03 - 00000000 ____D C:\Windows\Panther
2013-08-23 21:46 - 2013-08-23 21:46 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-08-23 21:46 - 2013-08-23 21:46 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-08-23 21:46 - 2013-08-23 21:46 - 00000000 ____D C:\Program Files\CCleaner
2013-08-23 21:44 - 2013-08-23 21:44 - 04429440 _____ (Piriform Ltd) C:\Users\Simon\Downloads\ccsetup404.exe
2013-08-23 16:46 - 2013-08-18 20:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-23 03:01 - 2013-08-23 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{1F447426-9FB0-43CA-82EB-AF5AF10C0FF4}
2013-08-22 03:01 - 2013-08-22 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{EE4EBC68-1CF9-4FEA-BF93-FA247AFA37E4}
2013-08-21 09:01 - 2012-04-22 13:57 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-21 09:01 - 2012-04-22 13:57 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-21 09:01 - 2011-08-22 19:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-21 03:01 - 2013-08-21 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{DFB004DD-9CF3-4ACE-A645-D3C2853B9331}
2013-08-20 03:01 - 2013-08-20 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{65BDBA74-A190-4D7C-8A3F-B3C22A2BD9E7}
2013-08-19 05:38 - 2013-08-19 05:38 - 04653528 _____ (Systweak Inc ) C:\Users\Bettina\Downloads\rcpsetupmarm1_marm10at.exe
2013-08-19 03:01 - 2013-08-19 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{BBA4889A-1EA9-4CC2-8887-38E0546EC706}
2013-08-18 07:00 - 2013-08-18 07:00 - 04653592 _____ (Systweak Inc ) C:\Users\Bettina\Downloads\rcpsetupdsnr_ds203911984.exe
2013-08-18 03:01 - 2013-08-18 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{AB624956-ED4A-4731-8E72-172FDEE3AEA0}
2013-08-17 12:21 - 2011-08-22 18:03 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-17 12:18 - 2013-08-17 12:00 - 00303616 _____ C:\Windows\system32\Drivers\atksgt.sys
2013-08-17 12:18 - 2013-08-17 12:00 - 00035328 _____ C:\Windows\system32\Drivers\lirsgt.sys
2013-08-16 14:32 - 2013-08-16 12:02 - 00000000 ____D C:\Users\Simon\Documents\Stronghold 2
2013-08-16 12:01 - 2013-08-16 12:01 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll
2013-08-16 12:01 - 2013-08-16 12:01 - 00002158 _____ C:\Users\Public\Desktop\Stronghold 2 spielen.lnk
2013-08-16 12:01 - 2012-02-08 11:09 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-08-16 11:53 - 2013-08-16 11:53 - 00000000 ____D C:\Program Files (x86)\Firefly Studios
2013-08-16 11:41 - 2013-08-16 11:41 - 00893000 _____ (PrivitizeVPN) C:\Users\Simon\Downloads\Stronghold_Crusader_+_Extreme_[Full]_[Rus]_secure.exe
2013-08-15 04:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-15 03:05 - 2013-08-15 03:02 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 03:02 - 2011-03-14 16:08 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-14 02:48 - 2013-08-14 02:48 - 00003088 _____ C:\Windows\System32\Tasks\{D90E508C-A0B6-4CA1-A662-279347FE177B}
2013-08-13 23:43 - 2012-02-16 18:47 - 00000000 ____D C:\Users\Lukas
2013-08-13 21:23 - 2012-07-02 14:39 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Spotify
2013-08-13 17:31 - 2013-08-13 16:43 - 00000000 ____D C:\Users\Simon\Documents\Erinnerungen
2013-08-13 17:08 - 2012-07-02 14:40 - 00000000 ____D C:\Users\Simon\AppData\Local\Spotify
2013-08-13 03:01 - 2013-08-13 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{4D7B9514-74C6-4EC9-8303-A7900830BD6D}
2013-08-12 03:01 - 2013-08-12 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{AA824801-D690-4400-90E5-19D01FEB4AAE}
2013-08-11 03:01 - 2013-08-11 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{CAD80B25-5887-4B73-B574-A95FD7E17A1D}
2013-08-10 03:00 - 2013-08-10 03:00 - 00003088 _____ C:\Windows\System32\Tasks\{03C8523B-7B1D-4E85-BD49-B8CB3F299259}
2013-08-09 03:01 - 2013-08-09 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{D1193F02-41DB-438E-A5EE-B662E9957D19}
2013-08-08 21:54 - 2013-08-08 21:54 - 00000000 ____D C:\Users\Bettina\Documents\Symantec
2013-08-08 21:45 - 2013-08-08 21:45 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360
2013-08-08 21:44 - 2012-01-21 16:10 - 00000000 ____D C:\ProgramData\Norton
2013-08-08 21:42 - 2012-01-21 16:12 - 00000000 ____D C:\Windows\system32\Drivers\N360x64
2013-08-08 21:41 - 2013-08-08 21:41 - 00003238 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-08-08 21:41 - 2013-08-08 21:41 - 00002499 _____ C:\Users\Public\Desktop\Norton 360.lnk
2013-08-08 21:38 - 2012-01-21 16:12 - 00177312 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2013-08-08 21:38 - 2012-01-21 16:12 - 00007631 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2013-08-08 20:41 - 2013-08-04 00:17 - 00000000 ____D C:\Users\TEMP.Familien-PC.002
2013-08-08 03:01 - 2013-08-08 03:01 - 00003088 _____ C:\Windows\System32\Tasks\{E9D5F6B5-31E5-4786-B268-5CA5AB24AB60}
2013-08-07 03:02 - 2013-08-07 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{5A472158-1E26-480E-94A1-6AFF158BE0BD}
2013-08-06 03:02 - 2013-08-06 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{8A1A15BC-3657-4E8E-A947-C38195D6A697}
2013-08-05 03:02 - 2013-08-05 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{33A066C9-0FA2-42D0-AF5E-901A7A87DB72}
2013-08-04 03:02 - 2013-08-04 03:02 - 00003088 _____ C:\Windows\System32\Tasks\{6CD64D40-D526-4957-B6F6-4BD8101DADCA}
Files to move or delete:
====================
C:\Users\Simon\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-01 00:02
==================== End Of Log ============================
|
|
03.09.2013, 16:28
| #14 |
| /// TB-Ausbilder | Bei Browsernutzung lande ich ständig auf Werbeseiten und auf http://s.mgkaxjfwfc.com/s73bc5wskpmgwwcowokg0w0os4 Und wie ist die Situation nach diesem Fix? Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\75ffaaa6-513e-452f-b3ef-a355babbf0bd@69687691-91ac-4021-9ac9-b8f93a6c6a10.com
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ cheers, Leo |
|
03.09.2013, 16:35
| #15 |
| | Bei Browsernutzung lande ich ständig auf Werbeseiten und auf http://s.mgkaxjfwfc.com/s73bc5wskpmgwwcowokg0w0os4 Grad aufm Weg wieder auf dieses Forum wurde eine neue Site geöffnet, danach hab ich das von dir gelesen, dass ich den Fix nochmachen soll,.. hab ich erledigt und wies scheint, hat es aufghört die hexerei O.o ICH BIN UNGLAUBLICH DANKBAR.... Bin mir grad noch nicht sicher obs wirklich geklappt hat... werde mich in 2-3 Stunden wieder melden!!!! Lass dich erstmal und  und  !!WOW LG Drumkid Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2013 01 Ran by Simon at 2013-09-03 17:32:32 Run:2 Running from C:\Users\Simon\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** FF Extension: No Name - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\75ffaaa6-513e-452f-b3ef-a355babbf0bd@69687691-91ac-4021-9ac9-b8f93a6c6a10.com ***************** C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\tmlbzpmo.default\Extensions\75ffaaa6-513e-452f-b3ef-a355babbf0bd@69687691-91ac-4021-9ac9-b8f93a6c6a10.com => Moved successfully. ==== End of Fixlog ==== |
|
| Themen zu Bei Browsernutzung lande ich ständig auf Werbeseiten und auf http://s.mgkaxjfwfc.com/s73bc5wskpmgwwcowokg0w0os4 |
| antivir, blockiert, browser, ccleaner, dienst, erkannt, explorer, fehlermeldungen, firefox, firewall, folge, klicke, link, neue, neue seite, norton, norton360, plötzlich, port, problem, prozess, remote-adresse, system, verlauf, virus, webseiten, werbeseiten, werbung, wurm? beseitigen, öffnen |
Linear-Darstellung
