| |
| |||||||
Log-Analyse und Auswertung: Probleme mit searchgol nach deltatoolbar nach installation von imgburn (Win8-x64-chrome)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
14.10.2013, 17:19
| #1 |
  |  Probleme mit searchgol nach deltatoolbar nach installation von imgburn (Win8-x64-chrome) Hallo, ums gleich vorweg zu sagen, dies ist ein Privater PC am Arbeitsplatz (sieht man daran das ich zwar in der Domäne hänge aber auch z.B. Steam installiert habe). Ich bin (alleine) EDV-Abteilung oder so ähnlich.. Bitte helft mir. Ich bin es gewohnt Probleme allein zu lösen, daher bin ich auch mit REVO uninstaller und CCleaner über die Maschine gegangen bevor ich hier http://www.trojaner-board.de/142333-...entfernen.html gefolgt bin. Ich stelle leider fest das ich an diesem Punkt nicht wirklich beschwerdefrei bin. Folgende Symptome: Avira läßt sich nur direkt nach dem Booten ausschalten. Nach dem Booten geht sofort Chrome mit dem Profil meiner Frau auf mit searchgol als start/suchseite (quasi google ersatz). Natürlich kann ich den Rechner neu installieren.. quasi in bruteforce alle ausführbaren programme, scripte, dll's löschen und nur die "daten" retten.. aber was ist mit PDF o.ä. also dokumente die ausführbaren code und daten enthalten? Ah ja. beim defogger habe ich keine Logdatei defogger_disable bekommen, habe darauf wieder eingeschaltet und erneut disabled... Aber alles was ich gefunden habe ist eine defogger_enable.. Frst.txt: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by henry (administrator) on FARAHLON764 on 14-10-2013 11:55:18
Running from C:\Users\henry\Desktop
Windows 8 Pro with Media Center (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Andrea Electronics Corporation) C:\WINDOWS\system32\AEADISRV.EXE
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkManagerDMS.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkDMS.exe
(cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
() C:\Program Files (x86)\SlySoft\Game Jackal v4\Server.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
(UltraVNC) C:\Program Files\UltraVNC\WinVNC.exe
(VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
(UltraVNC) C:\Program Files\UltraVNC\WinVNC.exe
(Xobni Corporation) C:\Program Files (x86)\Xobni\XobniService.exe
(Seiko Epson Corporation) C:\WINDOWS\system32\EscSvc64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Soluto) C:\Program Files\Soluto\soluto.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(BioWare) C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(cFos Software GmbH) C:\Program Files\cFosSpeed\cfosspeed.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Users\henry\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
() C:\Users\henry\moneyplex\mpxalarm.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Raptr, Inc) C:\PROGRA~2\Raptr\raptr.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Microsoft Corporation) C:\WINDOWS\WinStore\WSHost.exe
(Reasonable Software House Ltd.) C:\Program Files (x86)\Reasonable NoClone 2013\NoClone.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint II\SetPointII.exe
(Dropbox, Inc.) C:\Users\henry\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Raptr, Inc) C:\PROGRA~2\Raptr\raptr_im.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
() C:\Program Files (x86)\Tuso\Fiabee Sync\Fiabee.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\TurboV\TurboV.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(CyberLink Corporation.) C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
(Futuredial Inc.) C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google) C:\Users\henry\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(UltraVNC) C:\Program Files\UltraVNC\vncviewer.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
(Samsung Electronics) C:\Program Files\Samsung\Samsung Link\utils\MetaExtractor.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [Fences] - C:\Program Files (x86)\Stardock\Fences\Fences.exe [3995824 2013-02-14] (Stardock Corporation)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-25] (Logitech Inc.)
HKLM\...\Run: [SoundMAX] - C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM\...\Run: [cFosSpeed] - C:\Program Files\cFosSpeed\cFosSpeed.exe [1587040 2013-04-19] (cFos Software GmbH)
HKLM\...\Run: [Samsung Link] - C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [597576 2013-09-23] (Copyright 2013 SAMSUNG)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit
HKCU\...\Run: [D4DD019F40E41690F6DF0D6C69DAE93C752087EE._service_run] - C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe [844752 2013-10-03] (Google Inc.)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-05-22] (Samsung Electronics)
HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-11-22] (Hewlett-Packard Company)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1813928 2013-10-05] (Valve Corporation)
HKCU\...\Run: [TrueCrypt] - C:\Program Files\TrueCrypt\TrueCrypt.exe [1516496 2012-05-08] (TrueCrypt Foundation)
HKCU\...\Run: [Messenger (Yahoo!)] - C:\PROGRA~2\Yahoo!\MESSEN~1\YAHOOM~1.EXE [6595928 2012-05-25] (Yahoo! Inc.)
HKCU\...\Run: [Raptr] - C:\PROGRA~2\Raptr\raptrstub.exe [55360 2013-09-17] (Raptr, Inc)
HKCU\...\Run: [SkyDrive] - C:\Users\henry\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-14] (Microsoft Corporation)
HKCU\...\Run: [Google Update] - C:\Users\henry\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-11-09] (Google Inc.)
HKCU\...\Run: [moneyplex Alarm] - C:\Users\henry\moneyplex\mpxalarm
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19876968 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [Reasonable NoClone] - C:\Program Files (x86)\Reasonable NoClone 2013\NoClone.exe [2298880 2013-04-12] (Reasonable Software House Ltd.)
HKCU\...\Run: [GoogleChromeAutoLaunch_6409145A4A71BEA61BB52E08FDE70AA2] - C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe [844752 2013-10-03] (Google Inc.)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)
HKCU\...\Run: [chromium] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [844752 2013-10-03] (Google Inc.)
MountPoints2: {6ff9c302-c1e1-11e2-be92-000272a66d56} - "G:\AutoRun.exe"
MountPoints2: {b16780b6-a7f3-11e2-be90-000272a66d56} - "E:\AutoRun.exe"
MountPoints2: {dffb8163-ed60-11e2-be99-000272a66d56} - "G:\AutoRun.exe"
HKLM-x32\...\Run: [SoundMAXPnP] - C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1310720 2009-06-05] (Analog Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Ai Nap] - C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe [1439360 2010-03-10] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe [740736 2012-08-03] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-11-18] (cyberlink)
HKLM-x32\...\Run: [Cpu Level Up help] - C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [Fiabee] - C:\Program Files (x86)\Tuso\Fiabee Sync\Fiabee.exe [9934032 2012-08-23] ()
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [QFan Help] - C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe [611968 2010-01-13] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [RemoteControl9] - C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [TurboV] - C:\Program Files (x86)\ASUS\TurboV\TurboV.exe [5672576 2010-03-08] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2011-03-01] (CyberLink Corp.)
HKLM-x32\...\Run: [InstantBurn] - C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [697640 2010-02-10] (CyberLink Corporation.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [ASUS Sync Loader] - C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe [638976 2013-03-01] (Futuredial Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-07-17] (Avira Operations GmbH & Co. KG)
HKU\henry.***Domäne***\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\henry.***Domäne***\...\Run: [ROC_JAN2013_TB] - "C:\Program Files (x86)\AVG Secure Search\ROC_JAN2013_TB.exe" /PROMPT /CMPID=JAN2013_TB
HKU\henry.***Domäne***\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
HKU\henry.***Domäne***\...\RunOnce: [WindowsAnytimeUpgradeResults.exe] - C:\Windows\System32\WindowsAnytimeUpgradeResults.exe [92672 2012-07-26] (Microsoft Corporation)
Startup: C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\henry\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk
ShortcutTarget: Fences.lnk -> C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation)
Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
==================== Internet (Whitelisted) ====================
ProxyServer: http=172.21.12.12:8123;https=172.21.12.12:8123;socks=127.0.0.1:1080
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=ie9hp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?ocid=ie9hp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x65EA2C7711B0CB01
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - DefaultScope {10A47EA0-714E-499D-BEE0-E616F3123D0C} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_de
SearchScopes: HKCU - {10A47EA0-714E-499D-BEE0-E616F3123D0C} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_de
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {D392FFEB-8F85-4903-A08D-E1A6E2344844} URL = hxxp://wow.freierbund.de/index.php?pID=16&s={searchTerms}&x=1
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: LastPass Browser Helper Object - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: af0.Adblock.BHO - {90EFF544-3981-4d46-85C9-C0361D0931D6} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No File
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: ReasonableToolbar.ToolbarBHO - {d8961a1e-25db-33c9-a7c9-3d3e3266b5b8} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\30.0.1599.69\npchrome_frame.dll (Google Inc.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
Toolbar: HKLM-x32 - ReasonableToolbar - {c9a6357b-25cc-4bcf-96c1-78736985d413} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {AD6E6555-FB2C-47D4-8339-3E2965509877} - No File
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.de/common/asusTek_sys_ctrl.cab
DPF: HKLM-x32 {173D9E48-B527-4AA0-A929-30B446002AA8} hxxp://192.168.123.18/DVRemoteAx.cab
DPF: HKLM-x32 {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\30.0.1599.69\npchrome_frame.dll (Google Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.123.3
FireFox:
========
FF ProfilePath: C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.5.1 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: samsung.com/SamsungLinkPCPlugin - C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
FF Plugin HKCU: @Skype.com/Skype Web Plugin - C:\Users\henry\AppData\Local\Skype\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\henry\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\henry\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\henry\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\henry\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\henry\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\henry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\searchplugins\freier-bund-map--guide.xml
FF SearchPlugin: C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\searchplugins\speedydragon.xml
FF Extension: Deutsches Wörterbuch - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\de-DE@dictionaries.addons.mozilla.org
FF Extension: Виявлення пристроїв Logitech - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\DeviceDetection@logitech.com
FF Extension: United States English Spellchecker - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\en-US@dictionaries.addons.mozilla.org
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\fb_add_on@avm.de
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\foxmarks@kei.com
FF Extension: LastPass - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\support@lastpass.com
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}-trash
FF Extension: Flashblock - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
FF Extension: DownloadHelper - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: checkplaces - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\checkplaces@andyhalford.com.xpi
FF Extension: fdm_ffext - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\fdm_ffext@freedownloadmanager.org
FF Extension: finder - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\finder@meingutscheincode.de.xpi
FF Extension: firefox - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\firefox@ghostery.com.xpi
FF Extension: personas - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\personas@christopher.beard.xpi
FF Extension: sipgateffx - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\sipgateffx@michael.rotmanov.xpi
FF Extension: socialfixer - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\socialfixer@mattkruse.com.xpi
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{ba243cb0-b824-4a26-9418-73ee795d9b9d}.xpi
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
Chrome:
=======
CHR HomePage: hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=EEB200FFCD992AA0&affID=121565&tsp=5017
CHR RestoreOnStartup: "hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=EEB200FFCD992AA0&affID=121565&tsp=5017"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\henry\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\henry\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\henry\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Free Download Manager Click Catcher Plug-In for Netscape, Opera, Mozilla) - C:\Users\henry\AppData\Local\Google\Chrome\Application\plugins\npfdm.dll (FreeDownloadManager.org)
CHR Plugin: (Google Talk Plugin) - C:\Users\henry\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\henry\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\henry\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.4.0\\npsitesafety.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Skype Web Plugin) - C:\Users\henry\AppData\Local\Skype\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Skype Click to Call) - C:\Users\henry\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\henry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
==================== Services (Whitelisted) =================
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2009-06-05] (Andrea Electronics Corporation)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkManagerDMS.exe [404360 2013-09-10] (Samsung)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-17] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [815160 2013-08-09] (Avira Operations GmbH & Co. KG)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-04-02] ()
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [480096 2013-04-19] (cFos Software GmbH)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [511920 2011-07-22] (REINER SCT)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-18] (CyberLink)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [221696 2012-05-02] ()
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 GJService; C:\Program Files (x86)\SlySoft\Game Jackal v4\Server.exe [3031624 2010-12-05] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25088 2012-07-26] (Microsoft Corporation)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [276584 2010-03-22] (NVIDIA)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [605768 2013-09-23] (Copyright 2013 SAMSUNG)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [159800 2012-10-28] (Soluto)
R2 UpdateCenterService; C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe [282728 2009-11-06] (NVIDIA)
R2 uvnc_service; C:\Program Files\UltraVNC\WinVNC.exe [1907656 2010-11-28] (UltraVNC)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [471552 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2012-01-20] (Xobni Corporation)
S2 SplashtopRemoteService; "C:\Program Files (x86)\Splashtop\Splashtop Remote\SERVER\SRService.exe" [x]
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2009-12-05] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-08-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132088 2013-07-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-02-26] (Avira Operations GmbH & Co. KG)
S3 cjusb; C:\Windows\system32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
R1 CLBStor; C:\Windows\System32\Drivers\CLBStor.sys [24560 2009-10-07] (Cyberlink Co.,Ltd.)
R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [376304 2009-10-07] (CyberLink Corporation.)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37392 2009-11-26] (Paragon Software Group)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2009-12-05] ()
R3 Maplom; C:\Windows\System32\Drivers\Maplom.sys [33864 2010-12-05] (SlySoft Inc.)
R3 MaplomL; C:\Windows\System32\Drivers\MaplomL.sys [58440 2010-12-05] (SlySoft Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [185856 2012-07-26] (Microsoft Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R0 mv61xx; C:\Windows\System32\drivers\mv61xx.sys [178728 2009-05-12] (Marvell Semiconductor, Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
S3 ogtap100; C:\Windows\system32\DRIVERS\ogtap100.sys [36736 2013-04-03] (The OpenVPN Project)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [203672 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 sthid; C:\Windows\System32\drivers\sthid.sys [21216 2013-04-01] (Splashtop Inc.)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-02-12] (Microsoft Corporation)
R0 vidsflt53; C:\Windows\System32\DRIVERS\vsflt53.sys [141920 2012-10-26] (Acronis)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [295792 2012-10-02] (Marvell)
R3 cpuz135; \??\C:\WINDOWS\TEMP\cpuz135\cpuz135_x64.sys [x]
S3 hwdatacard; \SystemRoot\system32\DRIVERS\ewusbmdm.sys [x]
U3 idsvc;
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2013-06-06] (Seiko Epson Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-14 10:58 - 2013-10-14 10:58 - 00000000 _____ C:\Users\henry\defogger_reenable
2013-10-14 10:48 - 2013-10-14 10:48 - 01954124 _____ (Farbar) C:\Users\henry\Desktop\FRST64.exe
2013-10-14 10:45 - 2013-10-14 10:45 - 00050477 _____ C:\Users\henry\Desktop\Defogger.exe
2013-10-14 09:58 - 2013-10-14 09:58 - 100838232 _____ C:\WINDOWS\SysWOW64\跶擡炜ĩ
2013-10-14 09:57 - 2013-10-14 09:57 - 00000022 _____ C:\WINDOWS\S.dirmngr
2013-10-14 09:05 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2013-10-14 09:05 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2013-10-14 09:05 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2013-10-14 09:05 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2013-10-14 09:05 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2013-10-14 09:05 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2013-10-14 09:05 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2013-10-14 09:05 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2013-10-14 09:05 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2013-10-14 09:05 - 2013-08-02 08:28 - 19758080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-10-14 09:05 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-10-14 09:05 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2013-10-14 09:05 - 2013-08-02 08:26 - 02304512 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-10-14 09:05 - 2013-08-02 07:08 - 17561088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-10-14 09:05 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-10-14 09:05 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2013-10-14 09:05 - 2013-08-02 07:06 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-10-14 09:05 - 2013-08-01 12:41 - 02233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-10-14 09:05 - 2013-07-31 01:30 - 00386923 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-10-14 09:05 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2013-10-14 09:05 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2013-10-14 09:05 - 2013-07-13 08:15 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll
2013-10-14 09:05 - 2013-07-13 06:23 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2013-10-14 09:05 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-10-14 09:05 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-10-11 19:05 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-10-11 19:05 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-10-11 19:05 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-10-11 19:05 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-10-11 19:05 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-10-11 19:05 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-10-11 19:05 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-10-11 19:05 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-10-11 19:05 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-10-11 19:05 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-10-11 19:05 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-10-11 19:05 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-10-11 19:05 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-10-11 19:05 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-10-11 19:05 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-10-11 19:05 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-10-11 19:05 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-10-11 19:05 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2013-10-11 19:05 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2013-10-11 19:05 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-10-11 19:05 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-10-11 19:05 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2013-10-11 19:05 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2013-10-11 19:05 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2013-10-11 19:05 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2013-10-11 19:05 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2013-10-11 19:05 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2013-10-11 19:05 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-10-11 19:05 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2013-10-11 19:05 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2013-10-11 19:05 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2013-10-11 19:04 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2013-10-11 19:04 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2013-10-11 18:57 - 2013-08-23 07:11 - 04040192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-10-11 18:57 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 18:57 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 18:57 - 2013-07-06 00:02 - 00121984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2013-10-11 18:57 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2013-10-11 18:57 - 2013-07-02 03:41 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2013-10-11 18:57 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-10-11 18:57 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2013-10-11 18:57 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2013-10-11 18:57 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2013-10-11 18:57 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2013-10-11 18:57 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2013-10-11 18:57 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2013-10-11 18:57 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2013-10-11 18:57 - 2013-06-29 05:07 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2013-10-11 18:57 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2013-10-11 18:57 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-10-11 18:57 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2013-10-11 18:57 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2013-10-11 18:57 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2013-10-11 18:57 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2013-10-11 18:57 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2013-10-11 18:57 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2013-10-08 19:30 - 2013-10-08 19:31 - 00001300 _____ C:\WINDOWS\system32\TeamViewer8_Hooks.log
2013-10-08 18:58 - 2013-10-08 18:58 - 00000000 ____D C:\Users\henry\AppData\Roaming\Avira
2013-10-08 18:54 - 2013-10-08 18:54 - 00082136 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2013-10-08 18:52 - 2013-10-08 18:52 - 00002038 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-10-08 18:52 - 2013-10-08 18:52 - 00000000 ____D C:\ProgramData\Avira
2013-10-08 18:52 - 2013-10-08 18:52 - 00000000 ____D C:\Program Files (x86)\Avira
2013-10-08 18:52 - 2013-08-22 17:51 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2013-10-08 18:52 - 2013-07-15 16:08 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2013-10-08 18:52 - 2013-02-26 16:56 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2013-10-02 11:05 - 2013-10-02 11:05 - 00067181 _____ C:\Users\henry\Desktop\JRT.txt
2013-10-02 11:01 - 2013-10-02 11:01 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-01 19:04 - 2013-10-01 19:07 - 00000000 ____D C:\AdwCleaner
2013-10-01 19:04 - 2013-10-01 19:04 - 01045226 _____ C:\Users\henry\Downloads\adwcleaner.exe
2013-10-01 18:39 - 2013-10-01 18:39 - 00081335 _____ C:\Users\henry\Downloads\FRST.txt
2013-10-01 18:38 - 2013-10-01 18:39 - 00064453 _____ C:\Users\henry\Downloads\Addition.txt
2013-10-01 18:36 - 2013-10-01 18:36 - 01953880 _____ (Farbar) C:\Users\henry\Downloads\FRST64.exe
2013-10-01 18:36 - 2013-10-01 18:36 - 00000000 ____D C:\FRST
2013-10-01 12:52 - 2013-10-01 12:52 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-01 12:51 - 2013-10-01 12:51 - 00002105 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2013-10-01 12:47 - 2013-09-12 10:58 - 22102304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 11274528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2013-10-01 12:47 - 2013-09-12 10:58 - 09281032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 07720576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 07648000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 06329552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 02970400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 02789152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 02367264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 02007328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6432723.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6432723.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 00681760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 00603424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 00586016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 00515360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2013-10-01 12:47 - 2013-08-20 15:33 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2013-10-01 12:47 - 2013-08-20 15:32 - 00029984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2013-10-01 12:47 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2013-10-01 12:46 - 2013-09-12 10:58 - 25256224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2013-10-01 12:46 - 2013-09-12 10:58 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2013-10-01 12:42 - 2013-10-01 12:42 - 00000000 ____D C:\NVIDIA
2013-10-01 09:55 - 2013-10-01 09:55 - 00000000 ____D C:\Users\henry\Desktop\rkill
2013-10-01 09:54 - 2013-10-01 09:57 - 00002792 _____ C:\Users\henry\Desktop\Rkill.txt
2013-10-01 09:53 - 2013-10-01 09:53 - 01898112 _____ (Bleeping Computer, LLC) C:\Users\henry\Downloads\rkill.com
2013-09-30 16:29 - 2013-09-30 16:29 - 00002410 _____ C:\Users\Public\Desktop\Bitvise SSH Client.lnk
2013-09-30 16:29 - 2013-09-30 16:29 - 00000000 ____D C:\Program Files (x86)\Bitvise SSH Client
2013-09-30 16:28 - 2013-09-30 16:29 - 07304920 _____ C:\Users\henry\Downloads\BvSshClient-Inst.exe
2013-09-27 17:51 - 2013-09-30 17:16 - 00010662 _____ C:\Users\henry\Documents\fingPersist.tmp
2013-09-27 17:51 - 2013-09-27 23:11 - 00009116 _____ C:\Users\henry\Documents\Fing.html
2013-09-27 16:47 - 2013-09-27 16:47 - 00000000 ____D C:\Users\henry\AppData\Roaming\Overlook
2013-09-27 16:46 - 2013-09-27 16:46 - 03165917 _____ C:\Users\henry\Downloads\overlook-fing-2.2.exe
2013-09-27 16:46 - 2013-09-27 16:46 - 00000000 ____D C:\ProgramData\Overlook
2013-09-27 16:46 - 2013-09-27 16:46 - 00000000 ____D C:\Program Files (x86)\Overlook Fing 2.2
2013-09-27 10:00 - 2013-10-14 09:58 - 00162649 _____ C:\WINDOWS\setupact.log
2013-09-27 10:00 - 2013-09-27 10:00 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-09-27 09:59 - 2013-10-14 09:55 - 00115614 _____ C:\WINDOWS\PFRO.log
2013-09-27 09:28 - 2013-09-27 09:28 - 00000000 ____D C:\Users\henry\AppData\Local\avgchrome
2013-09-27 08:44 - 2013-09-27 08:44 - 00031107 _____ C:\Users\henry\Downloads\crunchbang-11-20130506-i486.iso.torrent
2013-09-26 17:35 - 2013-09-26 17:35 - 00001081 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-26 17:35 - 2013-09-26 17:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-26 17:35 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-09-26 17:11 - 2013-09-26 17:11 - 00000000 ____D C:\Users\henry\Documents\Egosoft
2013-09-26 16:52 - 2013-09-26 16:53 - 00018473 _____ C:\WINDOWS\DirectX.log
2013-09-26 16:19 - 2013-09-26 16:20 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\henry\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-26 11:02 - 2013-09-26 11:45 - 832569344 _____ C:\Users\henry\Downloads\ubuntu-13.04-desktop-i386.iso
2013-09-26 09:39 - 2013-09-26 10:21 - 823132160 _____ C:\Users\henry\Downloads\ubuntu-13.04-desktop-amd64.iso
2013-09-25 14:53 - 2013-09-25 14:53 - 01111358 _____ C:\Users\henry\Downloads\DualBootUtilities-1.0.1.zip
2013-09-25 14:52 - 2013-09-25 14:53 - 06687638 _____ C:\Users\henry\Downloads\DualBootPatcher-1.9.zip
2013-09-25 11:54 - 2013-09-25 11:54 - 00447201 _____ C:\Users\henry\Downloads\DualBootSwitcher-1.0.apk
2013-09-24 15:43 - 2013-09-24 15:47 - 91155016 _____ (Copyright 2013 SAMSUNG) C:\Users\henry\Downloads\SamsungLink_Installer64.exe
2013-09-24 11:53 - 2013-09-24 11:53 - 00176719 _____ C:\Users\henry\Downloads\CCEnhancer-3.8-multilanguage.zip
2013-09-24 11:43 - 2013-09-24 11:43 - 00000000 ____D C:\ProgramData\Oracle
2013-09-24 11:41 - 2013-09-24 11:41 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-09-24 11:41 - 2013-09-24 11:41 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-09-24 11:41 - 2013-09-24 11:41 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-09-24 11:00 - 2013-09-24 11:00 - 00776040 _____ C:\Users\henry\Documents\cc_20130924_110035.reg
2013-09-23 08:51 - 2013-09-23 08:52 - 00000000 ____D C:\Users\henry\Downloads\Odin3-v3.09
2013-09-23 08:51 - 2013-09-23 08:51 - 00820100 _____ C:\Users\henry\Downloads\Odin3-v3.09.rar
2013-09-20 07:30 - 2013-09-20 07:30 - 00000222 _____ C:\Users\henry\Desktop\X3 Albion Prelude.url
2013-09-20 07:30 - 2013-09-20 07:30 - 00000220 _____ C:\Users\henry\Desktop\X3 Terran Conflict.url
2013-09-20 07:30 - 2013-09-20 07:30 - 00000000 ____D C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-09-18 10:16 - 2013-09-18 10:16 - 00000000 ____D C:\Users\henry\AppData\Roaming\MusicBrainz
2013-09-18 10:16 - 2013-09-18 10:16 - 00000000 ____D C:\Users\henry\AppData\Local\cache
2013-09-18 10:16 - 2013-09-18 10:16 - 00000000 ____D C:\Program Files (x86)\MusicBrainz Picard
==================== One Month Modified Files and Folders =======
2013-10-14 11:51 - 2010-01-23 13:07 - 00000000 ____D C:\Users\henry\AppData\Roaming\Free Download Manager
2013-10-14 11:50 - 2012-10-30 14:23 - 01257676 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-14 11:50 - 2010-03-06 17:44 - 00000000 ____D C:\Users\henry\AppData\Roaming\Skype
2013-10-14 11:43 - 2009-11-22 01:02 - 00003942 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{10275E3E-1283-4D8C-AB6E-ACF96EB5F677}
2013-10-14 11:30 - 2012-05-11 09:50 - 00000000 ____D C:\Users\henry\AppData\Roaming\Dropbox
2013-10-14 11:30 - 2012-04-10 09:22 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-14 11:24 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-10-14 11:06 - 2009-11-22 02:08 - 00001108 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-14 11:00 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-10-14 10:58 - 2013-10-14 10:58 - 00000000 _____ C:\Users\henry\defogger_reenable
2013-10-14 10:58 - 2012-11-09 12:28 - 00001144 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924421799-2045358301-2701136695-1001UA.job
2013-10-14 10:58 - 2012-10-30 13:54 - 00000000 ____D C:\Users\henry
2013-10-14 10:58 - 2010-01-23 13:07 - 00000000 ____D C:\Program Files (x86)\Free Download Manager
2013-10-14 10:48 - 2013-10-14 10:48 - 01954124 _____ (Farbar) C:\Users\henry\Desktop\FRST64.exe
2013-10-14 10:45 - 2013-10-14 10:45 - 00050477 _____ C:\Users\henry\Desktop\Defogger.exe
2013-10-14 10:45 - 2010-01-24 12:29 - 00000000 ____D C:\Users\henry\Documents\Outlook-Dateien
2013-10-14 10:41 - 2012-02-28 15:28 - 00000000 ____D C:\Users\henry\AppData\Roaming\Fiabee
2013-10-14 10:06 - 2012-10-15 19:18 - 00001914 _____ C:\Users\henry\Desktop\MySyncFolder.lnk
2013-10-14 10:06 - 2012-10-15 11:16 - 00000000 ____D C:\Users\henry\AppData\Roaming\ASUS WebStorage
2013-10-14 10:05 - 2012-08-10 13:55 - 00000000 ____D C:\Users\henry\AppData\Roaming\Raptr
2013-10-14 10:05 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-10-14 10:04 - 2012-05-11 09:53 - 00000000 ___RD C:\Users\henry\Dropbox
2013-10-14 10:03 - 2012-10-31 09:39 - 00000000 ___RD C:\Users\henry\SkyDrive
2013-10-14 10:03 - 2012-08-20 10:21 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-14 10:01 - 2009-11-21 09:26 - 00000000 ___RD C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-14 10:01 - 2009-11-21 09:26 - 00000000 ___RD C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-14 10:00 - 2013-06-03 17:24 - 00000388 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-10-14 10:00 - 2013-01-24 11:12 - 00000392 _____ C:\WINDOWS\Tasks\ROC_JAN2013_TB_rmv.job
2013-10-14 10:00 - 2009-11-22 02:08 - 00001104 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-14 09:59 - 2011-09-20 21:35 - 00000000 ____D C:\ProgramData\VMware
2013-10-14 09:58 - 2013-10-14 09:58 - 100838232 _____ C:\WINDOWS\SysWOW64\跶擡炜ĩ
2013-10-14 09:58 - 2013-09-27 10:00 - 00162649 _____ C:\WINDOWS\setupact.log
2013-10-14 09:58 - 2009-11-24 00:18 - 00000175 ___SH C:\ProgramData\.zreglib
2013-10-14 09:57 - 2013-10-14 09:57 - 00000022 _____ C:\WINDOWS\S.dirmngr
2013-10-14 09:57 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-14 09:57 - 2012-01-24 19:34 - 00000152 _____ C:\WINDOWS\system32\config\netlogon.ftl
2013-10-14 09:57 - 2009-11-22 01:12 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-14 09:55 - 2013-09-27 09:59 - 00115614 _____ C:\WINDOWS\PFRO.log
2013-10-14 09:55 - 2012-01-30 11:51 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-14 09:55 - 2009-11-22 08:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-14 09:53 - 2012-07-26 07:26 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2013-10-14 09:52 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\ToastData
2013-10-14 08:53 - 2012-05-11 09:52 - 00000000 ____D C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-10-11 19:19 - 2009-11-22 10:15 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-11 19:18 - 2013-08-15 03:14 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-11 19:10 - 2009-11-22 02:16 - 80541720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-08 22:02 - 2009-11-22 02:08 - 00004080 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-08 22:00 - 2009-11-22 02:08 - 00003844 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-08 20:31 - 2012-04-10 09:22 - 00003796 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-10-08 19:31 - 2013-10-08 19:30 - 00001300 _____ C:\WINDOWS\system32\TeamViewer8_Hooks.log
2013-10-08 19:30 - 2013-01-29 12:04 - 00001058 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-10-08 18:58 - 2013-10-08 18:58 - 00000000 ____D C:\Users\henry\AppData\Roaming\Avira
2013-10-08 18:54 - 2013-10-08 18:54 - 00082136 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2013-10-08 18:52 - 2013-10-08 18:52 - 00002038 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-10-08 18:52 - 2013-10-08 18:52 - 00000000 ____D C:\ProgramData\Avira
2013-10-08 18:52 - 2013-10-08 18:52 - 00000000 ____D C:\Program Files (x86)\Avira
2013-10-08 16:58 - 2012-11-09 12:28 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924421799-2045358301-2701136695-1001Core.job
2013-10-08 16:53 - 2012-11-09 12:28 - 00004094 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2924421799-2045358301-2701136695-1001UA
2013-10-08 16:53 - 2012-11-09 12:28 - 00003714 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2924421799-2045358301-2701136695-1001Core
2013-10-07 17:59 - 2009-11-24 00:18 - 00000000 ____D C:\ProgramData\SlySoft
2013-10-07 16:05 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-10-07 09:15 - 2012-08-13 14:24 - 00000000 ____D C:\Users\henry\AppData\Roaming\TeamViewer
2013-10-04 17:44 - 2012-11-09 12:30 - 00002379 _____ C:\Users\henry\Desktop\Google Chrome.lnk
2013-10-02 11:05 - 2013-10-02 11:05 - 00067181 _____ C:\Users\henry\Desktop\JRT.txt
2013-10-02 11:01 - 2013-10-02 11:01 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-02 03:38 - 2013-05-21 08:43 - 00694232 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-10-02 03:38 - 2013-05-21 08:43 - 00078296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-01 19:07 - 2013-10-01 19:04 - 00000000 ____D C:\AdwCleaner
2013-10-01 19:04 - 2013-10-01 19:04 - 01045226 _____ C:\Users\henry\Downloads\adwcleaner.exe
2013-10-01 18:39 - 2013-10-01 18:39 - 00081335 _____ C:\Users\henry\Downloads\FRST.txt
2013-10-01 18:39 - 2013-10-01 18:38 - 00064453 _____ C:\Users\henry\Downloads\Addition.txt
2013-10-01 18:36 - 2013-10-01 18:36 - 01953880 _____ (Farbar) C:\Users\henry\Downloads\FRST64.exe
2013-10-01 18:36 - 2013-10-01 18:36 - 00000000 ____D C:\FRST
2013-10-01 18:36 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default
2013-10-01 18:19 - 2012-04-19 16:59 - 00000000 ____D C:\Users\henry\AppData\Roaming\gnupg
2013-10-01 15:22 - 2012-07-26 10:12 - 00000000 __RHD C:\Users\Public\Libraries
2013-10-01 12:53 - 2012-10-30 13:11 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-01 12:53 - 2009-11-22 01:12 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-01 12:52 - 2013-10-01 12:52 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-01 12:52 - 2012-10-30 13:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-01 12:51 - 2013-10-01 12:51 - 00002105 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2013-10-01 12:42 - 2013-10-01 12:42 - 00000000 ____D C:\NVIDIA
2013-10-01 09:57 - 2013-10-01 09:54 - 00002792 _____ C:\Users\henry\Desktop\Rkill.txt
2013-10-01 09:55 - 2013-10-01 09:55 - 00000000 ____D C:\Users\henry\Desktop\rkill
2013-10-01 09:53 - 2013-10-01 09:53 - 01898112 _____ (Bleeping Computer, LLC) C:\Users\henry\Downloads\rkill.com
2013-09-30 17:16 - 2013-09-27 17:51 - 00010662 _____ C:\Users\henry\Documents\fingPersist.tmp
2013-09-30 16:36 - 2009-08-25 12:00 - 00000000 ___RD C:\Users\henry\Downloads\Software
2013-09-30 16:29 - 2013-09-30 16:29 - 00002410 _____ C:\Users\Public\Desktop\Bitvise SSH Client.lnk
2013-09-30 16:29 - 2013-09-30 16:29 - 00000000 ____D C:\Program Files (x86)\Bitvise SSH Client
2013-09-30 16:29 - 2013-09-30 16:28 - 07304920 _____ C:\Users\henry\Downloads\BvSshClient-Inst.exe
2013-09-30 08:54 - 2009-11-21 11:20 - 00000000 ____D C:\Users\henry\AppData\Roaming\Mozilla
2013-09-27 23:11 - 2013-09-27 17:51 - 00009116 _____ C:\Users\henry\Documents\Fing.html
2013-09-27 18:34 - 2012-10-30 14:48 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2924421799-2045358301-2701136695-1001
2013-09-27 17:46 - 2012-05-21 12:12 - 00000000 ____D C:\Users\henry\AppData\Roaming\Notepad++
2013-09-27 16:47 - 2013-09-27 16:47 - 00000000 ____D C:\Users\henry\AppData\Roaming\Overlook
2013-09-27 16:46 - 2013-09-27 16:46 - 03165917 _____ C:\Users\henry\Downloads\overlook-fing-2.2.exe
2013-09-27 16:46 - 2013-09-27 16:46 - 00000000 ____D C:\ProgramData\Overlook
2013-09-27 16:46 - 2013-09-27 16:46 - 00000000 ____D C:\Program Files (x86)\Overlook Fing 2.2
2013-09-27 10:36 - 2012-08-10 13:55 - 00000000 ____D C:\Program Files (x86)\Raptr
2013-09-27 10:29 - 2012-10-30 14:39 - 00000000 ____D C:\Users\henry\AppData\Local\Packages
2013-09-27 10:00 - 2013-09-27 10:00 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-09-27 09:28 - 2013-09-27 09:28 - 00000000 ____D C:\Users\henry\AppData\Local\avgchrome
2013-09-27 08:44 - 2013-09-27 08:44 - 00031107 _____ C:\Users\henry\Downloads\crunchbang-11-20130506-i486.iso.torrent
2013-09-26 17:37 - 2013-01-11 12:53 - 00001085 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2013-09-26 17:35 - 2013-09-26 17:35 - 00001081 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-26 17:35 - 2013-09-26 17:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-26 17:11 - 2013-09-26 17:11 - 00000000 ____D C:\Users\henry\Documents\Egosoft
2013-09-26 16:53 - 2013-09-26 16:52 - 00018473 _____ C:\WINDOWS\DirectX.log
2013-09-26 16:50 - 2012-05-24 18:43 - 00000000 ____D C:\Users\henry\Documents\MailStore Home
2013-09-26 16:50 - 2012-05-24 18:43 - 00000000 ____D C:\ProgramData\firebird
2013-09-26 16:20 - 2013-09-26 16:19 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\henry\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-26 16:02 - 2009-11-22 02:17 - 00001837 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2013-09-26 11:45 - 2013-09-26 11:02 - 832569344 _____ C:\Users\henry\Downloads\ubuntu-13.04-desktop-i386.iso
2013-09-26 10:21 - 2013-09-26 09:39 - 823132160 _____ C:\Users\henry\Downloads\ubuntu-13.04-desktop-amd64.iso
2013-09-25 14:53 - 2013-09-25 14:53 - 01111358 _____ C:\Users\henry\Downloads\DualBootUtilities-1.0.1.zip
2013-09-25 14:53 - 2013-09-25 14:52 - 06687638 _____ C:\Users\henry\Downloads\DualBootPatcher-1.9.zip
2013-09-25 11:54 - 2013-09-25 11:54 - 00447201 _____ C:\Users\henry\Downloads\DualBootSwitcher-1.0.apk
2013-09-24 15:47 - 2013-09-24 15:43 - 91155016 _____ (Copyright 2013 SAMSUNG) C:\Users\henry\Downloads\SamsungLink_Installer64.exe
2013-09-24 11:53 - 2013-09-24 11:53 - 00176719 _____ C:\Users\henry\Downloads\CCEnhancer-3.8-multilanguage.zip
2013-09-24 11:43 - 2013-09-24 11:43 - 00000000 ____D C:\ProgramData\Oracle
2013-09-24 11:41 - 2013-09-24 11:41 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-09-24 11:41 - 2013-09-24 11:41 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-09-24 11:41 - 2013-09-24 11:41 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-09-24 11:41 - 2013-07-08 15:10 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-09-24 11:41 - 2012-07-08 13:46 - 00868264 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\npdeployJava1.dll
2013-09-24 11:41 - 2010-04-24 16:47 - 00790440 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\deployJava1.dll
2013-09-24 11:36 - 2013-09-05 09:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-09-24 11:36 - 2013-08-15 15:07 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-09-24 11:36 - 2013-03-06 10:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-24 11:36 - 2012-11-21 04:24 - 00000000 ____D C:\WINDOWS\Minidump
2013-09-24 11:36 - 2012-10-29 20:05 - 00000000 ____D C:\WINDOWS\Panther
2013-09-24 11:36 - 2011-09-23 08:02 - 00000000 ____D C:\Users\henry\AppData\Local\VMware
2013-09-24 11:36 - 2011-07-20 21:37 - 00000000 ____D C:\Users\henry\AppData\Local\Downloaded Installations
2013-09-24 11:36 - 2010-04-16 22:07 - 00000000 ____D C:\Users\henry\AppData\Roaming\inkscape
2013-09-24 11:36 - 2010-04-10 03:34 - 00000000 ____D C:\Users\henry\AppData\Local\Paint.NET
2013-09-24 11:36 - 2009-11-22 02:09 - 00000000 ____D C:\ProgramData\Skype
2013-09-24 11:36 - 2009-06-19 23:01 - 00000000 ____D C:\Users\henry\Tracing
2013-09-24 11:09 - 2009-11-24 10:17 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-09-24 11:00 - 2013-09-24 11:00 - 00776040 _____ C:\Users\henry\Documents\cc_20130924_110035.reg
2013-09-24 10:09 - 2011-01-30 20:39 - 00001732 _____ C:\Users\Public\Desktop\Defraggler.lnk
2013-09-24 10:09 - 2010-01-18 07:51 - 00000000 ____D C:\Program Files\Defraggler
2013-09-24 09:26 - 2011-01-28 09:20 - 00000989 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-23 08:52 - 2013-09-23 08:51 - 00000000 ____D C:\Users\henry\Downloads\Odin3-v3.09
2013-09-23 08:51 - 2013-09-23 08:51 - 00820100 _____ C:\Users\henry\Downloads\Odin3-v3.09.rar
2013-09-23 01:28 - 2013-10-11 19:05 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-11 19:05 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-11 19:05 - 14335488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-09-23 01:27 - 2013-10-11 19:05 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-11 19:05 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-11 19:05 - 02048512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-11 19:05 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-11 19:05 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-09-23 00:55 - 2013-10-11 19:05 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-09-23 00:55 - 2013-10-11 19:05 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-11 19:05 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-11 19:05 - 19252224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-11 19:05 - 15404544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-11 19:05 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-11 19:05 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-11 19:05 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-09-23 00:54 - 2013-10-11 19:05 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-09-20 07:30 - 2013-09-20 07:30 - 00000222 _____ C:\Users\henry\Desktop\X3 Albion Prelude.url
2013-09-20 07:30 - 2013-09-20 07:30 - 00000220 _____ C:\Users\henry\Desktop\X3 Terran Conflict.url
2013-09-20 07:30 - 2013-09-20 07:30 - 00000000 ____D C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-09-19 23:12 - 2013-02-25 20:02 - 00000000 ____D C:\Program Files\Kyocera
2013-09-18 15:38 - 2013-03-18 11:36 - 00000953 _____ C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
2013-09-18 15:38 - 2011-10-01 14:20 - 00000000 ____D C:\Program Files (x86)\Last.fm
2013-09-18 15:36 - 2013-03-18 12:05 - 00000000 ____D C:\Users\henry\AppData\Roaming\foobar2000
2013-09-18 10:16 - 2013-09-18 10:16 - 00000000 ____D C:\Users\henry\AppData\Roaming\MusicBrainz
2013-09-18 10:16 - 2013-09-18 10:16 - 00000000 ____D C:\Users\henry\AppData\Local\cache
2013-09-18 10:16 - 2013-09-18 10:16 - 00000000 ____D C:\Program Files (x86)\MusicBrainz Picard
2013-09-18 09:51 - 2012-06-06 11:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Users\henry\AppData\Local\Temp\i4jdel0.exe
C:\Users\henry\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\henry\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\henry\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\henry\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\henry\AppData\Local\Temp\nvStInst.exe
C:\Users\henry\AppData\Local\Temp\Quarantine.exe
C:\Users\henry\AppData\Local\Temp\SamsungAPInstaller_1380029602058.exe
C:\Users\henry\AppData\Local\Temp\uninst1.exe
C:\Users\henry\AppData\Local\Temp\VSUSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-11 19:02
==================== End Of Log ============================
--- --- --- GMER.LOG Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-10-14 18:28:34
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.1AA0 931,51GB
Running: zyy5l85y.exe; Driver: C:\Users\henry\AppData\Local\Temp\uxlorfoc.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff960000d4a00 7 bytes [40, CA, 81, 01, 00, 4C, F2]
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 8 fffff960000d4a08 7 bytes [01, EA, BF, FF, 00, C7, DA]
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed -1722754004
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272a66d56
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272a66d56@6c8336e41cf3 0xC2 0x4B 0xC8 0x1C ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Upgrade\LocalRadioSettings
Reg HKCU\Software\Microsoft\Windows Live\Companion\******@hotmail.com@09ee2a995e006444eb60aa8ebed7f942\r\n 0xD1 0x48 0xC0 0x77 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\******@hotmail.com@2ab3624df121c9fc822a113c5bb8cea3\r\n 0xD1 0x48 0xC0 0xF7 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\******@hotmail.com@60d84cc295ead2635c9155d248a66319\r\n 0x0A 0xE2 0x64 0x52 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\******@hotmail.com@9f1922cfebcf9613d19795c1488396d2\r\n 0xC2 0x0B 0xAB 0xDF ...
---- EOF - GMER 2.1 ----
Geändert von Gwellion (14.10.2013 um 17:36 Uhr) |
|
14.10.2013, 18:06
| #2 | |
| /// the machine /// TB-Ausbilder   | Probleme mit searchgol nach deltatoolbar nach installation von imgburn (Win8-x64-chrome) hi,
__________________Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ |
|
15.10.2013, 08:54
| #3 |
| | Probleme mit searchgol nach deltatoolbar nach installation von imgburn (Win8-x64-chrome) Ok das Logfile ist zu lang.. also per Anhang.
__________________Aber mal vorab: userinit wäre infiziert gewesen.. (nur mit was ist die Frage). |
|
15.10.2013, 09:11
| #4 |
| | Probleme mit searchgol nach deltatoolbar nach installation von imgburn (Win8-x64-chrome) Nach dem Neustart war Avira wieder aktiv. und hat auch über Registrierdatenbankzugriffe gemeckert. Möglicherweise habe ich es "falsch" abgestellt? Hätte ich das in der Systemsteuerung statt in der Tasktray ausschalten sollen? |
|
15.10.2013, 18:37
| #5 |
| /// the machine /// TB-Ausbilder | Probleme mit searchgol nach deltatoolbar nach installation von imgburn (Win8-x64-chrome) Nee passt. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.10.2013, 09:20
| #6 |
| | Probleme mit searchgol nach deltatoolbar nach installation von imgburn (Win8-x64-chrome) Servus Schrauber, hier MBAM: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.10.16.04 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16721 henry :: FARAHLON764 [Administrator] 16.10.2013 10:02:42 mbam-log-2013-10-16 (10-02-42).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 350968 Laufzeit: 11 Minute(n), 41 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende)  das Problem zu lösen:Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.27.01 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16688 henry :: FARAHLON764 [Administrator] 27.09.2013 10:50:26 mbam-log-2013-09-27 (10-50-26).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 785935 Laufzeit: 2 Stunde(n), 22 Minute(n), 20 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 4 HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 4 C:\Users\henry\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Roaming\OpenCandy\B295FFC15CF84A5181DDFDA965E5F165 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Roaming\OpenCandy\OpenCandy_1072DD5994F84A388E18B96B3537B069 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 23 C:\Downloads\Software\SetupImgBurn_2.5.8.0.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\$RECYCLE.BIN\S-1-5-21-2924421799-2045358301-2701136695-1001\$RF33APX\BabMaint.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\DSearchLink\DSearchLink.exe (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\559K438T\pack[1].7z (PUP.Optional.PerformerSoft.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Local\Temp\83A7846F-BAB0-7891-A8D3-EA9205F55912\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Local\Temp\83A7846F-BAB0-7891-A8D3-EA9205F55912\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Local\Temp\83A7846F-BAB0-7891-A8D3-EA9205F55912\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Local\Temp\83A7846F-BAB0-7891-A8D3-EA9205F55912\Latest\DSearchLink.exe (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Local\Temp\83A7846F-BAB0-7891-A8D3-EA9205F55912\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Local\Temp\83A7846F-BAB0-7891-A8D3-EA9205F55912\Latest\MyDeltaTB.exe (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Local\Temp\83A7846F-BAB0-7891-A8D3-EA9205F55912\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Roaming\OpenCandy\B295FFC15CF84A5181DDFDA965E5F165\DeltaTB.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Roaming\OpenCandy\OpenCandy_1072DD5994F84A388E18B96B3537B069\LatestDLMgr.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\Downloads\Software\DTLite4452-0287.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\Downloads\Software\MyPhoneExplorer_Setup_1.8.2.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\Downloads\Software\produkey-x64.zip (PUP.PSWTool.ProductKey) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage (PUP.Optional.BrowserDefender.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Roaming\OpenCandy\OpenCandy_1072DD5994F84A388E18B96B3537B069\2359.ico (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Roaming\OpenCandy\OpenCandy_1072DD5994F84A388E18B96B3537B069\avg-800341.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Roaming\OpenCandy\OpenCandy_1072DD5994F84A388E18B96B3537B069\AVGToolbarLS_p2v1.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Roaming\OpenCandy\OpenCandy_1072DD5994F84A388E18B96B3537B069\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\henry\AppData\Roaming\OpenCandy\OpenCandy_1072DD5994F84A388E18B96B3537B069\OCBrowserHelper_1.0.2.72.dll (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Geändert von Gwellion (16.10.2013 um 09:25 Uhr) Grund: Älteres MBAM.log zusätzlich zur info... |
|
16.10.2013, 11:17
| #7 |
| /// the machine /// TB-Ausbilder | Probleme mit searchgol nach deltatoolbar nach installation von imgburn (Win8-x64-chrome) dann weiter 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.10.2013, 12:34
| #8 |
| | Probleme mit searchgol nach deltatoolbar nach installation von imgburn (Win8-x64-chrome) Keine Ahnung warum aber AdwCleaner läuft jetzt so 3-4 Stunden . |
|
16.10.2013, 13:37
| #9 |
| /// the machine /// TB-Ausbilder | Probleme mit searchgol nach deltatoolbar nach installation von imgburn (Win8-x64-chrome) Antivirensoftware deaktiviert? Abbrechen, nochmal versuchen, zur Not im abgesicherten Modus.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.10.2013, 15:03
| #10 |
| | Probleme mit searchgol nach deltatoolbar nach installation von imgburn (Win8-x64-chrome) Danke, das sollte die Antivirensoftware gewesen sein. Jetzt, ging es zügig. Nur JRT dauerte etwas, im Logfile stand das JRT diverse Keys und einen Service (hmm, eigentlich kenne ich den doch?!?) nicht löschen konnte, da hab ich das JRT nochmal mit Administrator-rechten gezündet, aber das Logfile ist quasi identisch. Mit einer Zeile Unterschied. (Beim Ersten mal konnte er 6 RegKeys nicht löschen dabei stand Code:
ATTFilter Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
JRT: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:2)
OS: Windows 8 Pro with Media Center x64
Ran by henry on 16.10.2013 at 15:17:44,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully stopped: [Service] splashtopremoteservice
Failed to delete: [Service] splashtopremoteservice
~~~ Registry Values
~~~ Registry Keys
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\dt soft\daemon tools toolbar
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted the following from C:\Users\henry\AppData\Roaming\mozilla\firefox\profiles\9ix7sngy.default\prefs.js
user_pref("google.toolbar.button_option.cached.gtbSearchBlogs", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchBlogs\" t
user_pref("google.toolbar.button_option.cached.gtbSearchPhotos", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchPhotos\"
user_pref("google.toolbar.button_option.cached.gtbSearchScholar", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchScholar
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_CTK0Y7F4MTG6NKYH03WT-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.button_option.cached.gtbutoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.button_option.cached.gtbuwww-yvoschaap-com_3KM2W26H33IAEB3EEYM9-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.on
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.10.2013 at 15:38:59,72
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter # AdwCleaner v3.007 - Bericht erstellt am 16/10/2013 um 14:44:02
# Updated 09/10/2013 von Xplode
# Betriebssystem : Windows 8 Pro with Media Center (64 bits)
# Benutzername : henry - FARAHLON764
# Gestartet von : C:\Users\henry\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\myfree codec
Ordner Gelöscht : C:\Users\henry\AppData\Local\Temp\boost_interprocess
Ordner Gelöscht : C:\Users\henry.***DomainName***\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Ordner Gelöscht : C:\Users\henry\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16537
-\\ Mozilla Firefox v19.0.1 (en-US)
[ Datei : C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\6aebl3zj.default\prefs.js ]
[ Datei : C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [7987 octets] - [01/10/2013 19:04:57]
AdwCleaner[R1].txt - [2255 octets] - [16/10/2013 10:32:46]
AdwCleaner[R2].txt - [2315 octets] - [16/10/2013 14:42:05]
AdwCleaner[S0].txt - [7901 octets] - [01/10/2013 19:07:25]
AdwCleaner[S1].txt - [2033 octets] - [16/10/2013 14:44:02]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2093 octets] ##########
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by henry (administrator) on FARAHLON764 on 16-10-2013 16:12:17
Running from C:\Users\henry\Desktop
Windows 8 Pro with Media Center (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Andrea Electronics Corporation) C:\WINDOWS\system32\AEADISRV.EXE
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkDMS.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
() C:\Program Files (x86)\SlySoft\Game Jackal v4\Server.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Soluto) C:\Program Files\Soluto\soluto.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
(Xobni Corporation) C:\Program Files (x86)\Xobni\XobniService.exe
(Seiko Epson Corporation) C:\WINDOWS\system32\EscSvc64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(cFos Software GmbH) C:\Program Files\cFosSpeed\cfosspeed.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Microsoft Corporation) C:\Users\henry\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
() C:\Users\henry\moneyplex\mpxalarm.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Raptr, Inc) C:\PROGRA~2\Raptr\raptr.exe
(Reasonable Software House Ltd.) C:\Program Files (x86)\Reasonable NoClone 2013\NoClone.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint II\SetPointII.exe
(Dropbox, Inc.) C:\Users\henry\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe
(Raptr, Inc) C:\PROGRA~2\Raptr\raptr_im.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
() C:\Program Files (x86)\Tuso\Fiabee Sync\Fiabee.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(BioWare) C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\TurboV\TurboV.exe
(CyberLink Corporation.) C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
(Futuredial Inc.) C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSService.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google) C:\Users\henry\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [Fences] - C:\Program Files (x86)\Stardock\Fences\Fences.exe [3995824 2013-02-14] (Stardock Corporation)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-25] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM\...\Run: [cFosSpeed] - C:\Program Files\cFosSpeed\cFosSpeed.exe [1587040 2013-04-19] (cFos Software GmbH)
HKLM\...\Run: [Samsung Link] - C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [597576 2013-09-23] (Copyright 2013 SAMSUNG)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit
HKCU\...\Run: [D4DD019F40E41690F6DF0D6C69DAE93C752087EE._service_run] - C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe [844752 2013-10-03] (Google Inc.)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-05-22] (Samsung Electronics)
HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-11-22] (Hewlett-Packard Company)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1813928 2013-10-09] (Valve Corporation)
HKCU\...\Run: [TrueCrypt] - C:\Program Files\TrueCrypt\TrueCrypt.exe [1516496 2012-05-08] (TrueCrypt Foundation)
HKCU\...\Run: [Messenger (Yahoo!)] - C:\PROGRA~2\Yahoo!\MESSEN~1\YAHOOM~1.EXE [6595928 2012-05-25] (Yahoo! Inc.)
HKCU\...\Run: [Raptr] - C:\PROGRA~2\Raptr\raptrstub.exe [55360 2013-10-12] (Raptr, Inc)
HKCU\...\Run: [SkyDrive] - C:\Users\henry\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-14] (Microsoft Corporation)
HKCU\...\Run: [moneyplex Alarm] - C:\Users\henry\moneyplex\mpxalarm
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19876968 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [Reasonable NoClone] - C:\Program Files (x86)\Reasonable NoClone 2013\NoClone.exe [2298880 2013-04-12] (Reasonable Software House Ltd.)
HKCU\...\Run: [GoogleChromeAutoLaunch_6409145A4A71BEA61BB52E08FDE70AA2] - C:\Users\henry\AppData\Local\Google\Chrome\Application\chrome.exe [844752 2013-10-03] (Google Inc.)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)
HKLM-x32\...\Run: [SoundMAXPnP] - C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1310720 2009-06-05] (Analog Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Ai Nap] - C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe [1439360 2010-03-10] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe [740736 2012-08-03] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-11-18] (cyberlink)
HKLM-x32\...\Run: [Cpu Level Up help] - C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [Fiabee] - C:\Program Files (x86)\Tuso\Fiabee Sync\Fiabee.exe [9934032 2012-08-23] ()
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [QFan Help] - C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe [611968 2010-01-13] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [RemoteControl9] - C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [TurboV] - C:\Program Files (x86)\ASUS\TurboV\TurboV.exe [5672576 2010-03-08] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2011-03-01] (CyberLink Corp.)
HKLM-x32\...\Run: [InstantBurn] - C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [697640 2010-02-10] (CyberLink Corporation.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [ASUS Sync Loader] - C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe [638976 2013-03-01] (Futuredial Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-07-17] (Avira Operations GmbH & Co. KG)
HKU\henry.***DomainName***\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\henry.***DomainName***\...\Run: [ROC_JAN2013_TB] - "C:\Program Files (x86)\AVG Secure Search\ROC_JAN2013_TB.exe" /PROMPT /CMPID=JAN2013_TB
HKU\henry.***DomainName***\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
HKU\henry.***DomainName***\...\RunOnce: [WindowsAnytimeUpgradeResults.exe] - C:\Windows\System32\WindowsAnytimeUpgradeResults.exe [92672 2012-07-26] (Microsoft Corporation)
Startup: C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\henry\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk
ShortcutTarget: Fences.lnk -> C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation)
Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
==================== Internet (Whitelisted) ====================
ProxyServer: http=172.21.12.12:8123;https=172.21.12.12:8123;socks=127.0.0.1:1080
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?ocid=ie9hp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x65EA2C7711B0CB01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {10A47EA0-714E-499D-BEE0-E616F3123D0C} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_de
SearchScopes: HKCU - {D392FFEB-8F85-4903-A08D-E1A6E2344844} URL = hxxp://wow.freierbund.de/index.php?pID=16&s={searchTerms}&x=1
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: LastPass Browser Helper Object - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: af0.Adblock.BHO - {90EFF544-3981-4d46-85C9-C0361D0931D6} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No File
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: ReasonableToolbar.ToolbarBHO - {d8961a1e-25db-33c9-a7c9-3d3e3266b5b8} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\30.0.1599.101\npchrome_frame.dll (Google Inc.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
Toolbar: HKLM-x32 - ReasonableToolbar - {c9a6357b-25cc-4bcf-96c1-78736985d413} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {AD6E6555-FB2C-47D4-8339-3E2965509877} - No File
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.de/common/asusTek_sys_ctrl.cab
DPF: HKLM-x32 {173D9E48-B527-4AA0-A929-30B446002AA8} hxxp://192.168.123.18/DVRemoteAx.cab
DPF: HKLM-x32 {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\30.0.1599.101\npchrome_frame.dll (Google Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.123.3
FireFox:
========
FF ProfilePath: C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.5.1 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: samsung.com/SamsungLinkPCPlugin - C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
FF Plugin HKCU: @Skype.com/Skype Web Plugin - C:\Users\henry\AppData\Local\Skype\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\henry\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\henry\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\henry\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\henry\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\henry\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\henry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\searchplugins\freier-bund-map--guide.xml
FF SearchPlugin: C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\searchplugins\speedydragon.xml
FF Extension: Deutsches Wörterbuch - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\de-DE@dictionaries.addons.mozilla.org
FF Extension: Виявлення пристроїв Logitech - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\DeviceDetection@logitech.com
FF Extension: United States English Spellchecker - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\en-US@dictionaries.addons.mozilla.org
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\fb_add_on@avm.de
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\foxmarks@kei.com
FF Extension: LastPass - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\support@lastpass.com
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}-trash
FF Extension: Flashblock - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
FF Extension: DownloadHelper - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: checkplaces - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\checkplaces@andyhalford.com.xpi
FF Extension: fdm_ffext - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\fdm_ffext@freedownloadmanager.org
FF Extension: finder - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\finder@meingutscheincode.de.xpi
FF Extension: firefox - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\firefox@ghostery.com.xpi
FF Extension: personas - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\personas@christopher.beard.xpi
FF Extension: sipgateffx - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\sipgateffx@michael.rotmanov.xpi
FF Extension: socialfixer - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\socialfixer@mattkruse.com.xpi
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{ba243cb0-b824-4a26-9418-73ee795d9b9d}.xpi
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: No Name - C:\Users\henry\AppData\Roaming\Mozilla\Firefox\Profiles\9ix7sngy.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Skype Click to Call) - C:\Users\henry\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\henry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
==================== Services (Whitelisted) =================
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2009-06-05] (Andrea Electronics Corporation)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkManagerDMS.exe [404360 2013-09-10] (Samsung)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-17] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [815160 2013-08-09] (Avira Operations GmbH & Co. KG)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-04-02] ()
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [480096 2013-04-19] (cFos Software GmbH)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [511920 2011-07-22] (REINER SCT)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-18] (CyberLink)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [221696 2012-05-02] ()
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 GJService; C:\Program Files (x86)\SlySoft\Game Jackal v4\Server.exe [3031624 2010-12-05] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25088 2012-07-26] (Microsoft Corporation)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [276584 2010-03-22] (NVIDIA)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [605768 2013-09-23] (Copyright 2013 SAMSUNG)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [159800 2012-10-28] (Soluto)
R2 UpdateCenterService; C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe [282728 2009-11-06] (NVIDIA)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [471552 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2012-01-20] (Xobni Corporation)
S2 SplashtopRemoteService; "C:\Program Files (x86)\Splashtop\Splashtop Remote\SERVER\SRService.exe" [x]
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2009-12-05] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-08-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132088 2013-07-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-02-26] (Avira Operations GmbH & Co. KG)
S3 cjusb; C:\Windows\system32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
R1 CLBStor; C:\Windows\System32\Drivers\CLBStor.sys [24560 2009-10-07] (Cyberlink Co.,Ltd.)
R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [376304 2009-10-07] (CyberLink Corporation.)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37392 2009-11-26] (Paragon Software Group)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2009-12-05] ()
R3 Maplom; C:\Windows\System32\Drivers\Maplom.sys [33864 2010-12-05] (SlySoft Inc.)
R3 MaplomL; C:\Windows\System32\Drivers\MaplomL.sys [58440 2010-12-05] (SlySoft Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [185856 2012-07-26] (Microsoft Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R0 mv61xx; C:\Windows\System32\drivers\mv61xx.sys [178728 2009-05-12] (Marvell Semiconductor, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
S3 ogtap100; C:\Windows\system32\DRIVERS\ogtap100.sys [36736 2013-04-03] (The OpenVPN Project)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [203672 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 sthid; C:\Windows\System32\drivers\sthid.sys [21216 2013-04-01] (Splashtop Inc.)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-02-12] (Microsoft Corporation)
R0 vidsflt53; C:\Windows\System32\DRIVERS\vsflt53.sys [141920 2012-10-26] (Acronis)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [295792 2012-10-02] (Marvell)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
R3 cpuz135; \??\C:\WINDOWS\TEMP\cpuz135\cpuz135_x64.sys [x]
S3 hwdatacard; \SystemRoot\system32\DRIVERS\ewusbmdm.sys [x]
U3 idsvc;
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2013-06-06] (Seiko Epson Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-16 15:38 - 2013-10-16 15:38 - 00002725 _____ C:\Users\henry\Desktop\JRT.txt
2013-10-16 15:15 - 2013-10-16 15:15 - 00000022 _____ C:\WINDOWS\S.dirmngr
2013-10-16 15:06 - 2013-10-16 15:06 - 00002791 _____ C:\Users\henry\Desktop\JRT-bak.txt
2013-10-16 14:58 - 2013-10-16 14:58 - 01033335 _____ (Thisisu) C:\Users\henry\Desktop\JRT.exe
2013-10-16 14:55 - 2013-10-16 14:55 - 00002181 _____ C:\Users\henry\Desktop\AdwCleaner[S1].txt
2013-10-16 13:41 - 2013-10-16 13:41 - 00080456 _____ (Malwarebytes Corporation) C:\Users\henry\Desktop\mbam-clean-1.60.2.0003.exe
2013-10-15 18:06 - 2013-10-15 18:06 - 00000000 ____D C:\Program Files\WhoCrashed
2013-10-15 15:15 - 2013-10-15 15:15 - 00000000 ____D C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2013-10-15 15:15 - 2013-10-15 15:15 - 00000000 ____D C:\Program Files (x86)\NirSoft
2013-10-15 09:53 - 2013-10-15 09:53 - 00019910 _____ C:\Users\henry\Desktop\log.zip
2013-10-15 09:31 - 2013-10-15 09:31 - 00172948 _____ C:\ComboFix.txt
2013-10-15 09:13 - 2013-10-15 09:13 - 00009150 __RSH C:\ProgramData\ntuser.pol
2013-10-15 08:55 - 2013-10-15 09:31 - 00000000 ____D C:\ComboFix
2013-10-15 08:55 - 2011-06-26 08:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-10-15 08:55 - 2010-11-07 19:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-10-15 08:55 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-10-15 08:55 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-10-15 08:55 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-10-15 08:55 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-10-15 08:55 - 2000-08-31 02:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-10-15 08:55 - 2000-08-31 02:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-10-15 08:55 - 2000-08-31 02:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-10-15 08:54 - 2013-10-15 09:31 - 00000000 ____D C:\Qoobox
2013-10-15 08:53 - 2013-10-15 09:24 - 00000000 ____D C:\WINDOWS\erdnt
2013-10-15 08:51 - 2013-10-15 08:51 - 05134056 ____R (Swearware) C:\Users\henry\Desktop\ComboFix.exe
2013-10-14 18:28 - 2013-10-14 18:30 - 00001743 _____ C:\Users\henry\Desktop\gmer.log
2013-10-14 18:12 - 2013-10-14 18:12 - 00014018 _____ C:\Users\henry\Desktop\Addition.zip
2013-10-14 17:15 - 2013-10-14 17:15 - 00292576 _____ C:\WINDOWS\Minidump\101413-49873-01.dmp
2013-10-14 15:36 - 2013-10-14 15:36 - 00289096 _____ C:\WINDOWS\Minidump\101413-127686-01.dmp
2013-10-14 15:15 - 2013-10-14 17:15 - 624239368 _____ C:\WINDOWS\MEMORY.DMP
2013-10-14 15:15 - 2013-10-14 15:15 - 00483096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-14 15:15 - 2013-10-14 15:15 - 00292848 _____ C:\WINDOWS\Minidump\101413-55177-01.dmp
2013-10-14 11:57 - 2013-10-14 11:56 - 00377856 _____ C:\Users\henry\Desktop\zyy5l85y.exe
2013-10-14 11:56 - 2013-10-14 12:00 - 00064284 _____ C:\Users\henry\Desktop\Addition.txt
2013-10-14 10:58 - 2013-10-14 10:58 - 00000000 _____ C:\Users\henry\defogger_reenable
2013-10-14 10:48 - 2013-10-14 10:48 - 01954124 _____ (Farbar) C:\Users\henry\Desktop\FRST64.exe
2013-10-14 10:45 - 2013-10-14 10:45 - 00050477 _____ C:\Users\henry\Desktop\Defogger.exe
2013-10-14 09:58 - 2013-10-14 09:58 - 100838232 _____ C:\WINDOWS\SysWOW64\跶擡炜ĩ
2013-10-14 09:05 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2013-10-14 09:05 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2013-10-14 09:05 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2013-10-14 09:05 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2013-10-14 09:05 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2013-10-14 09:05 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2013-10-14 09:05 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2013-10-14 09:05 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2013-10-14 09:05 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2013-10-14 09:05 - 2013-08-02 08:28 - 19758080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-10-14 09:05 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-10-14 09:05 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2013-10-14 09:05 - 2013-08-02 08:26 - 02304512 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-10-14 09:05 - 2013-08-02 07:08 - 17561088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-10-14 09:05 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-10-14 09:05 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2013-10-14 09:05 - 2013-08-02 07:06 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-10-14 09:05 - 2013-08-01 12:41 - 02233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-10-14 09:05 - 2013-07-31 01:30 - 00386923 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-10-14 09:05 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2013-10-14 09:05 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2013-10-14 09:05 - 2013-07-13 08:15 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll
2013-10-14 09:05 - 2013-07-13 06:23 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2013-10-14 09:05 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-10-14 09:05 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-10-11 19:05 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-10-11 19:05 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-10-11 19:05 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-10-11 19:05 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-10-11 19:05 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-10-11 19:05 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-10-11 19:05 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-10-11 19:05 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-10-11 19:05 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-10-11 19:05 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-10-11 19:05 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-10-11 19:05 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-10-11 19:05 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-10-11 19:05 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-10-11 19:05 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-10-11 19:05 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-10-11 19:05 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-10-11 19:05 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2013-10-11 19:05 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2013-10-11 19:05 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-10-11 19:05 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-10-11 19:05 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2013-10-11 19:05 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2013-10-11 19:05 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2013-10-11 19:05 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2013-10-11 19:05 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2013-10-11 19:05 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2013-10-11 19:05 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-10-11 19:05 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2013-10-11 19:05 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2013-10-11 19:05 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2013-10-11 19:04 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2013-10-11 19:04 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2013-10-11 18:57 - 2013-08-23 07:11 - 04040192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-10-11 18:57 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 18:57 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 18:57 - 2013-07-06 00:02 - 00121984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2013-10-11 18:57 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2013-10-11 18:57 - 2013-07-02 03:41 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2013-10-11 18:57 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-10-11 18:57 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2013-10-11 18:57 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2013-10-11 18:57 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2013-10-11 18:57 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2013-10-11 18:57 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2013-10-11 18:57 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2013-10-11 18:57 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2013-10-11 18:57 - 2013-06-29 05:07 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2013-10-11 18:57 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2013-10-11 18:57 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-10-11 18:57 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2013-10-11 18:57 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2013-10-11 18:57 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2013-10-11 18:57 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2013-10-11 18:57 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2013-10-11 18:57 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2013-10-08 19:30 - 2013-10-08 19:31 - 00001300 _____ C:\WINDOWS\system32\TeamViewer8_Hooks.log
2013-10-08 18:58 - 2013-10-08 18:58 - 00000000 ____D C:\Users\henry\AppData\Roaming\Avira
2013-10-08 18:54 - 2013-10-08 18:54 - 00082136 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2013-10-08 18:52 - 2013-10-08 18:52 - 00002038 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-10-08 18:52 - 2013-10-08 18:52 - 00000000 ____D C:\ProgramData\Avira
2013-10-08 18:52 - 2013-10-08 18:52 - 00000000 ____D C:\Program Files (x86)\Avira
2013-10-08 18:52 - 2013-08-22 17:51 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2013-10-08 18:52 - 2013-07-15 16:08 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2013-10-08 18:52 - 2013-02-26 16:56 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2013-10-02 11:01 - 2013-10-02 11:01 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-01 19:04 - 2013-10-16 14:44 - 00000000 ____D C:\AdwCleaner
2013-10-01 19:04 - 2013-10-16 10:31 - 01048960 _____ C:\Users\henry\Desktop\adwcleaner.exe
2013-10-01 18:39 - 2013-10-14 12:02 - 00081339 _____ C:\Users\henry\Downloads\FRST.txt
2013-10-01 18:38 - 2013-10-14 12:14 - 00064454 _____ C:\Users\henry\Downloads\Addition.txt
2013-10-01 18:36 - 2013-10-01 18:36 - 01953880 _____ (Farbar) C:\Users\henry\Downloads\FRST64.exe
2013-10-01 18:36 - 2013-10-01 18:36 - 00000000 ____D C:\FRST
2013-10-01 12:52 - 2013-10-01 12:52 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-01 12:51 - 2013-10-01 12:51 - 00002105 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2013-10-01 12:47 - 2013-09-12 10:58 - 22102304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 11274528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2013-10-01 12:47 - 2013-09-12 10:58 - 09281032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 07720576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 07648000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 06329552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 02970400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 02789152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 02367264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 02007328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6432723.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6432723.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 00681760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 00603424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 00586016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2013-10-01 12:47 - 2013-09-12 10:58 - 00515360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2013-10-01 12:47 - 2013-08-20 15:33 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2013-10-01 12:47 - 2013-08-20 15:32 - 00029984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2013-10-01 12:47 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2013-10-01 12:46 - 2013-09-12 10:58 - 25256224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2013-10-01 12:46 - 2013-09-12 10:58 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2013-10-01 12:42 - 2013-10-01 12:42 - 00000000 ____D C:\NVIDIA
2013-10-01 09:55 - 2013-10-01 09:55 - 00000000 ____D C:\Users\henry\Desktop\rkill
2013-10-01 09:54 - 2013-10-01 09:57 - 00002792 _____ C:\Users\henry\Desktop\Rkill.txt
2013-10-01 09:53 - 2013-10-01 09:53 - 01898112 _____ (Bleeping Computer, LLC) C:\Users\henry\Downloads\rkill.com
2013-09-30 16:29 - 2013-09-30 16:29 - 00002410 _____ C:\Users\Public\Desktop\Bitvise SSH Client.lnk
2013-09-30 16:29 - 2013-09-30 16:29 - 00000000 ____D C:\Program Files (x86)\Bitvise SSH Client
2013-09-30 16:28 - 2013-09-30 16:29 - 07304920 _____ C:\Users\henry\Downloads\BvSshClient-Inst.exe
2013-09-27 17:51 - 2013-09-30 17:16 - 00010662 _____ C:\Users\henry\Documents\fingPersist.tmp
2013-09-27 17:51 - 2013-09-27 23:11 - 00009116 _____ C:\Users\henry\Documents\Fing.html
2013-09-27 16:47 - 2013-09-27 16:47 - 00000000 ____D C:\Users\henry\AppData\Roaming\Overlook
2013-09-27 16:46 - 2013-09-27 16:46 - 03165917 _____ C:\Users\henry\Downloads\overlook-fing-2.2.exe
2013-09-27 16:46 - 2013-09-27 16:46 - 00000000 ____D C:\ProgramData\Overlook
2013-09-27 16:46 - 2013-09-27 16:46 - 00000000 ____D C:\Program Files (x86)\Overlook Fing 2.2
2013-09-27 10:00 - 2013-10-16 15:15 - 00462916 _____ C:\WINDOWS\setupact.log
2013-09-27 10:00 - 2013-09-27 10:00 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-09-27 09:59 - 2013-10-15 09:12 - 00116346 _____ C:\WINDOWS\PFRO.log
2013-09-27 09:28 - 2013-09-27 09:28 - 00000000 ____D C:\Users\henry\AppData\Local\avgchrome
2013-09-27 08:44 - 2013-09-27 08:44 - 00031107 _____ C:\Users\henry\Downloads\crunchbang-11-20130506-i486.iso.torrent
2013-09-26 17:35 - 2013-09-26 17:35 - 00001081 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-26 17:35 - 2013-09-26 17:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-26 17:35 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-09-26 17:11 - 2013-09-26 17:11 - 00000000 ____D C:\Users\henry\Documents\Egosoft
2013-09-26 16:52 - 2013-09-26 16:53 - 00018473 _____ C:\WINDOWS\DirectX.log
2013-09-26 16:19 - 2013-09-26 16:20 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\henry\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-26 11:02 - 2013-09-26 11:45 - 832569344 _____ C:\Users\henry\Downloads\ubuntu-13.04-desktop-i386.iso
2013-09-26 09:39 - 2013-09-26 10:21 - 823132160 _____ C:\Users\henry\Downloads\ubuntu-13.04-desktop-amd64.iso
2013-09-25 14:53 - 2013-09-25 14:53 - 01111358 _____ C:\Users\henry\Downloads\DualBootUtilities-1.0.1.zip
2013-09-25 14:52 - 2013-09-25 14:53 - 06687638 _____ C:\Users\henry\Downloads\DualBootPatcher-1.9.zip
2013-09-25 11:54 - 2013-09-25 11:54 - 00447201 _____ C:\Users\henry\Downloads\DualBootSwitcher-1.0.apk
2013-09-24 15:43 - 2013-09-24 15:47 - 91155016 _____ (Copyright 2013 SAMSUNG) C:\Users\henry\Downloads\SamsungLink_Installer64.exe
2013-09-24 11:53 - 2013-09-24 11:53 - 00176719 _____ C:\Users\henry\Downloads\CCEnhancer-3.8-multilanguage.zip
2013-09-24 11:43 - 2013-09-24 11:43 - 00000000 ____D C:\ProgramData\Oracle
2013-09-24 11:41 - 2013-09-24 11:41 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-09-24 11:41 - 2013-09-24 11:41 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-09-24 11:41 - 2013-09-24 11:41 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-09-24 11:00 - 2013-09-24 11:00 - 00776040 _____ C:\Users\henry\Documents\cc_20130924_110035.reg
2013-09-23 08:51 - 2013-09-23 08:52 - 00000000 ____D C:\Users\henry\Downloads\Odin3-v3.09
2013-09-23 08:51 - 2013-09-23 08:51 - 00820100 _____ C:\Users\henry\Downloads\Odin3-v3.09.rar
2013-09-20 07:30 - 2013-09-20 07:30 - 00000222 _____ C:\Users\henry\Desktop\X3 Albion Prelude.url
2013-09-20 07:30 - 2013-09-20 07:30 - 00000220 _____ C:\Users\henry\Desktop\X3 Terran Conflict.url
2013-09-20 07:30 - 2013-09-20 07:30 - 00000000 ____D C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-09-18 10:16 - 2013-09-18 10:16 - 00000000 ____D C:\Users\henry\AppData\Roaming\MusicBrainz
2013-09-18 10:16 - 2013-09-18 10:16 - 00000000 ____D C:\Users\henry\AppData\Local\cache
2013-09-18 10:16 - 2013-09-18 10:16 - 00000000 ____D C:\Program Files (x86)\MusicBrainz Picard
==================== One Month Modified Files and Folders =======
2013-10-16 16:06 - 2009-11-22 02:08 - 00001108 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-16 16:05 - 2009-11-22 01:02 - 00003942 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{10275E3E-1283-4D8C-AB6E-ACF96EB5F677}
2013-10-16 16:04 - 2010-03-06 17:44 - 00000000 ____D C:\Users\henry\AppData\Roaming\Skype
2013-10-16 16:03 - 2012-05-11 09:53 - 00000000 ___RD C:\Users\henry\Dropbox
2013-10-16 16:03 - 2012-05-11 09:50 - 00000000 ____D C:\Users\henry\AppData\Roaming\Dropbox
2013-10-16 16:00 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-10-16 15:59 - 2012-11-09 12:28 - 00001144 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924421799-2045358301-2701136695-1001UA.job
2013-10-16 15:50 - 2012-10-31 09:39 - 00000000 ___RD C:\Users\henry\SkyDrive
2013-10-16 15:49 - 2012-02-28 15:28 - 00000000 ____D C:\Users\henry\AppData\Roaming\Fiabee
2013-10-16 15:49 - 2012-01-24 19:34 - 00000152 _____ C:\WINDOWS\system32\config\netlogon.ftl
2013-10-16 15:38 - 2013-10-16 15:38 - 00002725 _____ C:\Users\henry\Desktop\JRT.txt
2013-10-16 15:30 - 2012-04-10 09:22 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-16 15:26 - 2012-10-30 14:23 - 01711816 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-16 15:18 - 2012-10-15 19:18 - 00001914 _____ C:\Users\henry\Desktop\MySyncFolder.lnk
2013-10-16 15:18 - 2012-10-15 11:16 - 00000000 ____D C:\Users\henry\AppData\Roaming\ASUS WebStorage
2013-10-16 15:17 - 2012-08-20 10:21 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-16 15:15 - 2013-10-16 15:15 - 00000022 _____ C:\WINDOWS\S.dirmngr
2013-10-16 15:15 - 2013-09-27 10:00 - 00462916 _____ C:\WINDOWS\setupact.log
2013-10-16 15:15 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-16 15:15 - 2011-09-20 21:35 - 00000000 ____D C:\ProgramData\VMware
2013-10-16 15:15 - 2009-11-24 00:18 - 00000175 ___SH C:\ProgramData\.zreglib
2013-10-16 15:15 - 2009-11-22 02:08 - 00001104 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-16 15:15 - 2009-11-22 01:12 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-16 15:13 - 2012-07-26 07:26 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2013-10-16 15:06 - 2013-10-16 15:06 - 00002791 _____ C:\Users\henry\Desktop\JRT-bak.txt
2013-10-16 15:01 - 2010-01-23 13:07 - 00000000 ____D C:\Users\henry\AppData\Roaming\Free Download Manager
2013-10-16 14:58 - 2013-10-16 14:58 - 01033335 _____ (Thisisu) C:\Users\henry\Desktop\JRT.exe
2013-10-16 14:55 - 2013-10-16 14:55 - 00002181 _____ C:\Users\henry\Desktop\AdwCleaner[S1].txt
2013-10-16 14:44 - 2013-10-01 19:04 - 00000000 ____D C:\AdwCleaner
2013-10-16 13:41 - 2013-10-16 13:41 - 00080456 _____ (Malwarebytes Corporation) C:\Users\henry\Desktop\mbam-clean-1.60.2.0003.exe
2013-10-16 13:28 - 2012-08-10 13:55 - 00000000 ____D C:\Users\henry\AppData\Roaming\Raptr
2013-10-16 12:55 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-10-16 10:31 - 2013-10-01 19:04 - 01048960 _____ C:\Users\henry\Desktop\adwcleaner.exe
2013-10-15 18:06 - 2013-10-15 18:06 - 00000000 ____D C:\Program Files\WhoCrashed
2013-10-15 16:58 - 2012-11-09 12:28 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924421799-2045358301-2701136695-1001Core.job
2013-10-15 16:02 - 2012-10-30 14:48 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2924421799-2045358301-2701136695-1001
2013-10-15 15:15 - 2013-10-15 15:15 - 00000000 ____D C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2013-10-15 15:15 - 2013-10-15 15:15 - 00000000 ____D C:\Program Files (x86)\NirSoft
2013-10-15 09:53 - 2013-10-15 09:53 - 00019910 _____ C:\Users\henry\Desktop\log.zip
2013-10-15 09:53 - 2012-07-26 18:23 - 00000293 _____ C:\Users\henry\ShellExtension.log
2013-10-15 09:31 - 2013-10-15 09:31 - 00172948 _____ C:\ComboFix.txt
2013-10-15 09:31 - 2013-10-15 08:55 - 00000000 ____D C:\ComboFix
2013-10-15 09:31 - 2013-10-15 08:54 - 00000000 ____D C:\Qoobox
2013-10-15 09:31 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default
2013-10-15 09:24 - 2013-10-15 08:53 - 00000000 ____D C:\WINDOWS\erdnt
2013-10-15 09:15 - 2012-07-26 07:26 - 00000215 _____ C:\WINDOWS\system.ini
2013-10-15 09:13 - 2013-10-15 09:13 - 00009150 __RSH C:\ProgramData\ntuser.pol
2013-10-15 09:12 - 2013-09-27 09:59 - 00116346 _____ C:\WINDOWS\PFRO.log
2013-10-15 09:11 - 2012-07-26 07:26 - 14942208 _____ C:\WINDOWS\system32\config\SYSTEM.bak
2013-10-15 09:11 - 2012-07-26 07:26 - 104333312 _____ C:\WINDOWS\system32\config\SOFTWARE.bak
2013-10-15 09:11 - 2012-07-26 07:26 - 00786432 _____ C:\WINDOWS\system32\config\DEFAULT.bak
2013-10-15 09:11 - 2012-07-26 07:26 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY.bak
2013-10-15 09:11 - 2012-07-26 07:26 - 00262144 _____ C:\WINDOWS\system32\config\SAM.bak
2013-10-15 08:53 - 2012-08-10 13:55 - 00000000 ____D C:\Program Files (x86)\Raptr
2013-10-15 08:51 - 2013-10-15 08:51 - 05134056 ____R (Swearware) C:\Users\henry\Desktop\ComboFix.exe
2013-10-14 18:30 - 2013-10-14 18:28 - 00001743 _____ C:\Users\henry\Desktop\gmer.log
2013-10-14 18:12 - 2013-10-14 18:12 - 00014018 _____ C:\Users\henry\Desktop\Addition.zip
2013-10-14 17:15 - 2013-10-14 17:15 - 00292576 _____ C:\WINDOWS\Minidump\101413-49873-01.dmp
2013-10-14 17:15 - 2013-10-14 15:15 - 624239368 _____ C:\WINDOWS\MEMORY.DMP
2013-10-14 17:15 - 2012-11-21 04:24 - 00000000 ____D C:\WINDOWS\Minidump
2013-10-14 15:36 - 2013-10-14 15:36 - 00289096 _____ C:\WINDOWS\Minidump\101413-127686-01.dmp
2013-10-14 15:15 - 2013-10-14 15:15 - 00483096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-14 15:15 - 2013-10-14 15:15 - 00292848 _____ C:\WINDOWS\Minidump\101413-55177-01.dmp
2013-10-14 12:22 - 2012-04-19 16:59 - 00000000 ____D C:\Users\henry\AppData\Roaming\gnupg
2013-10-14 12:14 - 2013-10-01 18:38 - 00064454 _____ C:\Users\henry\Downloads\Addition.txt
2013-10-14 12:02 - 2013-10-01 18:39 - 00081339 _____ C:\Users\henry\Downloads\FRST.txt
2013-10-14 12:00 - 2013-10-14 11:56 - 00064284 _____ C:\Users\henry\Desktop\Addition.txt
2013-10-14 11:56 - 2013-10-14 11:57 - 00377856 _____ C:\Users\henry\Desktop\zyy5l85y.exe
2013-10-14 11:24 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-10-14 10:58 - 2013-10-14 10:58 - 00000000 _____ C:\Users\henry\defogger_reenable
2013-10-14 10:58 - 2012-10-30 13:54 - 00000000 ____D C:\Users\henry
2013-10-14 10:58 - 2010-01-23 13:07 - 00000000 ____D C:\Program Files (x86)\Free Download Manager
2013-10-14 10:48 - 2013-10-14 10:48 - 01954124 _____ (Farbar) C:\Users\henry\Desktop\FRST64.exe
2013-10-14 10:45 - 2013-10-14 10:45 - 00050477 _____ C:\Users\henry\Desktop\Defogger.exe
2013-10-14 10:45 - 2010-01-24 12:29 - 00000000 ____D C:\Users\henry\Documents\Outlook-Dateien
2013-10-14 10:01 - 2009-11-21 09:26 - 00000000 ___RD C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-14 10:01 - 2009-11-21 09:26 - 00000000 ___RD C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-14 09:58 - 2013-10-14 09:58 - 100838232 _____ C:\WINDOWS\SysWOW64\跶擡炜ĩ
2013-10-14 09:55 - 2012-01-30 11:51 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-14 09:55 - 2009-11-22 08:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-14 09:52 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\ToastData
2013-10-14 08:53 - 2012-05-11 09:52 - 00000000 ____D C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-10-11 19:19 - 2009-11-22 10:15 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-11 19:18 - 2013-08-15 03:14 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-11 19:10 - 2009-11-22 02:16 - 80541720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-08 22:02 - 2009-11-22 02:08 - 00004080 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-08 22:00 - 2009-11-22 02:08 - 00003844 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-08 20:31 - 2012-04-10 09:22 - 00003796 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-10-08 19:31 - 2013-10-08 19:30 - 00001300 _____ C:\WINDOWS\system32\TeamViewer8_Hooks.log
2013-10-08 19:30 - 2013-01-29 12:04 - 00001058 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-10-08 18:58 - 2013-10-08 18:58 - 00000000 ____D C:\Users\henry\AppData\Roaming\Avira
2013-10-08 18:54 - 2013-10-08 18:54 - 00082136 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2013-10-08 18:52 - 2013-10-08 18:52 - 00002038 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-10-08 18:52 - 2013-10-08 18:52 - 00000000 ____D C:\ProgramData\Avira
2013-10-08 18:52 - 2013-10-08 18:52 - 00000000 ____D C:\Program Files (x86)\Avira
2013-10-08 16:53 - 2012-11-09 12:28 - 00004094 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2924421799-2045358301-2701136695-1001UA
2013-10-08 16:53 - 2012-11-09 12:28 - 00003714 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2924421799-2045358301-2701136695-1001Core
2013-10-07 17:59 - 2009-11-24 00:18 - 00000000 ____D C:\ProgramData\SlySoft
2013-10-07 16:05 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-10-07 09:15 - 2012-08-13 14:24 - 00000000 ____D C:\Users\henry\AppData\Roaming\TeamViewer
2013-10-04 17:44 - 2012-11-09 12:30 - 00002379 _____ C:\Users\henry\Desktop\Google Chrome.lnk
2013-10-02 11:01 - 2013-10-02 11:01 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-02 03:38 - 2013-05-21 08:43 - 00694232 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-10-02 03:38 - 2013-05-21 08:43 - 00078296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-01 18:36 - 2013-10-01 18:36 - 01953880 _____ (Farbar) C:\Users\henry\Downloads\FRST64.exe
2013-10-01 18:36 - 2013-10-01 18:36 - 00000000 ____D C:\FRST
2013-10-01 15:22 - 2012-07-26 10:12 - 00000000 __RHD C:\Users\Public\Libraries
2013-10-01 12:53 - 2012-10-30 13:11 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-01 12:53 - 2009-11-22 01:12 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-01 12:52 - 2013-10-01 12:52 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-01 12:52 - 2012-10-30 13:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-01 12:51 - 2013-10-01 12:51 - 00002105 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2013-10-01 12:42 - 2013-10-01 12:42 - 00000000 ____D C:\NVIDIA
2013-10-01 09:57 - 2013-10-01 09:54 - 00002792 _____ C:\Users\henry\Desktop\Rkill.txt
2013-10-01 09:55 - 2013-10-01 09:55 - 00000000 ____D C:\Users\henry\Desktop\rkill
2013-10-01 09:53 - 2013-10-01 09:53 - 01898112 _____ (Bleeping Computer, LLC) C:\Users\henry\Downloads\rkill.com
2013-09-30 17:16 - 2013-09-27 17:51 - 00010662 _____ C:\Users\henry\Documents\fingPersist.tmp
2013-09-30 16:36 - 2009-08-25 12:00 - 00000000 ___RD C:\Users\henry\Downloads\Software
2013-09-30 16:29 - 2013-09-30 16:29 - 00002410 _____ C:\Users\Public\Desktop\Bitvise SSH Client.lnk
2013-09-30 16:29 - 2013-09-30 16:29 - 00000000 ____D C:\Program Files (x86)\Bitvise SSH Client
2013-09-30 16:29 - 2013-09-30 16:28 - 07304920 _____ C:\Users\henry\Downloads\BvSshClient-Inst.exe
2013-09-30 08:54 - 2009-11-21 11:20 - 00000000 ____D C:\Users\henry\AppData\Roaming\Mozilla
2013-09-27 23:11 - 2013-09-27 17:51 - 00009116 _____ C:\Users\henry\Documents\Fing.html
2013-09-27 17:46 - 2012-05-21 12:12 - 00000000 ____D C:\Users\henry\AppData\Roaming\Notepad++
2013-09-27 16:47 - 2013-09-27 16:47 - 00000000 ____D C:\Users\henry\AppData\Roaming\Overlook
2013-09-27 16:46 - 2013-09-27 16:46 - 03165917 _____ C:\Users\henry\Downloads\overlook-fing-2.2.exe
2013-09-27 16:46 - 2013-09-27 16:46 - 00000000 ____D C:\ProgramData\Overlook
2013-09-27 16:46 - 2013-09-27 16:46 - 00000000 ____D C:\Program Files (x86)\Overlook Fing 2.2
2013-09-27 10:29 - 2012-10-30 14:39 - 00000000 ____D C:\Users\henry\AppData\Local\Packages
2013-09-27 10:00 - 2013-09-27 10:00 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-09-27 09:28 - 2013-09-27 09:28 - 00000000 ____D C:\Users\henry\AppData\Local\avgchrome
2013-09-27 08:44 - 2013-09-27 08:44 - 00031107 _____ C:\Users\henry\Downloads\crunchbang-11-20130506-i486.iso.torrent
2013-09-26 17:37 - 2013-01-11 12:53 - 00001085 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2013-09-26 17:35 - 2013-09-26 17:35 - 00001081 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-26 17:35 - 2013-09-26 17:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-26 17:11 - 2013-09-26 17:11 - 00000000 ____D C:\Users\henry\Documents\Egosoft
2013-09-26 16:53 - 2013-09-26 16:52 - 00018473 _____ C:\WINDOWS\DirectX.log
2013-09-26 16:50 - 2012-05-24 18:43 - 00000000 ____D C:\Users\henry\Documents\MailStore Home
2013-09-26 16:50 - 2012-05-24 18:43 - 00000000 ____D C:\ProgramData\firebird
2013-09-26 16:20 - 2013-09-26 16:19 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\henry\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-26 16:02 - 2009-11-22 02:17 - 00001837 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2013-09-26 11:45 - 2013-09-26 11:02 - 832569344 _____ C:\Users\henry\Downloads\ubuntu-13.04-desktop-i386.iso
2013-09-26 10:21 - 2013-09-26 09:39 - 823132160 _____ C:\Users\henry\Downloads\ubuntu-13.04-desktop-amd64.iso
2013-09-25 14:53 - 2013-09-25 14:53 - 01111358 _____ C:\Users\henry\Downloads\DualBootUtilities-1.0.1.zip
2013-09-25 14:53 - 2013-09-25 14:52 - 06687638 _____ C:\Users\henry\Downloads\DualBootPatcher-1.9.zip
2013-09-25 11:54 - 2013-09-25 11:54 - 00447201 _____ C:\Users\henry\Downloads\DualBootSwitcher-1.0.apk
2013-09-24 15:47 - 2013-09-24 15:43 - 91155016 _____ (Copyright 2013 SAMSUNG) C:\Users\henry\Downloads\SamsungLink_Installer64.exe
2013-09-24 11:53 - 2013-09-24 11:53 - 00176719 _____ C:\Users\henry\Downloads\CCEnhancer-3.8-multilanguage.zip
2013-09-24 11:43 - 2013-09-24 11:43 - 00000000 ____D C:\ProgramData\Oracle
2013-09-24 11:41 - 2013-09-24 11:41 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-09-24 11:41 - 2013-09-24 11:41 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-09-24 11:41 - 2013-09-24 11:41 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-09-24 11:41 - 2013-07-08 15:10 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-09-24 11:41 - 2012-07-08 13:46 - 00868264 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\npdeployJava1.dll
2013-09-24 11:41 - 2010-04-24 16:47 - 00790440 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\deployJava1.dll
2013-09-24 11:36 - 2013-09-05 09:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-09-24 11:36 - 2013-08-15 15:07 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-09-24 11:36 - 2013-03-06 10:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-24 11:36 - 2012-10-29 20:05 - 00000000 ____D C:\WINDOWS\Panther
2013-09-24 11:36 - 2011-09-23 08:02 - 00000000 ____D C:\Users\henry\AppData\Local\VMware
2013-09-24 11:36 - 2011-07-20 21:37 - 00000000 ____D C:\Users\henry\AppData\Local\Downloaded Installations
2013-09-24 11:36 - 2010-04-16 22:07 - 00000000 ____D C:\Users\henry\AppData\Roaming\inkscape
2013-09-24 11:36 - 2010-04-10 03:34 - 00000000 ____D C:\Users\henry\AppData\Local\Paint.NET
2013-09-24 11:36 - 2009-11-22 02:09 - 00000000 ____D C:\ProgramData\Skype
2013-09-24 11:36 - 2009-06-19 23:01 - 00000000 ____D C:\Users\henry\Tracing
2013-09-24 11:09 - 2009-11-24 10:17 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-09-24 11:00 - 2013-09-24 11:00 - 00776040 _____ C:\Users\henry\Documents\cc_20130924_110035.reg
2013-09-24 10:09 - 2011-01-30 20:39 - 00001732 _____ C:\Users\Public\Desktop\Defraggler.lnk
2013-09-24 10:09 - 2010-01-18 07:51 - 00000000 ____D C:\Program Files\Defraggler
2013-09-24 09:26 - 2011-01-28 09:20 - 00000989 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-23 08:52 - 2013-09-23 08:51 - 00000000 ____D C:\Users\henry\Downloads\Odin3-v3.09
2013-09-23 08:51 - 2013-09-23 08:51 - 00820100 _____ C:\Users\henry\Downloads\Odin3-v3.09.rar
2013-09-23 01:28 - 2013-10-11 19:05 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-11 19:05 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-11 19:05 - 14335488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-09-23 01:27 - 2013-10-11 19:05 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-11 19:05 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-11 19:05 - 02048512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-11 19:05 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-11 19:05 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-09-23 00:55 - 2013-10-11 19:05 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-09-23 00:55 - 2013-10-11 19:05 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-11 19:05 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-11 19:05 - 19252224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-11 19:05 - 15404544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-11 19:05 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-11 19:05 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-11 19:05 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-09-23 00:54 - 2013-10-11 19:05 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-09-20 07:30 - 2013-09-20 07:30 - 00000222 _____ C:\Users\henry\Desktop\X3 Albion Prelude.url
2013-09-20 07:30 - 2013-09-20 07:30 - 00000220 _____ C:\Users\henry\Desktop\X3 Terran Conflict.url
2013-09-20 07:30 - 2013-09-20 07:30 - 00000000 ____D C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-09-19 23:12 - 2013-02-25 20:02 - 00000000 ____D C:\Program Files\Kyocera
2013-09-18 15:38 - 2013-03-18 11:36 - 00000953 _____ C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
2013-09-18 15:38 - 2011-10-01 14:20 - 00000000 ____D C:\Program Files (x86)\Last.fm
2013-09-18 15:36 - 2013-03-18 12:05 - 00000000 ____D C:\Users\henry\AppData\Roaming\foobar2000
2013-09-18 10:16 - 2013-09-18 10:16 - 00000000 ____D C:\Users\henry\AppData\Roaming\MusicBrainz
2013-09-18 10:16 - 2013-09-18 10:16 - 00000000 ____D C:\Users\henry\AppData\Local\cache
2013-09-18 10:16 - 2013-09-18 10:16 - 00000000 ____D C:\Program Files (x86)\MusicBrainz Picard
2013-09-18 09:51 - 2012-06-06 11:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Users\henry\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-15 10:49
==================== End Of Log ============================
Geändert von Gwellion (16.10.2013 um 15:25 Uhr) |
|
16.10.2013, 15:27
| #11 |
| | Probleme mit searchgol nach deltatoolbar nach installation von imgburn (Win8-x64-chrome) Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by henry at 2013-10-16 16:13:09
Running from C:\Users\henry\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
==================== Installed Programs ======================
Overlook Fing (x32 Version: 2.2)
1&1 Mobile WLAN-Router (x32 Version: 1.0.0.1)
3DMark 11 (x32 Version: 1.0.3)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212)
AdblockIE (x32 Version: 1.2)
Adobe AIR (x32 Version: 3.6.0.5970)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe PDF iFilter 9 for 64-bit platforms (Version: 9.0.0)
Adobe Reader XI (11.0.05) (x32 Version: 11.0.05)
AI Suite (x32 Version: 1.06.14)
AllShare Framework DMS (Version: 1.3.18)
Amarok (remove only) (x32)
Amazon Music Importer (x32 Version: 2.1.0)
AM-DeadLink 4.6 (x32 Version: 4.6)
Anti-Twin (Installation 03.03.2010) (x32)
Apple Application Support (x32 Version: 2.1.5)
Aspell German Dictionary-0.50-2 (x32)
ASUS Android USB Drivers (Version: 4.0.6753)
ASUS Sync (x32 Version: 1.0.97)
ASUS WebStorage (x32 Version: 3.0.143.296)
ASUSUpdate (x32)
Atheros Driver Installation Program (x32 Version: 9.0)
Avira Free Antivirus (x32 Version: 13.0.0.4052)
Bitvise SSH Client 4.60 (remove only) (x32)
Blasc3 (x32 Version: 1.0.0)
Bonjour-Druckdienste (Version: 2.0.2.0)
BOSS (x32 Version: 2.1.1)
CCleaner (Version: 4.05)
cFosSpeed v9.04 (Version: 9.04)
CloneDVD2 (x32 Version: 2.9.3.0)
CloneDVDmobile (x32 Version: 1.9.0.1)
Compare Suite 7.0 (x32)
ConvertHelper 2.2 (x32)
Cool & Quiet (x32)
Curse Client (HKCU Version: 5.1.1.644)
cyberJack Base Components (x32 Version: 6.9.13)
CyberLink BD_3D Advisor 2.0 (x32)
CyberLink Blu-ray Disc Suite (x32 Version: 7.0.3721)
CyberLink InstantBurn (x32 Version: 5.0.6210)
CyberLink LabelPrint (x32 Version: 2.5.3418)
CyberLink MediaShow (x32 Version: 5.0.1423)
CyberLink PowerBackup (x32 Version: 2.5.6023)
CyberLink PowerDVD 9 (x32 Version: 9.0.3518.52)
CyberLink PowerProducer (x32 Version: 5.0.2.2429)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Defraggler (Version: 2.15)
DivX Converter (x32 Version: 7.1.0)
DivX Plus DirectShow Filters (x32)
DivX Version Checker (x32 Version: 7.1.0.9)
DivX-Setup (x32 Version: 2.6.1.22)
DLS4000 (x32)
Dragon Age II (x32 Version: 1.02)
Dragon Age: Origins (x32 Version: 1.04)
DriveImage XML (Private Edition) (x32 Version: 2.44.000)
Dropbox (HKCU Version: 2.4.2)
Druckerdeinstallation für EPSON WF-3530 Series
DVD Shrink 3.2 deutsch (DeCSS-frei) (x32)
EA Installer (x32 Version: 2.2.0.62)
EA Shared Game Component: Activation (x32 Version: 2.2.0)
EA Shared Game Component: Activation (x32 Version: 2.2.0.62)
eDocPrintPro v3.17.7 (Version: 3.17.7)
Epson Connect Printer Setup (x32 Version: 1.1.1)
EPSON Scan (x32)
EpsonNet Config V4 (x32 Version: 4.2.0)
EpsonNet Print (x32 Version: 2.6.0)
EPU-6 Engine (x32 Version: 1.03.04)
erLT (x32 Version: 1.20.0137)
Evernote v. 4.6.2 (x32 Version: 4.6.2.7927)
Exact Audio Copy 1.0beta1 (x32 Version: 1.0beta1)
Fences (Version: 1.0)
Fences 2 (x32 Version: 2.00)
Fences 2 (x32 Version: 2.01)
Fences 2 (x32 Version: 2.09)
Fiabee Sync (x32 Version: 1.1.0)
foobar2000 v1.2.3 (x32 Version: 1.2.3)
Fotogalerie (x32 Version: 16.4.3505.0912)
Free Download Manager 3.9.2 (x32)
FRITZ!Box-Fernzugang einrichten (x32 Version: 1.0.3)
Game Jackal v4.1.1.2 (64 bit)
GeForce Experience NvStream Client Components (Version: 0.1.87)
GNU Aspell 0.50-3 (x32)
Google Apps Directory Sync 3.1.3
Google Chrome (HKCU Version: 30.0.1599.69)
Google Chrome Frame (x32 Version: 30.0.1599.101)
Google Drive (x32 Version: 1.12.5329.1887)
Google Earth (x32 Version: 7.0.2.8415)
Google Talk Plugin (x32 Version: 4.7.0.15362)
gpg4o - GPG für Outlook (x32 Version: 3.1.32)
Gpg4win (2.1.1-34299-beta) (x32 Version: 2.1.1-34299-beta)
gs_x64 (Version: 9.05)
gs_x86 (x32 Version: 8.64)
GTK+ Runtime 2.14.7 rev a (nur entfernen) (x32)
Host OpenAL (ADI) (x32)
ImgBurn (x32 Version: 2.5.8.0)
Inkscape 0.48.2 (x32 Version: 0.48.2)
Intel® Matrix Storage Manager
IsoBuster 3.1 (x32 Version: 3.1)
Java 7 Update 25 (x32 Version: 7.0.250)
Java 7 Update 40 (x32 Version: 7.0.400)
Java Auto Updater (x32 Version: 2.1.9.8)
Java SE Development Kit 7 Update 5 (64-bit) (Version: 1.7.0.50)
Java(TM) 7 Update 5 (64-bit) (Version: 7.0.50)
JavaFX 2.1.1 (64-bit) (Version: 2.1.1)
JavaFX 2.1.1 (x32 Version: 2.1.1)
JavaFX 2.1.1 SDK (64-bit) (Version: 2.1.1)
Junk Mail filter update (x32 Version: 16.4.3505.0912)
K-Lite Codec Pack 9.3.0 (Basic) (x32 Version: 9.3.0)
Kyocera Product Library (Version: 4.2.1909)
Last.fm Scrobbler 2.1.36 (x32)
LastPass (uninstall only) (x32)
LibreOffice 3.5 (x32 Version: 3.5.5.3)
LightScribe System Software (x32 Version: 1.18.20.1)
LinkedIn Outlook Connector (x32 Version: 1.1.10.0)
Logitech Gaming Software (Version: 8.20.74)
Logitech Gaming Software 8.46 (Version: 8.46.27)
Logitech SetPoint 5.20 (Version: 5.20)
Loxone Config (x32 Version: 4.1)
LuminanceHDR 2.0.2 (x32)
MailStore Home 7.0.7.7671 (x32 Version: 7.0.7.7671)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
marvell 61xx (x32 Version: 1.2.0.69)
Marvell Miniport Driver (x32 Version: 11.27.1.3)
Mass Effect 2 (x32 Version: 1.2.1604.0)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Camera Codec Pack (Version: 16.0.0652.0621)
Microsoft Default Manager (x32 Version: 2.2.114.0)
Microsoft Image Composite Editor (Version: 1.4.4)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (x32 Version: 14.0.5139.5001)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Facebook 32-bit (x32 Version: 14.0.6114.5003)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (x32 Version: 14.0.5120.5000)
Microsoft RichCopy 4.0 (x32 Version: 4.0.216)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SkyDrive (HKCU Version: 17.0.2015.0811)
Microsoft Software Update for Web Folders (German) 14 (x32 Version: 14.0.6029.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (Version: 10.0.40303)
Microsoft Windows SDK for Windows 7 (7.1) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 (7.1) (Version: 7.1.7600.0.30514)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1)
Microsoft_VC90_CRT_x86 (x32 Version: 1.0.0)
MMOUI Minion Installer (HKCU)
MotoHelper MergeModules (x32 Version: 1.2.0)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 19.0.1 (x86 en-US) (x32 Version: 19.0.1)
Mozilla Maintenance Service (x32 Version: 24.0)
Mozilla Thunderbird 24.0 (x86 de) (x32 Version: 24.0)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (x32 Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (x32 Version: 1.0.1.2)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Music Manager (HKCU)
MusicBrainz Picard (x32 Version: 1.2)
MyFreeCodec (HKCU)
NEF Codec (x32 Version: 1.00.0000)
Nexus Mod Manager (Version: 0.44.11)
NirSoft BlueScreenView (x32)
Notepad++ (x32 Version: 6.4.5)
NVIDIA 3D Vision Controller Driver (x32 Version: 280.19)
NVIDIA 3D Vision Controller-Treiber 326.01 (Version: 326.01)
NVIDIA 3D Vision Treiber 327.23 (Version: 327.23)
NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1)
NVIDIA Grafiktreiber 327.23 (Version: 327.23)
NVIDIA Install Application (Version: 2.1002.133.902)
NVIDIA Performance (x32 Version: 6.5)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723)
NVIDIA System Monitor (x32 Version: 6.5)
NVIDIA System Update (x32 Version: 3.00)
NVIDIA Systemsteuerung 327.23 (Version: 327.23)
NVIDIA Update 8.3.14 (Version: 8.3.14)
NVIDIA Update Components (Version: 8.3.14)
NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5)
Origin (x32 Version: 8.5.0.4550)
Outlook Duplicates Remover 5.0 (x32)
Paint.NET v3.5.10 (Version: 3.60.0)
Paragon Festplatten Manager 2009 Kompakt (Version: 90.00.0003)
Paragon Partition Manager™ 10.0 Personal (Version: 90.00.0003)
PC Probe II (x32 Version: 1.04.86)
Photo Gallery (x32 Version: 16.4.3505.0912)
Picasa 3 (x32 Version: 3.9)
Pidgin (x32 Version: 2.10.6)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Plex For PowerPoint from Microsoft Office Labs (x32 Version: 1.0.5.15)
Postbox (3.0.6) (x32 Version: 3.0.6 (en-US))
Power2Go (x32 Version: 6.00.0000)
Psi+ (x32 Version: 0.16.116)
QPST 2.7 (x32 Version: 2.7.378)
QuickTime (x32 Version: 7.71.80.42)
Raptr (x32)
Reasonable NoClone 2013 (x32 Version: 6.0.25)
Recuva (Version: 1.43)
RegexRenamer (x32)
Remove Empty Directories version 2.2 (x32 Version: 2.2)
Revo Uninstaller 1.94 (x32 Version: 1.94)
Revo Uninstaller Pro 3.0.7 (Version: 3.0.7)
RIFT (x32 Version: 1.0.0)
Samsung Kies (x32 Version: 2.1.1.11124_17)
Samsung Link 1.7.0.1309231724 (Version: 1.7.0.1309231724)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)
Scribus 1.4.1 (x32 Version: 1.4.1)
SHIELD Streaming (Version: 1.05.28)
SketchUp 8 (x32 Version: 3.0.15158)
Skype Click to Call (x32 Version: 6.3.11079)
Skype Web Plugin 1.9.10772.12905 (x32 Version: 1.9.10772.12905)
Skype™ 6.6 (x32 Version: 6.6.106)
Software Updater (x32 Version: 4.1.1)
Soluto (Version: 1.3.1023.0)
SoundMAX (x32 Version: 6.10.2.6585)
Speccy (Version: 1.20)
Splashtop Streamer (x32 Version: 2.4.5.2)
Steam (x32 Version: 1.0.0.0)
System Health Windows SideShow Gadget (x32 Version: 1.0.0)
System Requirements Lab (x32)
System Requirements Lab for Intel (x32 Version: 4.4.24.0)
TeamSpeak 3 Client
TeamViewer 8 (x32 Version: 8.0.22298)
Tenado CAD-Symbols 2011 (x32 Version: 12.0.4554)
Tenado METALL 2011 (x32 Version: 12.0.4566)
Tenado Zeichnungsarchiv 2011 (x32 Version: 12.0.4100)
TerraTec H5 V5.09.1202.00 (x32 Version: 5.09.1202.00)
TerraTec Home Cinema (x32 Version: 6.23.17)
The Elder Scrolls V: Skyrim (x32)
The Witcher Enhanced Edition (x32 Version: 1.00.0000)
tools-windows (x32 Version: 9.2.3.1031769)
Transmute v2.50 (x32 Version: 2.50.0.0)
TrueCrypt (x32 Version: 7.1a)
TurboV (x32 Version: 1.02.04)
TweetDeck (x32 Version: 1.0.0)
Tweetings (Version: 1.4.5)
UltraVnc (Version: 1.0.9.5)
uniCSVed 1.1 (x32)
Unity Web Player (HKCU Version: )
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
User's Guides (Version: 1.20.0000)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Visual C++ 8.0 Runtime Setup Package (x64) (x32 Version: 9.0.0.623)
Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2)
VLC media player 1.1.11 (x32 Version: 1.1.11)
VLC media player 2.0.4 (Version: 2.0.4)
VMware Player (Version: 5.0.2)
VMware Player (x32 Version: 5.0.2)
Warhammer Online: Age of Reckoning (x32 Version: )
Watson (x32 Version: 1.0.0)
WhoCrashed 4.01
WinDirStat 1.1.2 (HKCU)
Windows 7 USB/DVD Download Tool (x32 Version: 1.0.30)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) (Version: 09/11/2009 6.2.0.9407)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Mail (x32 Version: 16.4.3505.0912)
Windows Live Messenger (x32 Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live OneCare safety scanner (x32 Version: 1.0.0.0)
Windows Live OneCare safety scanner (x32)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live Writer (x32 Version: 16.4.3505.0912)
Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
Windows SideShow Managed Runtime 1.0 (x32 Version: 1.0.1.0)
WinPcap 4.1.2 (x32 Version: 4.1.0.2001)
WinSCP 5.1.3 (x32 Version: 5.1.3)
World of Warcraft (x32 Version: 5.4.0.17399)
X3: Albion Prelude (x32)
X3: Terran Conflict (x32)
Xobni (x32 Version: 2.0.3.13734)
Xobni Core (x32 Version: 1.0.0)
Yahoo! Messenger (x32)
==================== Restore Points =========================
11-10-2013 17:00:58 Windows Update
15-10-2013 06:55:31 ComboFix created restore point
==================== Hosts content: ==========================
2010-01-16 02:45 - 2013-10-15 09:10 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0EF3BBD4-ABAE-42DB-998F-0817109C1ED5} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Tuso\Fiabee Sync\Fiabee.exe [2012-08-23] ()
Task: {10528F07-0CB9-4418-9BED-7BB2450079EB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2924421799-2045358301-2701136695-1001UA => C:\Users\henry\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-09] (Google Inc.)
Task: {15733032-D2C9-4559-BCA5-96338987DE1C} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.02\AsLoader.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {178A916F-CED7-4544-9702-58D9CA360C7A} - System32\Tasks\Launch ASUS Sync Loader => C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe [2013-03-01] (Futuredial Inc.)
Task: {33DDB465-A1F3-415D-BF44-D00807434A8C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-11-22] (Google Inc.)
Task: {38E39C24-A874-4924-870B-8EB31E093707} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2008-12-11] ()
Task: {39E914B3-BEDC-4941-9A15-A2CDB6EB100B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated)
Task: {50E14874-11FE-4470-95EC-FE422AC4D101} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {62872D97-DCE2-4BCE-B6A2-7C9DE6FDA256} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}
Task: {75357D48-0B44-4570-9080-769E53F24AB2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-11-22] (Google Inc.)
Task: {803BDF6F-C804-416E-8AD0-41EE56684958} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {823E5429-C733-4909-BAC9-54E7AFAFD847} - System32\Tasks\ASUS\Cpu Level Up Hook Lanunch => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe [2009-12-28] ()
Task: {98D3DB96-29E3-47E7-ABF3-F7E93872F5F5} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2010-03-08] (ASUSTeK Computer Inc.)
Task: {A16502BF-EF98-4938-9987-FC4C5FECBEFD} - System32\Tasks\{23998907-CC0F-48C9-AD39-78F38741B8D3} => C:\Downloads\Software\freeze-setup.exe
Task: {AD98569F-5222-49C6-A72D-3526ECE90699} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {BA60CA74-F95C-4FAC-9E80-5B3A7099F1B9} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {BE4613F6-B20C-4D28-9AA7-EF65EA29C096} - System32\Tasks\Test => C:\windows\System32\cmd.exe [2012-07-26] (Microsoft Corporation)
Task: {DA60B157-39E3-4B6B-BEA3-60B386E4620F} - System32\Tasks\{258C7ADE-E9E2-4916-AB73-CBF693ADB7C5} => Firefox.exe
Task: {DBA35E26-1CD5-42B1-A989-2D196BE81D19} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2924421799-2045358301-2701136695-1001Core => C:\Users\henry\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-09] (Google Inc.)
Task: {E9218686-CC7B-442C-B406-1479868A2057} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {EEC56030-ED15-4F0A-B0B3-C341C8A5227B} - System32\Tasks\{E3286D85-3891-4D5B-B5DB-3F80D1D60449} => Chrome.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/go/help.faq.installer?LastError=1603
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924421799-2045358301-2701136695-1001Core.job => C:\Users\henry\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924421799-2045358301-2701136695-1001UA.job => C:\Users\henry\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2009-11-22 01:45 - 2006-02-23 13:35 - 00020480 _____ () C:\WINDOWS\System32\FritzColorPort64.dll
2009-11-22 01:45 - 2006-02-22 12:39 - 00020480 _____ () C:\WINDOWS\System32\FritzPort64.dll
2013-08-15 15:04 - 2013-09-23 17:24 - 00012800 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2013-10-15 10:15 - 2013-10-15 10:15 - 00515584 _____ () C:\Windows\Temp\sqlite-3.7.2-sqlitejdbc.dll
2013-09-04 11:25 - 2013-09-23 17:24 - 01386496 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2013-09-04 11:25 - 2013-09-23 17:24 - 01427456 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-08-15 15:04 - 2013-09-23 17:24 - 01588736 _____ () C:\Program Files\Samsung\Samsung Link\SppAgentSvc.dll
2013-09-10 10:11 - 2013-09-10 10:11 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\64bit\JNIInterface.dll
2013-09-10 10:12 - 2013-09-10 10:12 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\64bit\ASFAPI.dll
2013-09-10 10:14 - 2013-09-10 10:14 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\64bit\MediaDB_Manager.dll
2013-08-23 14:34 - 2013-08-23 14:34 - 00030720 _____ () C:\WINDOWS\SYSTEM32\MediaDB64.dll
2013-08-23 14:34 - 2013-08-23 14:34 - 00908800 _____ () C:\WINDOWS\SYSTEM32\ContentDirectoryPresenter64.dll
2013-09-10 10:13 - 2013-09-10 10:13 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\64bit\DMS_Manager.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00049152 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00016896 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00058880 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00299520 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2013-08-15 15:04 - 2013-09-23 17:24 - 00043520 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2013-08-16 03:16 - 2013-08-16 03:16 - 03663360 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\PCGPreCompiled\f1eb35b425fc052c884cd9f1509e7ee3\PCGPreCompiled.ni.dll
2013-10-15 10:51 - 2013-10-15 10:51 - 00264192 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\PCGAppControlPlugin#\38e9fc01749185d1506502e9b99110ea\PCGAppControlPluginLoader.ni.dll
2012-10-28 17:37 - 2012-10-28 17:37 - 00084992 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll
2012-10-28 17:37 - 2012-10-28 17:37 - 00056368 ____R () C:\Program Files\Soluto\PCGDeviceScanLib.dll
2012-10-30 13:11 - 2013-09-12 09:25 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-06-01 08:40 - 2013-06-01 08:41 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2010-07-14 17:32 - 2010-07-14 17:32 - 01501696 _____ () C:\Program Files (x86)\Tuso\Fiabee Sync\x64\LIBEAY32.dll
2010-07-14 17:32 - 2010-07-14 17:32 - 00331776 _____ () C:\Program Files (x86)\Tuso\Fiabee Sync\x64\SSLEAY32.dll
2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-10-08 18:52 - 2013-07-31 21:54 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-08-23 14:34 - 2013-08-23 14:34 - 01112576 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\DMSManager.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\boost_serialization-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\boost_system-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\boost_thread-vc90-mt-1_47.dll
2013-08-23 14:34 - 2013-08-23 14:34 - 00706560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\ContentDirectoryPresenter.dll
2013-08-23 14:34 - 2013-08-23 14:34 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\DCMCDP.dll
2013-08-23 14:34 - 2013-08-23 14:34 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\FolderCDP.dll
2013-07-23 19:30 - 2013-07-23 19:30 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\Autobackup.dll
2013-07-23 19:30 - 2013-07-23 19:30 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\RosettaAllShare.dll
2013-08-23 14:34 - 2013-08-23 14:34 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\MetadataFramework.dll
2013-07-23 19:30 - 2013-07-23 19:30 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\sqlite3.dll
2013-07-23 19:30 - 2013-07-23 19:30 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\MoodExtractor.dll
2013-07-23 19:30 - 2013-07-23 19:30 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\DCMImgExtractor.dll
2013-08-14 08:29 - 2013-08-14 08:29 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AutoChaptering.dll
2013-08-14 08:29 - 2013-08-14 08:29 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AudioExtractor.dll
2013-08-23 14:34 - 2013-08-23 14:34 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\VideoExtractor.dll
2013-08-14 08:29 - 2013-08-14 08:29 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\ImageExtractor.dll
2013-08-14 08:29 - 2013-08-14 08:29 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\TextExtractor.dll
2013-07-23 19:30 - 2013-07-23 19:30 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\libexpat.dll
2013-08-14 08:29 - 2013-08-14 08:29 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\VideoThumb.dll
2013-08-14 08:29 - 2013-08-14 08:29 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\ID3Driver.dll
2013-08-14 08:29 - 2013-08-14 08:29 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\RichInfoDriver.dll
2013-08-14 08:29 - 2013-08-14 08:29 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\ThumbnailMaker.dll
2013-08-23 14:34 - 2013-08-23 14:34 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\VideoMetadataDriver.dll
2013-08-14 08:29 - 2013-08-14 08:29 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\SECMetaDriver.dll
2013-07-23 19:30 - 2013-07-23 19:30 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\photoDriver.dll
2013-07-23 19:30 - 2013-07-23 19:30 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\avcodec-52.dll
2013-07-23 19:30 - 2013-07-23 19:30 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\avformat-52.dll
2013-07-23 19:30 - 2013-07-23 19:30 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\avutil-50.dll
2013-07-23 19:30 - 2013-07-23 19:30 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\swscale-0.dll
2013-07-23 19:30 - 2013-07-23 19:30 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\tag.dll
2013-07-23 19:30 - 2013-07-23 19:30 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\libThumbnail.dll
2013-08-14 08:29 - 2013-08-14 08:29 - 01033216 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\ImageMagickWrapper.dll
2013-08-14 08:29 - 2013-08-14 08:29 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\libKeyFrame.dll
2013-07-23 19:30 - 2013-07-23 19:30 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\libexif-12.dll.dll
2013-07-23 19:30 - 2013-07-23 19:30 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\us.dll
2012-05-02 17:06 - 2012-05-02 17:06 - 00209408 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2012-05-02 17:02 - 2012-05-02 17:02 - 00039936 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2012-05-02 17:06 - 2012-05-02 17:06 - 00075264 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2012-05-02 17:06 - 2012-05-02 17:06 - 00641536 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-11.dll
2012-05-02 17:03 - 2012-05-02 17:03 - 00047616 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2013-02-26 03:28 - 2013-02-26 03:28 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2012-01-25 12:23 - 2009-04-22 21:20 - 00179712 _____ () C:\Program Files (x86)\ASUS\EPU-6 Engine\ASUSSERVICE.DLL
2012-01-25 12:23 - 2009-08-27 20:41 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-6 Engine\pngio.dll
2010-11-22 14:00 - 2010-11-22 14:00 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-11-22 14:00 - 2010-11-22 14:00 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-11-22 14:00 - 2010-11-22 14:00 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-03-12 18:10 - 2013-08-22 00:18 - 00687104 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-05-14 12:16 - 2013-10-09 04:19 - 01121704 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-05-14 12:16 - 2013-09-11 00:20 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-05-14 12:16 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-05-14 12:16 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-05-14 12:16 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2012-06-22 23:53 - 2012-06-22 23:53 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2012-06-22 23:24 - 2012-06-22 23:24 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2012-06-22 23:39 - 2012-06-22 23:39 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2012-06-22 23:55 - 2012-06-22 23:55 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00124928 _____ () C:\Program Files (x86)\Raptr\_elementtree.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2012-02-06 22:28 - 2012-02-06 22:28 - 00031744 _____ () C:\Program Files (x86)\Raptr\Crypto.Cipher.AES.pyd
2012-02-06 22:28 - 2012-02-06 22:28 - 00010752 _____ () C:\Program Files (x86)\Raptr\Crypto.Random.OSRNG.winrandom.pyd
2012-02-06 22:28 - 2012-02-06 22:28 - 00011264 _____ () C:\Program Files (x86)\Raptr\Crypto.Util._counter.pyd
2011-05-10 21:01 - 2011-05-10 21:01 - 00030208 _____ () C:\Program Files (x86)\Raptr\simplejson._speedups.pyd
2012-06-22 23:59 - 2012-06-22 23:59 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\henry\AppData\Roaming\Dropbox\bin\libcef.dll
2012-09-08 13:16 - 2012-09-08 13:16 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2012-09-08 13:16 - 2012-09-08 13:16 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2009-11-24 00:49 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2012-01-25 12:27 - 2008-02-25 16:08 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.dll
2012-01-25 12:27 - 2007-01-03 23:25 - 00008704 _____ () C:\Program Files (x86)\ASUS\AI Suite\AiNap\vvc.dll
2011-09-05 09:19 - 2011-09-05 09:19 - 00028672 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AxInterop.ShockwaveFlashObjects.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2012-10-27 09:53 - 2012-10-27 09:53 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2010-07-14 17:30 - 2010-07-14 17:30 - 02099200 _____ () C:\Program Files (x86)\Tuso\Fiabee Sync\QtCore4.dll
2010-07-14 17:23 - 2010-07-14 17:23 - 07816192 _____ () C:\Program Files (x86)\Tuso\Fiabee Sync\QtGui4.dll
2012-08-23 18:04 - 2012-08-23 18:04 - 01075712 _____ () C:\Program Files (x86)\Tuso\Fiabee Sync\ServerTransferLibrary.dll
2010-07-14 17:34 - 2010-07-14 17:34 - 00194048 _____ () C:\Program Files (x86)\Tuso\Fiabee Sync\curllib.dll
2010-07-14 16:42 - 2010-07-14 16:42 - 00059904 _____ () C:\Program Files (x86)\Tuso\Fiabee Sync\zlib1.dll
2010-07-14 17:34 - 2010-07-14 17:34 - 00110592 _____ () C:\Program Files (x86)\Tuso\Fiabee Sync\OpenLDAP.dll
2010-07-14 17:34 - 2010-07-14 17:34 - 00065536 _____ () C:\Program Files (x86)\Tuso\Fiabee Sync\libsasl.dll
2012-01-25 12:22 - 2009-12-08 22:37 - 00565248 _____ () C:\Program Files (x86)\ASUS\TurboV\pngio.dll
2012-01-25 12:22 - 2009-12-08 22:37 - 00135680 _____ () C:\Program Files (x86)\ASUS\TurboV\TVOCLIB.DLL
2012-09-14 19:15 - 2010-02-09 10:52 - 33744168 _____ () C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\res.dll
2013-03-01 10:55 - 2013-03-01 10:55 - 00516599 _____ () C:\Program Files (x86)\ASUS\ASUS Sync\sqlite3.dll
2013-03-01 10:55 - 2013-03-01 10:55 - 00094208 _____ () C:\Program Files (x86)\ASUS\ASUS Sync\fdHttpd.dll
2013-03-01 10:55 - 2013-03-01 10:55 - 00356352 _____ () C:\Program Files (x86)\ASUS\ASUS Sync\asusDetect.dll
2013-03-01 10:55 - 2013-03-01 10:55 - 00147456 _____ () C:\Program Files (x86)\ASUS\ASUS Sync\asusDetectLegend.dll
2013-03-01 10:55 - 2013-03-01 10:55 - 00559244 _____ () C:\Program Files (x86)\ASUS\ASUS Sync\sqlite3.7.dll
2013-03-01 10:55 - 2013-03-01 10:55 - 00139264 _____ () C:\Program Files (x86)\ASUS\ASUS Sync\asusDisk.dll
2013-10-04 17:44 - 2013-10-03 08:02 - 00698832 _____ () C:\Users\henry\AppData\Local\Google\Chrome\Application\30.0.1599.69\libglesv2.dll
2013-10-04 17:44 - 2013-10-03 08:02 - 00099792 _____ () C:\Users\henry\AppData\Local\Google\Chrome\Application\30.0.1599.69\libegl.dll
2013-10-04 17:44 - 2013-10-03 08:03 - 04055504 _____ () C:\Users\henry\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll
2013-10-04 17:44 - 2013-10-03 08:03 - 00415184 _____ () C:\Users\henry\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
2013-10-04 17:44 - 2013-10-03 08:02 - 01604560 _____ () C:\Users\henry\AppData\Local\Google\Chrome\Application\30.0.1599.69\ffmpegsumo.dll
2013-10-16 09:42 - 2013-10-16 09:42 - 00181760 _____ () C:\Users\henry\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nckgahadagoaajjgafhacjanaoiihapd\2013.1002.433.1_0\plugin\ace.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\henry\Downloads\index.rss:OECustomProperty
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
Name: NETGEAR 108 MBit/s-Drahtlos-PCI-Adapter WG311T
Description: NETGEAR 108 MBit/s-Drahtlos-PCI-Adapter WG311T
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/16/2013 03:56:22 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MetaExtractor.exe, Version: 1.8.0.0, Zeitstempel: 0x52117fee
Name des fehlerhaften Moduls: MetaExtractorDLL.dll, Version: 0.0.0.0, Zeitstempel: 0x52117fe9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00003bf6
ID des fehlerhaften Prozesses: 0x1d4c
Startzeit der fehlerhaften Anwendung: 0xMetaExtractor.exe0
Pfad der fehlerhaften Anwendung: MetaExtractor.exe1
Pfad des fehlerhaften Moduls: MetaExtractor.exe2
Berichtskennung: MetaExtractor.exe3
Vollständiger Name des fehlerhaften Pakets: MetaExtractor.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MetaExtractor.exe5
Error: (10/16/2013 02:52:28 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MetaExtractor.exe, Version: 1.8.0.0, Zeitstempel: 0x52117fee
Name des fehlerhaften Moduls: MetaExtractorDLL.dll, Version: 0.0.0.0, Zeitstempel: 0x52117fe9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00003bf6
ID des fehlerhaften Prozesses: 0x2a8c
Startzeit der fehlerhaften Anwendung: 0xMetaExtractor.exe0
Pfad der fehlerhaften Anwendung: MetaExtractor.exe1
Pfad des fehlerhaften Moduls: MetaExtractor.exe2
Berichtskennung: MetaExtractor.exe3
Vollständiger Name des fehlerhaften Pakets: MetaExtractor.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MetaExtractor.exe5
Error: (10/15/2013 00:06:53 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Error: (10/15/2013 00:00:47 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Error: (10/15/2013 10:49:07 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Error: (10/15/2013 10:17:24 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MetaExtractor.exe, Version: 1.8.0.0, Zeitstempel: 0x52117fee
Name des fehlerhaften Moduls: MetaExtractorDLL.dll, Version: 0.0.0.0, Zeitstempel: 0x52117fe9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00003bf6
ID des fehlerhaften Prozesses: 0x1ab0
Startzeit der fehlerhaften Anwendung: 0xMetaExtractor.exe0
Pfad der fehlerhaften Anwendung: MetaExtractor.exe1
Pfad des fehlerhaften Moduls: MetaExtractor.exe2
Berichtskennung: MetaExtractor.exe3
Vollständiger Name des fehlerhaften Pakets: MetaExtractor.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MetaExtractor.exe5
Error: (10/15/2013 10:17:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Farahlon764)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.People“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/15/2013 10:17:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Farahlon764)
Description: Die App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.People“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error: (10/15/2013 10:12:42 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.2.9200.16628, Zeitstempel: 0x51a94434
Name des fehlerhaften Moduls: DesktopDock64.dll, Version: 2.10.0.0, Zeitstempel: 0x511c2611
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000000000077e37
ID des fehlerhaften Prozesses: 0x18c0
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5
Error: (10/15/2013 09:58:11 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AsusWSPanel.exe, Version: 1.0.0.0, Zeitstempel: 0x501b64c5
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6871, Zeitstempel: 0x4fee6073
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003b6df
ID des fehlerhaften Prozesses: 0x26b8
Startzeit der fehlerhaften Anwendung: 0xAsusWSPanel.exe0
Pfad der fehlerhaften Anwendung: AsusWSPanel.exe1
Pfad des fehlerhaften Moduls: AsusWSPanel.exe2
Berichtskennung: AsusWSPanel.exe3
Vollständiger Name des fehlerhaften Pakets: AsusWSPanel.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AsusWSPanel.exe5
System errors:
=============
Error: (10/16/2013 03:15:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Splashtop® Remote Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/16/2013 03:15:34 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT-AUTORITÄT)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
Error: (10/16/2013 03:15:32 PM) (Source: NETLOGON) (User: )
Description: Der Computer konnte eine sichere Sitzung mit einem
Domänencontroller in der Domäne ***DomainName*** aufgrund der folgenden
Ursache nicht einrichten:
%%1311
Dies kann zu Authentifizierungsproblemen führen. Stellen
Sie sicher, dass der Computer mit dem Netzwerk verbunden ist.
Wenden Sie sich an den Domänenadministrator, wenn das Problem
weiterhin besteht.
ZUSÄTZLICHE INFORMATIONEN
Wenn dieser Computer ein Domänencontroller der bestimmten
Domäne ist, wird eine sichere Sitzung zum primären
Domänencontrolleremulator in der bestimmten Domäne eingerichtet.
Andernfalls richtet dieser Computer eine sichere Sitzung zu
einem beliebigen Domänencontroller in der bestimmten Domäne ein.
Error: (10/16/2013 03:15:30 PM) (Source: BTHUSB) (User: )
Description: Der Bluetooth-Treiber hat ein HCI-Ereignis mit einer bestimmten Größe erwartet, das aber nicht empfangen wurde.
Error: (10/16/2013 03:14:52 PM) (Source: athr) (User: )
Description: NETGEAR 108 MBit/s-Drahtlos-PCI-Adapter WG311T : Netzwerkadapter wurde nicht gefunden.
Error: (10/16/2013 03:14:43 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0
Error: (10/16/2013 02:52:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "cpuz135" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/16/2013 02:48:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Splashtop® Remote Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/16/2013 02:47:58 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT-AUTORITÄT)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
Error: (10/16/2013 02:47:55 PM) (Source: NETLOGON) (User: )
Description: Der Computer konnte eine sichere Sitzung mit einem
Domänencontroller in der Domäne ***DomainName*** aufgrund der folgenden
Ursache nicht einrichten:
%%1311
Dies kann zu Authentifizierungsproblemen führen. Stellen
Sie sicher, dass der Computer mit dem Netzwerk verbunden ist.
Wenden Sie sich an den Domänenadministrator, wenn das Problem
weiterhin besteht.
ZUSÄTZLICHE INFORMATIONEN
Wenn dieser Computer ein Domänencontroller der bestimmten
Domäne ist, wird eine sichere Sitzung zum primären
Domänencontrolleremulator in der bestimmten Domäne eingerichtet.
Andernfalls richtet dieser Computer eine sichere Sitzung zu
einem beliebigen Domänencontroller in der bestimmten Domäne ein.
Microsoft Office Sessions:
=========================
Error: (10/16/2013 03:56:22 PM) (Source: Application Error)(User: )
Description: MetaExtractor.exe1.8.0.052117feeMetaExtractorDLL.dll0.0.0.052117fe9c000000500003bf61d4c01ceca777a526213C:\Program Files\Samsung\Samsung Link\utils\MetaExtractor.exeC:\Program Files\Samsung\Samsung Link\utils\MetaExtractorDLL.dllbcf947fe-366a-11e3-beae-000272a66d56
Error: (10/16/2013 02:52:28 PM) (Source: Application Error)(User: )
Description: MetaExtractor.exe1.8.0.052117feeMetaExtractorDLL.dll0.0.0.052117fe9c000000500003bf62a8c01ceca6e865b72f8C:\Program Files\Samsung\Samsung Link\utils\MetaExtractor.exeC:\Program Files\Samsung\Samsung Link\utils\MetaExtractorDLL.dllcfb11cdd-3661-11e3-bead-000272a66d56
Error: (10/15/2013 00:06:53 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Program Files (x86)\Epson Software\Download Navigator\EPSDNAVI.EXE
Error: (10/15/2013 00:00:47 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Program Files (x86)\Epson Software\Download Navigator\EPSDNAVI.EXE
Error: (10/15/2013 10:49:07 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Program Files (x86)\Epson Software\Download Navigator\EPSDNAVI.EXE
Error: (10/15/2013 10:17:24 AM) (Source: Application Error)(User: )
Description: MetaExtractor.exe1.8.0.052117feeMetaExtractorDLL.dll0.0.0.052117fe9c000000500003bf61ab001cec97edb909dbdC:\Program Files\Samsung\Samsung Link\utils\MetaExtractor.exeC:\Program Files\Samsung\Samsung Link\utils\MetaExtractorDLL.dll38123fd8-3572-11e3-beac-000272a66d56
Error: (10/15/2013 10:17:15 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: Farahlon764)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.People-2144927142
Error: (10/15/2013 10:17:05 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: Farahlon764)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.People
Error: (10/15/2013 10:12:42 AM) (Source: Application Error)(User: )
Description: explorer.exe6.2.9200.1662851a94434DesktopDock64.dll2.10.0.0511c2611c000041d0000000000077e3718c001cec97899ece936C:\WINDOWS\explorer.exec:\program files (x86)\stardock\fences\DesktopDock64.dll8ffbeeef-3571-11e3-beab-00248c9fdb1b
Error: (10/15/2013 09:58:11 AM) (Source: Application Error)(User: )
Description: AsusWSPanel.exe1.0.0.0501b64c5MSVCR90.dll9.0.30729.68714fee6073c00000050003b6df26b801cec976d9a7ae5bC:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exeC:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6871_none_50944e7cbcb706e5\MSVCR90.dll891ed199-356f-11e3-beab-00248c9fdb1b
CodeIntegrity Errors:
===================================
Date: 2013-10-15 12:15:26.235
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-10-15 12:15:26.154
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-10-15 12:15:26.100
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-10-15 12:15:25.986
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-10-15 12:15:25.945
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-10-15 12:15:25.894
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-10-15 12:15:24.273
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-10-15 12:15:23.528
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-10-15 12:07:14.990
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-10-15 12:07:14.865
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
==================== Memory info ===========================
Percentage of memory in use: 50%
Total physical RAM: 6135.11 MB
Available physical RAM: 3031.21 MB
Total Pagefile: 12279.11 MB
Available Pagefile: 7630.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (C System) (Fixed) (Total:584.78 GB) (Free:83.96 GB) NTFS
Drive d: (KRTMSVOL_DE_DVD) (CDROM) (Total:1.97 GB) (Free:0 GB) UDF
Drive r: (Reserve) (Fixed) (Total:346.63 GB) (Free:320.43 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: B4A8B4AE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=585 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=347 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
17.10.2013, 08:29
| #12 |
| /// the machine /// TB-Ausbilder | Probleme mit searchgol nach deltatoolbar nach installation von imgburn (Win8-x64-chrome)ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.10.2013, 10:13
| #13 |
| | Probleme mit searchgol nach deltatoolbar nach installation von imgburn (Win8-x64-chrome) Nurmal kurze Rückkopplung, hatte ESET über Nacht laufen lassen, aber bei 55% gings nicht weiter, Uhr war auch auf Zeit von gestern abend stehen geblieben  , nun ja neu gestartet.. hat jetzt 2h 45 Minuten gelaufen und schon 45%  .. Also mal abwarten. Dauert ein bischen. |
|
18.10.2013, 15:28
| #14 |
| /// the machine /// TB-Ausbilder | Probleme mit searchgol nach deltatoolbar nach installation von imgburn (Win8-x64-chrome) ok
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.10.2013, 20:32
| #15 |
| |  Probleme mit searchgol nach deltatoolbar nach installation von imgburn (Win8-x64-chrome) ESET ist wieder bei ca. 55% stehengeblieben. Ich habe am Wochenende keine Zeit und mache Montag weiter. |
|
| Themen zu Probleme mit searchgol nach deltatoolbar nach installation von imgburn (Win8-x64-chrome) |
| administrator, bluescreen, chromium, computer, delta chrome toolbar, farbar, farbar recovery scan tool, flash player, free download, homepage, install.exe, plug-in, pup.optional.babylon.a, pup.optional.browserdefender.a, pup.optional.datamngr.a, pup.optional.delta, pup.optional.delta.a, pup.optional.opencandy, pup.optional.performersoft.a, pup.pswtool.productkey, revo uninstaller, searchgol, secure search, services.exe, system, windowsapps, winlogon.exe |
Linear-Darstellung
