| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: mysearch virus auf meinem PCWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.09.2013, 17:06
| #1 |
| |  mysearch virus auf meinem PC hallo, hatte mir ende August Daten aus dem Internet geladen und dann mysearch in meinem Windows Explorer. habe dann unter "Programme deinstallieren" alle Programme die ich an diesem tag installiert hatte deinstalliert. mysearch war von meinem Windows Explorer weg. habe dann noch die anti-Virus Programme AVG 2013, avast!, spypot una avira drüberlaufen lassen und alles was die als Gefahr oder ähnliches behandelt haben entfernt. anschließend lies ich noch den CCleaner drüberlaufen und nochmal alle anti-viren Programme. dachte ich habe das Problem gelöst. nun ist es aber so dass mein ultrabook seit damals langsamer ist als vorher, alle antiviren Programme finden aber nichts und heute ließ er mich auf eine von mir erstellte Datei nicht mehr zugreifen, da ich angeblich nicht die rechte dazu habe, was natürlich vollkommener schmarrn ist. kann mir bitte jmd helfen um diesen Trojaner oder was auch immer von meinem pc zu bringen? bin zwar pc mäßig nicht total grün hinter den ohren, aber wie man einen logfile erstellt weiß ich nicht. also bitte alle Erklärungen ganz genau. Aja, hab Windows 8. glg |
|
15.09.2013, 17:39
| #2 |
| /// the machine /// TB-Ausbilder    | mysearch virus auf meinem PC hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
15.09.2013, 20:43
| #3 |
| | mysearch virus auf meinem PC Addition:FRST Additions Logfile:
__________________[CODE]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-09-2013 05 Ran by Asus at 2013-09-15 21:15:26 Running from C:\Users\Asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A2RNUW2M Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= µTorrent (x32 Version: 3.3.0.29126) Adobe Flash Player 11 Plugin (x32 Version: 11.6.602.180) Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04) Adobe Reader XI (11.0.04) (x32 Version: 11.0.04) ASUS Instant Connect (x32 Version: 1.2.8) ASUS InstantOn (x32 Version: 3.0.2) ASUS LifeFrame3 (x32 Version: 3.1.5) ASUS Live Update (x32 Version: 3.1.8) ASUS Power4Gear Hybrid (Version: 2.0.4) ASUS Smart Gesture (x32 Version: 1.0.35) ASUS Splendid Video Enhancement Technology (x32 Version: 1.03.0004) ASUS Tutor (x32 Version: 1.0.7) ASUS USB Charger Plus (x32 Version: 2.1.4) ASUS WebStorage Sync Agent (x32 Version: 1.1.9.120) AsusVibe2.0 (x32 Version: 2.0.10.168) ATK Package (x32 Version: 1.0.0022) avast! Free Antivirus (x32 Version: 8.0.1489.0) AVG 2013 (Version: 13.0.3222) AVG 2013 (Version: 13.0.3408) AVG 2013 (Version: 2013.0.3408) Avira Free Antivirus (x32 Version: 13.0.0.4052) BIPA FotoShop (x32 Version: 5.0.4) BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41) CCleaner (Version: 4.00) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) DivX-Setup (x32 Version: 2.6.1.24) Dropbox (HKCU Version: 2.0.22) ExpressCache (Version: 1.0.86) Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287) Google Chrome (x32 Version: 29.0.1547.66) Google Earth Plug-in (x32 Version: 7.1.1.1888) Google Update Helper (x32 Version: 1.3.21.153) Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.36354) Intel(R) Management Engine Components (x32 Version: 8.1.0.1252) Intel(R) Processor Graphics (x32 Version: 9.17.10.2828) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.5.0.0344) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 2.5.0.0248) Intel(R) Rapid Start Technology (x32 Version: 2.1.0.1002) Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149) Intel(R) WiDi (Version: 3.5.34.0) Intel® Trusted Connect Service Client (Version: 1.24.388.1) Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (x32 Version: 12.0.4518.1014) Microsoft Office 2010 Service Pack 1 (SP1) (x32) Microsoft Office 365 Home Premium - de-de (Version: 15.0.4535.1004) Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003) Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000) Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Mobile Connect (x32 Version: 1.00.0000) Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1) Mozilla Maintenance Service (x32 Version: 23.0.1) MSVCRT Redists (x32 Version: 1.0) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4535.1004) Office 15 Click-to-Run Licensing Component (Version: 15.0.4535.1004) Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4535.1004) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6710) Realtek USB 2.0 Card Reader (x32 Version: 6.1.8400.39030) Shared C Run-time for x64 (Version: 10.0.0) Skype™ 6.5 (x32 Version: 6.5.158) Spybot - Search & Destroy (x32 Version: 2.1.21) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553065) (x32) Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2566458) (x32) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32) Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32) Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32) Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0) Vegas Pro 11.0 (x32 Version: 11.0.700) Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1) Windows-Treiberpaket - ASUS (ATP) Mouse (10/29/2012 1.0.0.148) (Version: 10/29/2012 1.0.0.148) WinFlash (x32 Version: 2.41.1) WinRAR 4.20 (32-bit) (x32 Version: 4.20.0) WinZip 17.5 (Version: 17.5.10480) XBMC (HKCU) ==================== Restore Points ========================= 12-09-2013 11:38:13 Windows Update ==================== Hosts content: ========================== 2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {010839B0-0F5B-4EC9-A887-0693AA7A6464} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-17] (Google Inc.) Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation) Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler Task: {18B8B7DD-4991-42D3-B992-20EE34E538D6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2819434515-746917838-1461336185-1001UA => C:\Users\Asus\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-19] (Facebook Inc.) Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\System32\sysmain.dll [2013-05-04] (Microsoft Corporation) Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy Task: {238B094E-C214-4BD8-A0CF-0A8E7234FE12} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-26] (Adobe Systems Incorporated) Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\WSClient.dll [2013-08-16] (Microsoft Corporation) Task: {25474F21-071E-4D01-B426-FDF4240FAEA1} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.) Task: {2848EDE4-F68D-43FC-8D69-FD7684563095} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update Task: {34DAA506-CA01-48F4-B17B-615B92A11D11} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator Task: {3812676F-4428-4602-BBF0-6852CF59A084} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-09-13] (Microsoft Corporation) Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance Task: {4159CAE3-8EA8-4EC2-B221-A8B1F7D4EC8B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd) Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation) Task: {4B63E59B-6FAC-494D-BF00-A747AA75B4AE} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS) Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon Task: {4C08636C-83A9-42A0-955F-B1CA52D54582} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2819434515-746917838-1461336185-1001 Task: {5703ED0D-D300-48A3-9C75-BAEB68A1944C} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS) Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required Task: {5F4CC73C-7432-4051-8C04-8815B784953F} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-10-31] (AsusTek) Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation) Task: {66902066-ACDC-4B27-A184-481F54F9568E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2819434515-746917838-1461336185-1001Core => C:\Users\Asus\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-19] (Facebook Inc.) Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation) Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) Task: {8E8E2F25-94EE-4179-8EB3-E088E39FA633} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-07-22] (Microsoft Corporation) Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Task: {9763EC31-54F5-4B7F-8439-59BA4F46D2D4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software) Task: {976B4FFC-094E-4477-99B8-AEAB1F678D2B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic Task: {A6CCD088-3329-4505-A9E6-56578B7FD050} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe [2012-08-15] (Microsoft Corporation) Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\WSClient.dll [2013-08-16] (Microsoft Corporation) Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask Task: {AF4CE796-FC00-43B5-A70A-4138F0FFD4C0} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan Task: {B68BD780-1925-4E9A-86A6-932D34AFB33A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific Task: {BCE70C38-7047-455B-9D76-76B3EE69F067} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall Task: {BE587A87-97B9-48D2-90CA-C2F76BB1A3D5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe Task: {BFC2C252-C919-44ED-A8DF-2A200638ABF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-17] (Google Inc.) Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender Task: {C5FA69D3-905F-44A7-B3C6-B42C947ADFD2} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation) Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\System32\Windows.Storage.ApplicationData.dll [2012-07-26] (Microsoft Corporation) Task: {C999D97D-93A5-4EA0-B789-42E7B7DC4DEB} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation) Task: {CAAE129E-8C34-470D-AACA-99D96CB67DA6} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => Sc.exe start wuauserv Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork Task: {D272BE46-AAD6-4C13-A055-0AFCAA09FFAC} - System32\Tasks\dsmonitor => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery Task: {E4C9D87A-DBE2-4B99-8351-ED98D1369112} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation) Task: {EAD237E7-D276-4257-9F16-51DF41548733} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\System32\Startupscan.dll [2012-07-26] (Microsoft Corporation) Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM Task: {F9B01696-9B45-4068-A7A5-9CB91DBD97F6} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.) Task: {FAD7C695-A3EF-4A7D-AA0A-ABCC5FDD8265} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: {FD75C304-B857-4AA5-85C1-258E3D09E9EE} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\dsmonitor.job => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2819434515-746917838-1461336185-1001Core.job => C:\Users\Asus\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2819434515-746917838-1461336185-1001UA.job => C:\Users\Asus\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe ==================== Loaded Modules (whitelisted) ============= 2013-04-14 11:22 - 2013-03-02 04:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe 2013-08-05 11:04 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\Explorer.EXE 2013-04-24 19:59 - 2013-04-24 19:59 - 00164016 _____ (Dropbox, Inc.) C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll 2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2009-03-02 04:07 - 2009-03-02 04:07 - 00200704 _____ ( ) C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\LogicNP.EZShellExtensions.dll 2012-08-24 18:26 - 2012-08-24 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2012-08-30 09:34 - 2012-08-16 08:40 - 00170304 _____ (Intel Corporation) C:\Windows\System32\igfxtray.exe 2012-08-30 09:33 - 2012-08-15 19:53 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc 2012-08-30 09:33 - 2012-08-16 08:39 - 00398656 _____ (Intel Corporation) C:\Windows\System32\hkcmd.exe 2012-09-24 23:35 - 2012-08-20 12:28 - 13192848 _____ (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 2012-07-26 03:26 - 2012-07-26 05:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\rundll32.exe 2012-09-24 23:39 - 2012-08-08 16:12 - 11554688 _____ (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll 2012-09-24 23:39 - 2012-08-09 18:45 - 02798464 _____ (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\Resources\deu.dll 2012-09-29 02:04 - 2013-05-13 00:17 - 00802136 _____ (BitTorrent Inc.) C:\Users\Asus\AppData\Roaming\uTorrent\uTorrent.exe 2013-06-03 16:27 - 2013-06-03 16:27 - 19603048 ____R (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe 2012-09-24 23:47 - 2012-08-24 18:17 - 00192000 _____ (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe 2012-04-16 15:45 - 2012-04-16 15:45 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe 2013-05-25 02:47 - 2013-05-25 02:47 - 27776968 _____ (Dropbox, Inc.) C:\Users\Asus\AppData\Roaming\Dropbox\bin\Dropbox.exe 2013-02-13 04:37 - 2013-02-13 04:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 2013-01-17 16:08 - 2013-01-17 16:08 - 00267792 _____ (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe 2013-09-13 15:03 - 2013-09-05 22:09 - 00517592 _____ (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe 2013-09-13 15:03 - 2013-09-05 22:09 - 00537560 _____ (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.dll 2013-05-18 08:58 - 2013-04-09 06:52 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2013-05-18 08:57 - 2013-04-09 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2013-09-15 21:12 - 2013-09-15 21:13 - 01951146 _____ (Farbar) C:\Users\Asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A2RNUW2M\FRST64.exe 2011-08-15 21:12 - 2011-08-15 21:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll 2011-08-17 17:48 - 2011-08-17 17:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll 2011-08-15 21:15 - 2011-08-15 21:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll 2011-08-17 17:48 - 2011-08-17 17:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll 2012-04-16 12:37 - 2012-04-16 12:37 - 00071680 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ServiceManagerStarter.dll 2011-08-15 20:23 - 2011-08-15 20:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll 2011-08-15 21:12 - 2011-08-15 21:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll 2012-04-16 12:42 - 2012-04-16 12:42 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll 2011-08-17 17:41 - 2011-08-17 17:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll 2012-04-16 12:41 - 2012-04-16 12:41 - 00484864 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll 2012-04-16 12:56 - 2012-04-16 12:56 - 00500032 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll 2012-04-16 12:38 - 2012-04-16 12:38 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll 2012-08-24 18:17 - 2012-08-24 18:17 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2012-08-24 18:17 - 2012-08-24 18:17 - 01595392 _____ (TODO: <Company name>) C:\Program Files (x86)\ASUS\Splendid\Alb_ASUSLib.dll 2013-06-03 16:21 - 2013-06-03 16:21 - 00088680 ____R (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.dll 2011-07-19 17:05 - 2011-07-19 17:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll 2011-08-15 21:17 - 2011-08-15 21:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll 2011-07-19 17:04 - 2011-07-19 17:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll 2012-11-14 01:32 - 2012-11-14 01:32 - 03558400 _____ (wxWidgets development team) C:\Users\Asus\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll 2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\Asus\AppData\Roaming\Dropbox\bin\libcef.dll 2013-03-13 22:48 - 2013-03-13 22:48 - 09956864 _____ (The ICU Project) C:\Users\Asus\AppData\Roaming\Dropbox\bin\icudt.dll 2013-02-13 04:38 - 2013-02-13 04:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll 2013-01-18 17:10 - 2013-01-18 17:10 - 00270336 _____ (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgrPs.dll 2013-08-31 07:52 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2013-08-31 07:52 - 2013-05-16 10:55 - 03643800 _____ (Project JEDI) C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl 2013-08-31 07:52 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2013-09-13 15:03 - 2013-09-05 22:09 - 14395864 _____ (Adobe Systems, Inc.) C:\Windows\SYSTEM32\Macromed\Flash\Flash.ocx ==================== Alternate Data Streams (whitelisted) ========== ==================== Faulty Device Manager Devices ============= Name: USB-IF xHCI USB Host Controller Description: USB-IF xHCI USB Host Controller Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee} Manufacturer: Intel Corporation Service: XHCIPort Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Event log errors: ========================= Application errors: ================== Error: (09/15/2013 05:47:11 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: mmc.exe, Version: 6.2.9200.16496, Zeitstempel: 0x50ece2e8 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50988aa6 Ausnahmecode: 0xe0434352 Fehleroffset: 0x000000000003811c ID des fehlerhaften Prozesses: 0x3644 Startzeit der fehlerhaften Anwendung: 0xmmc.exe0 Pfad der fehlerhaften Anwendung: mmc.exe1 Pfad des fehlerhaften Moduls: mmc.exe2 Berichtskennung: mmc.exe3 Vollständiger Name des fehlerhaften Pakets: mmc.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mmc.exe5 Error: (09/15/2013 05:47:07 PM) (Source: .NET Runtime) (User: ) Description: Anwendung: mmc.exe Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Ausnahmeinformationen: System.Reflection.TargetInvocationException Stapel: bei Microsoft.ManagementConsole.Executive.MmcThreadMessageWindow.OnThreadException(System.Exception) bei System.Windows.Forms.NativeWindow.Callback(IntPtr, Int32, IntPtr, IntPtr) bei Microsoft.ManagementConsole.Interop.NativeMethods.SendNotifyMessage(System.Runtime.InteropServices.HandleRef, UInt32, IntPtr, IntPtr) bei Microsoft.ManagementConsole.Interop.NativeMethods.SendNotifyMessage(System.Runtime.InteropServices.HandleRef, UInt32, IntPtr, IntPtr) bei Microsoft.ManagementConsole.Interop.NativeMethods.SendNotifyMessage(System.Windows.Forms.IWin32Window, UInt32, IntPtr, IntPtr) bei Microsoft.ManagementConsole.Executive.MmcMessageProcessor.OnDataReadySync(System.Object, System.EventArgs) bei Microsoft.ManagementConsole.Executive.Operation.SwitchToThread(Microsoft.ManagementConsole.Executive.MessageProcessor, Microsoft.ManagementConsole.Executive.SimpleOperationCallback) bei Microsoft.ManagementConsole.Executive.RunningOperationsTable.EnqueueOperation(Microsoft.ManagementConsole.Executive.Operation) bei System.EventHandler.Invoke(System.Object, System.EventArgs) bei Microsoft.ManagementConsole.Executive.SnapInApplication.SignalTerminated(System.Exception, Boolean) bei Microsoft.ManagementConsole.Executive.EndSnapInDialog.OnEndNow() bei Microsoft.ManagementConsole.Executive.EndSnapInDialog.OnCommand(Int32, Int32, IntPtr) bei Microsoft.ManagementConsole.Executive.NativeDialog.DialogProc(IntPtr, UInt32, IntPtr, IntPtr) bei System.Windows.Forms.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) bei System.Windows.Forms.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) bei System.Windows.Forms.NativeWindow.DefWndProc(System.Windows.Forms.Message ByRef) bei System.Windows.Forms.NativeWindow.Callback(IntPtr, Int32, IntPtr, IntPtr) bei Microsoft.ManagementConsole.Interop.NativeMethods.DialogBoxParam(IntPtr, System.String, IntPtr, Microsoft.ManagementConsole.Interop.DialogProc, IntPtr) bei Microsoft.ManagementConsole.Interop.NativeMethods.DialogBoxParam(IntPtr, System.String, IntPtr, Microsoft.ManagementConsole.Interop.DialogProc, IntPtr) bei Microsoft.ManagementConsole.Executive.NativeDialog.DoModal(System.String, IntPtr, System.Windows.Forms.IWin32Window) bei Microsoft.ManagementConsole.Executive.NativeDialog.DoModal(System.String, System.String, System.Windows.Forms.IWin32Window) bei Microsoft.ManagementConsole.Executive.WaitDialog.OnCancel(System.Object, System.EventArgs) bei Microsoft.ManagementConsole.Executive.WaitDialog+WaitDialogCancelCallback.Microsoft.ManagementConsole.Interop.IWaitDialogCancelCallback.Cancel(IntPtr) bei Microsoft.ManagementConsole.Interop.IWaitDialog.RunModal(IntPtr, UInt32, UInt32, Microsoft.ManagementConsole.Interop.IWaitDialogCancelCallback) bei Microsoft.ManagementConsole.Interop.IWaitDialog.RunModal(IntPtr, UInt32, UInt32, Microsoft.ManagementConsole.Interop.IWaitDialogCancelCallback) bei Microsoft.ManagementConsole.Executive.WaitDialog.InnerShowDialog(System.Windows.Forms.IWin32Window) bei Microsoft.ManagementConsole.Executive.WaitDialog.ShowDialog(System.Windows.Forms.IWin32Window) bei Microsoft.ManagementConsole.Executive.SnapInInitializationOperation.OnStart() bei Microsoft.ManagementConsole.Executive.RunningOperationsTable.EnqueueOperation(Microsoft.ManagementConsole.Executive.Operation) bei Microsoft.ManagementConsole.Advanced.FrameworkSnapInFactory.Microsoft.ManagementConsole.Advanced.ISnapInFactory.CreateSnapIn(Int32, System.String, System.Object ByRef) Error: (09/15/2013 10:35:11 AM) (Source: Office 2013 Licensing Service) (User: ) Description: Subscription licensing service failed: -1073415161 Error: (09/14/2013 11:37:25 AM) (Source: Office 2013 Licensing Service) (User: ) Description: Subscription licensing service failed: -1073415161 Error: (09/13/2013 04:40:25 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: BIPA FotoShop.exe, Version: 0.0.0.0, Zeitstempel: 0x51aedbfa Name des fehlerhaften Moduls: BIPA FotoShop.exe, Version: 0.0.0.0, Zeitstempel: 0x51aedbfa Ausnahmecode: 0xc0000005 Fehleroffset: 0x001aee47 ID des fehlerhaften Prozesses: 0x3b40 Startzeit der fehlerhaften Anwendung: 0xBIPA FotoShop.exe0 Pfad der fehlerhaften Anwendung: BIPA FotoShop.exe1 Pfad des fehlerhaften Moduls: BIPA FotoShop.exe2 Berichtskennung: BIPA FotoShop.exe3 Vollständiger Name des fehlerhaften Pakets: BIPA FotoShop.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BIPA FotoShop.exe5 Error: (09/13/2013 03:21:14 PM) (Source: MsiInstaller) (User: Asus-Pc) Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011004}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127 Error: (09/13/2013 03:21:13 PM) (Source: MsiInstaller) (User: Asus-Pc) Description: Produkt: Adobe Reader XI - Update "{AC76BA86-7AD7-0000-2550-7A8C40011004}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127 Error: (09/13/2013 03:12:47 PM) (Source: Office 2013 Licensing Service) (User: ) Description: Subscription licensing service failed: -1073415161 Error: (09/12/2013 10:35:11 AM) (Source: Office 2013 Licensing Service) (User: ) Description: Subscription licensing service failed: -1073415161 Error: (09/12/2013 10:04:28 AM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 System errors: ============= Error: (09/15/2013 09:07:45 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "avast! Antivirus" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts. Error: (09/15/2013 08:25:44 PM) (Source: BugCheck) (User: ) Description: 0x0000007a (0x0000000000000004, 0x0000000000000000, 0xfffffa801970f220, 0xfffff8801b422000)C:\Windows\MEMORY.DMP091513-47468-01 Error: (09/15/2013 08:24:38 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT) Description: 0xc000014d0 Error: (09/15/2013 08:25:18 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 15.09.2013 um 20:10:54 unerwartet heruntergefahren. Error: (09/13/2013 05:40:02 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 13.09.2013 um 17:02:23 unerwartet heruntergefahren. Error: (09/13/2013 05:39:24 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT) Description: 0xc000014d0 Error: (09/13/2013 03:01:07 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT) Description: 0xc000014d0 Error: (09/13/2013 03:02:23 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 13.09.2013 um 10:04:46 unerwartet heruntergefahren. Error: (09/13/2013 02:59:15 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT) Description: 0xc000014d0 Error: (09/10/2013 06:38:16 PM) (Source: Schannel) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Microsoft Office Sessions: ========================= Error: (09/15/2013 05:47:11 PM) (Source: Application Error)(User: ) Description: mmc.exe6.2.9200.1649650ece2e8KERNELBASE.dll6.2.9200.1645150988aa6e0434352000000000003811c364401ceb22a86373754C:\Windows\system32\mmc.exeC:\Windows\sys tem32\KERNELBASE.dll1509390d-1e1e-11e3-becc-c48508377de0 Error: (09/15/2013 05:47:07 PM) (Source: .NET Runtime)(User: ) Description: Anwendung: mmc.exe Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Ausnahmeinformationen: System.Reflection.TargetInvocationException Stapel: bei Microsoft.ManagementConsole.Executive.MmcThreadMessageWindow.OnThreadException(System.Exception) bei System.Windows.Forms.NativeWindow.Callback(IntPtr, Int32, IntPtr, IntPtr) bei Microsoft.ManagementConsole.Interop.NativeMethods.SendNotifyMessage(System.Runtime.InteropServices.HandleRef, UInt32, IntPtr, IntPtr) bei Microsoft.ManagementConsole.Interop.NativeMethods.SendNotifyMessage(System.Runtime.InteropServices.HandleRef, UInt32, IntPtr, IntPtr) bei Microsoft.ManagementConsole.Interop.NativeMethods.SendNotifyMessage(System.Windows.Forms.IWin32Window, UInt32, IntPtr, IntPtr) bei Microsoft.ManagementConsole.Executive.MmcMessageProcessor.OnDataReadySync(System.Object, System.EventArgs) bei Microsoft.ManagementConsole.Executive.Operation.SwitchToThread(Microsoft.ManagementConsole.Executive.MessageProcessor, Microsoft.ManagementConsole.Executive.SimpleOperationCallback) bei Microsoft.ManagementConsole.Executive.RunningOperationsTable.EnqueueOperation(Microsoft.ManagementConsole.Executive.Operation) bei System.EventHandler.Invoke(System.Object, System.EventArgs) bei Microsoft.ManagementConsole.Executive.SnapInApplication.SignalTerminated(System.Exception, Boolean) bei Microsoft.ManagementConsole.Executive.EndSnapInDialog.OnEndNow() bei Microsoft.ManagementConsole.Executive.EndSnapInDialog.OnCommand(Int32, Int32, IntPtr) bei Microsoft.ManagementConsole.Executive.NativeDialog.DialogProc(IntPtr, UInt32, IntPtr, IntPtr) bei System.Windows.Forms.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) bei System.Windows.Forms.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) bei System.Windows.Forms.NativeWindow.DefWndProc(System.Windows.Forms.Message ByRef) bei System.Windows.Forms.NativeWindow.Callback(IntPtr, Int32, IntPtr, IntPtr) bei Microsoft.ManagementConsole.Interop.NativeMethods.DialogBoxParam(IntPtr, System.String, IntPtr, Microsoft.ManagementConsole.Interop.DialogProc, IntPtr) bei Microsoft.ManagementConsole.Interop.NativeMethods.DialogBoxParam(IntPtr, System.String, IntPtr, Microsoft.ManagementConsole.Interop.DialogProc, IntPtr) bei Microsoft.ManagementConsole.Executive.NativeDialog.DoModal(System.String, IntPtr, System.Windows.Forms.IWin32Window) bei Microsoft.ManagementConsole.Executive.NativeDialog.DoModal(System.String, System.String, System.Windows.Forms.IWin32Window) bei Microsoft.ManagementConsole.Executive.WaitDialog.OnCancel(System.Object, System.EventArgs) bei Microsoft.ManagementConsole.Executive.WaitDialog+WaitDialogCancelCallback.Microsoft.ManagementConsole.Interop.IWaitDialogCancelCallback.Cancel(IntPtr) bei Microsoft.ManagementConsole.Interop.IWaitDialog.RunModal(IntPtr, UInt32, UInt32, Microsoft.ManagementConsole.Interop.IWaitDialogCancelCallback) bei Microsoft.ManagementConsole.Interop.IWaitDialog.RunModal(IntPtr, UInt32, UInt32, Microsoft.ManagementConsole.Interop.IWaitDialogCancelCallback) bei Microsoft.ManagementConsole.Executive.WaitDialog.InnerShowDialog(System.Windows.Forms.IWin32Window) bei Microsoft.ManagementConsole.Executive.WaitDialog.ShowDialog(System.Windows.Forms.IWin32Window) bei Microsoft.ManagementConsole.Executive.SnapInInitializationOperation.OnStart() bei Microsoft.ManagementConsole.Executive.RunningOperationsTable.EnqueueOperation(Microsoft.ManagementConsole.Executive.Operation) bei Microsoft.ManagementConsole.Advanced.FrameworkSnapInFactory.Microsoft.ManagementConsole.Advanced.ISnapInFactory.CreateSnapIn(Int32, System.String, System.Object ByRef) Error: (09/15/2013 10:35:11 AM) (Source: Office 2013 Licensing Service)(User: ) Description: Subscription licensing service failed: -1073415161 Error: (09/14/2013 11:37:25 AM) (Source: Office 2013 Licensing Service)(User: ) Description: Subscription licensing service failed: -1073415161 Error: (09/13/2013 04:40:25 PM) (Source: Application Error)(User: ) Description: BIPA FotoShop.exe0.0.0.051aedbfaBIPA FotoShop.exe0.0.0.051aedbfac0000005001aee473b4001ceb0878ecac584C:\Program Files (x86)\BIPA\BIPA FotoShop\BIPA FotoShop.exeC:\Program Files (x86)\BIPA\BIPA FotoShop\BIPA FotoShop.exe6ccfd264-1c82-11e3-becb-c48508377de0 Error: (09/13/2013 03:21:14 PM) (Source: MsiInstaller)(User: Asus-Pc) Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011004}1625(NULL)(NULL)(NULL) Error: (09/13/2013 03:21:13 PM) (Source: MsiInstaller)(User: Asus-Pc) Description: Adobe Reader XI{AC76BA86-7AD7-0000-2550-7A8C40011004}1625(NULL)(NULL)(NULL) Error: (09/13/2013 03:12:47 PM) (Source: Office 2013 Licensing Service)(User: ) Description: Subscription licensing service failed: -1073415161 Error: (09/12/2013 10:35:11 AM) (Source: Office 2013 Licensing Service)(User: ) Description: Subscription licensing service failed: -1073415161 Error: (09/12/2013 10:04:28 AM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 ==================== Memory info =========================== Percentage of memory in use: 75% Total physical RAM: 3979.79 MB Available physical RAM: 980.14 MB Total Pagefile: 8075.79 MB Available Pagefile: 4784.64 MB Total Virtual: 8192 MB Available Virtual: 8191.76 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:54.08 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (DATA) (Fixed) (Total:258.45 GB) (Free:152.95 GB) NTFS Drive e: (INTENSO) (Fixed) (Total:465.64 GB) (Free:109.71 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 466 GB) (Disk ID: 4B834568) Partition: GPT Partition Type ======================================================== Disk: 1 (Size: 22 GB) (Disk ID: 9AC17E73) Partition: GPT Partition Type ======================================================== Disk: 2 (Size: 466 GB) (Disk ID: 50FE20A1) Partition 1: (Not Active) - (Size=466 GB) - (Type=0C) ==================== End Of Log ============================ FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-09-2013 05
Ran by Asus (administrator) on ASUS-PC on 15-09-2013 21:13:55
Running from C:\Users\Asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A2RNUW2M
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(BitTorrent Inc.) C:\Users\Asus\AppData\Roaming\uTorrent\uTorrent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Dropbox, Inc.) C:\Users\Asus\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [uTorrent] - C:\Users\Asus\AppData\Roaming\uTorrent\uTorrent.exe [802136 2013-05-13] (BitTorrent Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Run: [Facebook Update] - C:\Users\Asus\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-19] (Facebook Inc.)
MountPoints2: {0d6e0029-c50f-11e2-beb0-c48508377de0} - "E:\AutoRun.exe"
MountPoints2: {0d6e04f7-c50f-11e2-beb0-c48508377de0} - "E:\AutoRun.exe"
MountPoints2: {0d6e050a-c50f-11e2-beb0-c48508377de0} - "E:\AutoRun.exe"
MountPoints2: {50fef9ad-b4c3-11e2-bea6-c48508377de0} - "E:\AutoRun.exe"
MountPoints2: {50fef9b2-b4c3-11e2-bea6-c48508377de0} - "E:\AutoRun.exe"
MountPoints2: {7949b2b1-8b14-11e2-be78-c48508377de0} - "F:\setup.exe"
MountPoints2: {98619096-f891-11e2-bebe-c48508377de0} - "E:\AutoRun.exe"
MountPoints2: {986190a0-f891-11e2-bebe-c48508377de0} - "E:\AutoRun.exe"
MountPoints2: {986190ee-f891-11e2-bebe-c48508377de0} - "E:\AutoRun.exe"
MountPoints2: {986190fd-f891-11e2-bebe-c48508377de0} - "E:\AutoRun.exe"
MountPoints2: {98619103-f891-11e2-bebe-c48508377de0} - "E:\AutoRun.exe"
MountPoints2: {cb9b5479-8eca-11e2-be7a-c48508377de0} - "E:\AutoRun.exe"
MountPoints2: {cb9b54be-8eca-11e2-be7a-c48508377de0} - "E:\AutoRun.exe"
MountPoints2: {cb9b54d6-8eca-11e2-be7a-c48508377de0} - "E:\AutoRun.exe"
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-01-30] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-08-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-15] (Avira Operations GmbH & Co. KG)
Startup: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Asus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {3F4822C0-D8ED-477F-9792-43ABFEB2293A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10263&src=kw&q={searchTerms}&locale=de_AT&apn_ptnrs=^AGU&apn_dtid=^YYYYYY^YY^AT&apn_uid=792f13e6-6f8f-491e-883b-e937d0994d42&apn_sauid=D7C74ECE-EDFE-480F-BF57-F68A47537954
SearchScopes: HKCU - {4B1713E1-36FC-49FF-97FF-834FB2719C53} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647&CUI=UN52600044822633140
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 212.186.211.21 195.34.133.21
FireFox:
========
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\q0cu2667.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Asus\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
CHR Extension: (Google Docs) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0
CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-15] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [815160 2013-09-15] (Avira Operations GmbH & Co. KG)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-30] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1901752 2013-07-22] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-31] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-31] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-08-31] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20912 2012-10-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-15] (Avira Operations GmbH & Co. KG)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-09-05] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [248632 2013-07-18] (AVG Technologies CZ, s.r.o.)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132088 2013-09-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-02-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [82136 2013-09-15] (Avira Operations GmbH & Co. KG)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [104960 2012-07-07] (ASIX Electronics Corp.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-30] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3311072 2013-02-22] (Intel Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
U0 msahci;
S3 UCORESYS; \??\E:\WTP 2.0.1\asus-wtp\bin\UCORESYS.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-15 21:13 - 2013-09-15 21:13 - 00000000 ____D C:\FRST
2013-09-15 20:57 - 2013-09-15 20:57 - 00000000 ___SH C:\DkHyperbootSync
2013-09-15 20:25 - 2013-09-15 20:25 - 1482300200 _____ C:\Windows\MEMORY.DMP
2013-09-15 20:25 - 2013-09-15 20:25 - 00285992 _____ C:\Windows\Minidump\091513-47468-01.dmp
2013-09-15 17:46 - 2013-09-15 17:46 - 00000000 ____D C:\Users\Asus\AppData\Roaming\Avira
2013-09-15 17:22 - 2013-09-15 17:22 - 00000546 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-09-15 17:21 - 2013-09-15 17:21 - 00002068 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-09-15 17:20 - 2013-09-15 17:33 - 00082136 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-15 17:19 - 2013-09-15 17:33 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-15 17:19 - 2013-09-15 17:33 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-15 17:19 - 2013-09-15 17:19 - 00000000 ____D C:\Program Files (x86)\Avira
2013-09-15 17:19 - 2013-02-26 16:56 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-13 17:39 - 2013-09-13 17:39 - 00454864 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 17:32 - 2013-09-13 17:32 - 00000000 ____D C:\Program Files (x86)\Pixum
2013-09-13 15:03 - 2013-09-05 22:09 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-13 15:03 - 2013-09-05 22:09 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-12 10:18 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2013-09-12 10:18 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2013-09-12 10:18 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-12 10:18 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2013-09-12 10:18 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2013-09-12 10:18 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-09-12 10:18 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-12 10:18 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-12 10:18 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-09-12 10:18 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-09-12 10:18 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-09-12 10:18 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-09-12 10:18 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-09-12 10:18 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2013-09-12 10:18 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-09-12 10:18 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2013-09-12 10:18 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-09-12 10:18 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-12 10:18 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-09-12 10:18 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2013-09-12 10:18 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-09-12 10:18 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2013-09-12 10:18 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-09-12 10:18 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-09-12 10:18 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2013-09-12 10:18 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-09-12 10:18 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-09-12 10:18 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-09-12 10:18 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-09-12 10:18 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-09-12 10:18 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-09-12 10:18 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-12 10:18 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-09-12 10:18 - 2013-08-16 00:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2013-09-12 10:18 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-09-12 10:18 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-09-12 10:18 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2013-09-12 10:18 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2013-09-12 10:14 - 2013-08-21 06:12 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 10:14 - 2013-08-21 06:11 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 10:14 - 2013-08-21 06:11 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 10:14 - 2013-08-21 06:11 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 10:14 - 2013-08-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 10:14 - 2013-08-21 06:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 10:14 - 2013-08-21 06:11 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-09-12 10:14 - 2013-08-21 06:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 10:14 - 2013-08-21 06:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-12 10:14 - 2013-08-21 04:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-12 10:14 - 2013-08-21 04:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-12 10:14 - 2013-08-21 04:05 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-12 10:14 - 2013-08-21 04:05 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-12 10:14 - 2013-08-21 04:05 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-12 10:14 - 2013-08-21 04:05 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-12 10:14 - 2013-08-21 04:05 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-12 10:14 - 2013-08-21 04:05 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-12 10:13 - 2013-08-21 06:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-12 10:13 - 2013-08-21 06:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 10:13 - 2013-08-21 06:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-12 10:13 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-09-12 10:13 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 10:13 - 2013-08-21 06:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-12 10:13 - 2013-08-21 04:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 10:13 - 2013-08-21 04:06 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-09-12 10:13 - 2013-08-21 04:05 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-12 10:13 - 2013-08-21 04:05 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-12 10:13 - 2013-08-21 04:05 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-12 10:13 - 2013-08-21 04:05 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-12 10:13 - 2013-08-21 03:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-12 10:13 - 2013-08-21 01:52 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-09-12 10:13 - 2013-08-03 06:30 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-09 12:09 - 2013-09-09 12:09 - 00000000 ____D C:\Users\Asus\Documents\Benutzerdefinierte Office-Vorlagen
2013-09-05 01:43 - 2013-09-05 01:43 - 00045880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2013-09-01 14:17 - 2013-09-15 20:25 - 00123528 _____ C:\Windows\PFRO.log
2013-08-31 09:36 - 2013-09-13 14:57 - 02018868 _____ C:\Windows\WindowsUpdate.log
2013-08-31 08:27 - 2013-08-31 08:27 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-08-31 08:27 - 2013-08-31 08:27 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-08-31 08:27 - 2013-08-31 08:27 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-08-31 08:24 - 2013-08-31 08:25 - 00000000 ____D C:\Users\Asus\Downloads\The.Bling.Ring.2011.DVDrip.XVID.AC3-ADTRG
2013-08-31 08:06 - 2013-08-31 08:14 - 00000000 ____D C:\AdwCleaner
2013-08-31 07:54 - 2013-08-31 08:14 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-08-31 07:54 - 2013-08-31 07:54 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-08-31 07:53 - 2013-08-31 07:53 - 00001381 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-08-31 07:53 - 2009-01-25 13:14 - 00017272 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2013-08-31 07:52 - 2013-08-31 08:00 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-08-30 17:06 - 2013-08-30 17:06 - 00000000 ____D C:\Users\Asus\AppData\Roaming\Malwarebytes
2013-08-30 17:05 - 2013-08-30 23:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-30 17:05 - 2013-08-30 17:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-30 10:10 - 2013-08-30 10:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-08-30 10:09 - 2013-08-30 10:09 - 00000000 ____D C:\Windows\PCHEALTH
2013-08-30 10:09 - 2013-08-30 10:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-08-30 10:09 - 2013-08-30 10:09 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-08-30 10:02 - 2013-08-30 10:02 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-08-30 10:01 - 2013-08-30 10:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-08-30 09:59 - 2013-08-30 09:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-08-30 09:43 - 2013-08-30 09:43 - 00000000 ____D C:\Users\Asus\AppData\Roaming\WinRAR
2013-08-30 09:43 - 2013-08-30 09:43 - 00000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-08-30 09:42 - 2013-08-30 09:43 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-08-30 07:42 - 2013-08-30 09:13 - 00000000 ____D C:\Users\Asus\Downloads\www.blockbusters.cc...Microsoft.Office.2010.Professional.Plus.GERMAN.x86.x64.FRiENDS.ONLY-BIE
2013-08-29 23:38 - 2013-08-29 23:38 - 00000306 __RSH C:\Users\Asus\ntuser.pol
2013-08-29 23:34 - 2013-08-29 23:37 - 336193560 _____ (Microsoft Corporation) C:\Users\Asus\Desktop\X16-32970.exe
2013-08-29 12:36 - 2013-08-29 12:57 - 00000000 ____D C:\Users\Asus\Downloads\www.torrent.to...Kokowaeaeh.2.German.AC3.BDRiP.XViD-ETM
2013-08-28 23:53 - 2013-08-28 23:54 - 00000460 _____ C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website
2013-08-28 23:31 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2013-08-28 23:31 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2013-08-28 23:31 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2013-08-28 23:31 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2013-08-28 23:31 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-08-28 23:31 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-08-28 23:31 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-08-28 23:31 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-08-28 23:31 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-08-28 23:31 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-08-28 23:31 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-08-28 23:31 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-08-28 23:31 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-08-28 23:31 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2013-08-28 23:31 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2013-08-28 23:31 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-08-28 23:31 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2013-08-28 23:31 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2013-08-28 23:31 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-08-28 23:31 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-08-28 23:31 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-08-28 23:31 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-08-28 23:30 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2013-08-28 23:30 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2013-08-28 23:30 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2013-08-28 23:30 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2013-08-28 23:30 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-08-28 23:30 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-08-28 23:30 - 2013-07-02 00:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml
2013-08-28 23:30 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2013-08-28 23:30 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2013-08-28 23:30 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-08-28 23:30 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-08-28 23:30 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-08-28 23:30 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-08-28 23:30 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2013-08-28 23:30 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-08-28 23:30 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-08-28 23:30 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-08-28 23:30 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-08-28 23:30 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-08-28 23:30 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-08-28 23:28 - 2013-08-28 23:47 - 00000000 ____D C:\Program Files (x86)\Amazon
2013-08-28 23:27 - 2013-08-28 23:27 - 00129536 _____ C:\Users\Public\AlexaNSISPlugin.11680.dll
2013-08-28 23:25 - 2013-08-28 23:40 - 00000000 ____D C:\Users\Asus\AppData\Roaming\amazon
2013-08-27 22:34 - 2013-08-27 22:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-26 22:28 - 2013-08-26 22:28 - 00003340 _____ C:\Windows\System32\Tasks\{5E5DA40E-3F84-4E02-A03F-4CCCFE757576}
2013-08-16 21:43 - 2013-09-12 13:49 - 00000000 ____D C:\Windows\system32\MRT
==================== One Month Modified Files and Folders =======
2013-09-15 21:14 - 2012-09-29 01:58 - 00000000 ____D C:\Users\Asus\AppData\Roaming\uTorrent
2013-09-15 21:13 - 2013-09-15 21:13 - 00000000 ____D C:\FRST
2013-09-15 21:13 - 2013-03-26 16:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-15 21:09 - 2013-05-07 17:17 - 00000000 ___RD C:\Users\Asus\Dropbox
2013-09-15 21:09 - 2013-05-07 17:14 - 00000000 ____D C:\Users\Asus\AppData\Roaming\Dropbox
2013-09-15 21:09 - 2013-03-16 23:07 - 00000000 ____D C:\Users\Asus\AppData\Roaming\Skype
2013-09-15 21:09 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-09-15 21:08 - 2013-03-17 08:30 - 00001118 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-15 21:08 - 2012-09-25 00:08 - 00000408 _____ C:\Users\Asus\AppData\Roaming\sp_data.sys
2013-09-15 21:08 - 2012-09-24 23:37 - 00000868 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2013-09-15 21:07 - 2012-09-29 02:09 - 00000354 _____ C:\Windows\Tasks\dsmonitor.job
2013-09-15 20:57 - 2013-09-15 20:57 - 00000000 ___SH C:\DkHyperbootSync
2013-09-15 20:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-09-15 20:25 - 2013-09-15 20:25 - 1482300200 _____ C:\Windows\MEMORY.DMP
2013-09-15 20:25 - 2013-09-15 20:25 - 00285992 _____ C:\Windows\Minidump\091513-47468-01.dmp
2013-09-15 20:25 - 2013-09-01 14:17 - 00123528 _____ C:\Windows\PFRO.log
2013-09-15 20:25 - 2013-03-17 08:21 - 00000000 ____D C:\Windows\Minidump
2013-09-15 20:25 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-15 20:04 - 2013-03-17 08:30 - 00001122 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-15 19:43 - 2013-03-19 23:38 - 00000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2819434515-746917838-1461336185-1001UA.job
2013-09-15 17:46 - 2013-09-15 17:46 - 00000000 ____D C:\Users\Asus\AppData\Roaming\Avira
2013-09-15 17:37 - 2013-03-30 08:41 - 00000000 ____D C:\ProgramData\MFAData
2013-09-15 17:33 - 2013-09-15 17:20 - 00082136 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-15 17:33 - 2013-09-15 17:19 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-15 17:33 - 2013-09-15 17:19 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-15 17:23 - 2012-08-03 01:02 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-09-15 17:23 - 2012-08-03 01:02 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-09-15 17:23 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-15 17:22 - 2013-09-15 17:22 - 00000546 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-09-15 17:21 - 2013-09-15 17:21 - 00002068 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-09-15 17:19 - 2013-09-15 17:19 - 00000000 ____D C:\Program Files (x86)\Avira
2013-09-15 17:19 - 2013-03-12 14:20 - 00000000 ____D C:\ProgramData\Avira
2013-09-15 15:13 - 2013-03-16 19:00 - 00000000 ____D C:\Users\Asus\AppData\Local\Microsoft Help
2013-09-15 11:31 - 2012-09-24 23:37 - 00000870 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2013-09-14 22:43 - 2013-03-19 23:38 - 00000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2819434515-746917838-1461336185-1001Core.job
2013-09-13 22:47 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-09-13 18:05 - 2012-09-25 00:13 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2819434515-746917838-1461336185-1001
2013-09-13 17:47 - 2013-06-17 07:22 - 00000000 ____D C:\ProgramData\tmp
2013-09-13 17:39 - 2013-09-13 17:39 - 00454864 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 17:32 - 2013-09-13 17:32 - 00000000 ____D C:\Program Files (x86)\Pixum
2013-09-13 15:38 - 2013-03-16 19:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-13 15:36 - 2013-03-12 17:16 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-09-13 15:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-09-13 15:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-13 14:57 - 2013-08-31 09:36 - 02018868 _____ C:\Windows\WindowsUpdate.log
2013-09-13 09:06 - 2013-03-30 08:52 - 00000983 _____ C:\Users\Public\Desktop\AVG 2013.lnk
2013-09-12 13:49 - 2013-08-16 21:43 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 13:44 - 2013-03-15 15:03 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-10 10:28 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-09-09 12:09 - 2013-09-09 12:09 - 00000000 ____D C:\Users\Asus\Documents\Benutzerdefinierte Office-Vorlagen
2013-09-08 11:09 - 2013-03-17 08:31 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-05 22:09 - 2013-09-13 15:03 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-05 22:09 - 2013-09-13 15:03 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-05 01:43 - 2013-09-05 01:43 - 00045880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2013-09-04 19:10 - 2012-07-26 07:26 - 00000199 _____ C:\Windows\win.ini
2013-09-03 14:33 - 2013-05-13 08:02 - 00000000 ____D C:\Users\Asus\AppData\Roaming\XBMC
2013-09-03 13:26 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-08-31 08:27 - 2013-08-31 08:27 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-08-31 08:27 - 2013-08-31 08:27 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-08-31 08:27 - 2013-08-31 08:27 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-08-31 08:27 - 2013-03-30 08:52 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-31 08:27 - 2013-03-30 08:51 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-31 08:27 - 2013-03-30 08:51 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-31 08:27 - 2013-03-30 08:51 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-08-31 08:27 - 2013-03-30 08:51 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-08-31 08:25 - 2013-08-31 08:24 - 00000000 ____D C:\Users\Asus\Downloads\The.Bling.Ring.2011.DVDrip.XVID.AC3-ADTRG
2013-08-31 08:14 - 2013-08-31 08:06 - 00000000 ____D C:\AdwCleaner
2013-08-31 08:14 - 2013-08-31 07:54 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-08-31 08:14 - 2012-09-29 02:09 - 00000000 ____D C:\Users\Asus\AppData\Roaming\Uniblue
2013-08-31 08:14 - 2012-09-29 02:09 - 00000000 ____D C:\Program Files (x86)\Uniblue
2013-08-31 08:00 - 2013-08-31 07:52 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-08-31 07:54 - 2013-08-31 07:54 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-08-31 07:53 - 2013-08-31 07:53 - 00001381 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-08-30 23:53 - 2013-08-30 17:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-30 23:00 - 2013-03-30 09:06 - 00000000 ____D C:\Program Files\Google
2013-08-30 23:00 - 2013-03-17 08:30 - 00000000 ____D C:\Program Files (x86)\Google
2013-08-30 18:53 - 2013-05-13 07:12 - 00000000 ____D C:\Users\Asus\Downloads\Corel WinDVD Pro 11.0.0.342.521748 incl. keymaker-CORE
2013-08-30 17:06 - 2013-08-30 17:06 - 00000000 ____D C:\Users\Asus\AppData\Roaming\Malwarebytes
2013-08-30 17:05 - 2013-08-30 17:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-30 16:44 - 2013-03-17 08:30 - 00000000 ____D C:\Users\Asus\AppData\Local\Google
2013-08-30 10:24 - 2013-03-16 22:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-30 10:20 - 2012-07-26 11:45 - 00000000 ____D C:\Windows\ShellNew
2013-08-30 10:11 - 2012-08-02 15:34 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-08-30 10:10 - 2013-08-30 10:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-08-30 10:09 - 2013-08-30 10:09 - 00000000 ____D C:\Windows\PCHEALTH
2013-08-30 10:09 - 2013-08-30 10:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-08-30 10:09 - 2013-08-30 10:09 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-08-30 10:09 - 2012-08-17 02:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-08-30 10:07 - 2013-03-16 19:01 - 00000000 ____D C:\Program Files\Microsoft Office
2013-08-30 10:07 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-08-30 10:02 - 2013-08-30 10:02 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-08-30 10:01 - 2013-08-30 10:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-08-30 09:59 - 2013-08-30 09:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-08-30 09:43 - 2013-08-30 09:43 - 00000000 ____D C:\Users\Asus\AppData\Roaming\WinRAR
2013-08-30 09:43 - 2013-08-30 09:43 - 00000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-08-30 09:43 - 2013-08-30 09:42 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-08-30 09:31 - 2013-05-13 07:23 - 00000000 ____D C:\Users\Asus\AppData\Local\WinZip
2013-08-30 09:13 - 2013-08-30 07:42 - 00000000 ____D C:\Users\Asus\Downloads\www.blockbusters.cc...Microsoft.Office.2010.Professional.Plus.GERMAN.x86.x64.FRiENDS.ONLY-BIE
2013-08-29 23:38 - 2013-08-29 23:38 - 00000306 __RSH C:\Users\Asus\ntuser.pol
2013-08-29 23:38 - 2012-09-25 00:05 - 00000000 ____D C:\Users\Asus
2013-08-29 23:38 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-08-29 23:38 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2013-08-29 23:37 - 2013-08-29 23:34 - 336193560 _____ (Microsoft Corporation) C:\Users\Asus\Desktop\X16-32970.exe
2013-08-29 12:57 - 2013-08-29 12:36 - 00000000 ____D C:\Users\Asus\Downloads\www.torrent.to...Kokowaeaeh.2.German.AC3.BDRiP.XViD-ETM
2013-08-28 23:54 - 2013-08-28 23:53 - 00000460 _____ C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website
2013-08-28 23:51 - 2012-09-25 00:07 - 00000000 ___RD C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-28 23:47 - 2013-08-28 23:28 - 00000000 ____D C:\Program Files (x86)\Amazon
2013-08-28 23:41 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-08-28 23:40 - 2013-08-28 23:25 - 00000000 ____D C:\Users\Asus\AppData\Roaming\amazon
2013-08-28 23:40 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-08-28 23:27 - 2013-08-28 23:27 - 00129536 _____ C:\Users\Public\AlexaNSISPlugin.11680.dll
2013-08-27 22:34 - 2013-08-27 22:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-26 22:33 - 2013-03-17 08:42 - 00000000 ____D C:\Users\Asus\AppData\Local\Adobe
2013-08-26 22:31 - 2013-03-16 11:07 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-08-26 22:30 - 2012-08-17 02:52 - 00000000 ____D C:\ProgramData\Adobe
2013-08-26 22:28 - 2013-08-26 22:28 - 00003340 _____ C:\Windows\System32\Tasks\{5E5DA40E-3F84-4E02-A03F-4CCCFE757576}
2013-08-21 06:12 - 2013-09-12 10:14 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-21 06:12 - 2013-09-12 10:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-21 06:11 - 2013-09-12 10:14 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-21 06:11 - 2013-09-12 10:14 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-21 06:11 - 2013-09-12 10:14 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-21 06:11 - 2013-09-12 10:14 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-21 06:11 - 2013-09-12 10:14 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-21 06:11 - 2013-09-12 10:14 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-08-21 06:11 - 2013-09-12 10:14 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-21 06:11 - 2013-09-12 10:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-21 06:11 - 2013-09-12 10:13 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-21 06:11 - 2013-09-12 10:13 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-21 06:11 - 2013-09-12 10:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-08-21 06:11 - 2013-09-12 10:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-21 06:11 - 2013-09-12 10:13 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-21 04:34 - 2013-09-12 10:13 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-21 04:06 - 2013-09-12 10:14 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-21 04:06 - 2013-09-12 10:14 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-21 04:06 - 2013-09-12 10:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-08-21 04:05 - 2013-09-12 10:14 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-21 04:05 - 2013-09-12 10:14 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-21 04:05 - 2013-09-12 10:14 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-21 04:05 - 2013-09-12 10:14 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-21 04:05 - 2013-09-12 10:14 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-21 04:05 - 2013-09-12 10:14 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-21 04:05 - 2013-09-12 10:13 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-21 04:05 - 2013-09-12 10:13 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-21 04:05 - 2013-09-12 10:13 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-21 04:05 - 2013-09-12 10:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-21 03:43 - 2013-09-12 10:13 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-21 01:52 - 2013-09-12 10:13 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-08-18 09:54 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-08-18 09:54 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-08-18 09:53 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-18 09:53 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-16 07:41 - 2013-09-12 10:18 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2013-08-16 07:39 - 2013-09-12 10:18 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2013-08-16 07:39 - 2013-09-12 10:18 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-08-16 07:32 - 2013-09-12 10:18 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2013-08-16 07:22 - 2013-09-12 10:18 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2013-08-16 07:22 - 2013-09-12 10:18 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-08-16 07:21 - 2013-09-12 10:18 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-08-16 07:21 - 2013-09-12 10:18 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-08-16 07:21 - 2013-09-12 10:18 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-08-16 07:21 - 2013-09-12 10:18 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-08-16 07:21 - 2013-09-12 10:18 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-08-16 07:21 - 2013-09-12 10:18 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-08-16 07:21 - 2013-09-12 10:18 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-08-16 07:21 - 2013-09-12 10:18 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2013-08-16 07:21 - 2013-09-12 10:18 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-08-16 07:21 - 2013-09-12 10:18 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2013-08-16 07:21 - 2013-09-12 10:18 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-08-16 07:21 - 2013-09-12 10:18 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-16 07:21 - 2013-09-12 10:18 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-08-16 07:21 - 2013-09-12 10:18 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2013-08-16 07:21 - 2013-09-12 10:18 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-08-16 07:21 - 2013-09-12 10:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2013-08-16 07:21 - 2013-09-12 10:18 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-08-16 07:21 - 2013-09-12 10:18 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-08-16 07:20 - 2013-09-12 10:18 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2013-08-16 00:43 - 2013-09-12 10:18 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-08-16 00:43 - 2013-09-12 10:18 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-08-16 00:43 - 2013-09-12 10:18 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-08-16 00:43 - 2013-09-12 10:18 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-08-16 00:43 - 2013-09-12 10:18 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-08-16 00:43 - 2013-09-12 10:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-08-16 00:43 - 2013-09-12 10:18 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-16 00:43 - 2013-09-12 10:18 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-08-16 00:43 - 2013-09-12 10:18 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2013-08-16 00:43 - 2013-09-12 10:18 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-08-16 00:43 - 2013-09-12 10:18 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-08-16 00:42 - 2013-09-12 10:18 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2013-08-16 00:42 - 2013-09-12 10:18 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\Users\Public\AlexaNSISPlugin.11680.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-13 09:29
==================== End Of Log ============================
--- --- --- |
|
16.09.2013, 10:01
| #4 |
| /// the machine /// TB-Ausbilder | mysearch virus auf meinem PC Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu mysearch virus auf meinem PC |
| angeblich, antiviren, avast, avg, avira, ccleaner, datei, daten, gefahr, gen, heute, installiert, internet, langsamer, logfile, natürlich, nicht mehr, nichts, problem, programme, total, trojaner, virus, windows, ähnliches |
Linear-Darstellung
