| |
| |||||||
Log-Analyse und Auswertung: Win 7: Mozilla öffnet keine Seiten: Iminent-Adware/Virus/ToolbarWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
09.04.2014, 16:10
| #1 |
 |  Win 7: Mozilla öffnet keine Seiten: Iminent-Adware/Virus/Toolbar Hallo, ich habe bei einer Installation nicht aufgepasst und mir die Adware Iminent und ich denke noch mehr eingefangen. Auf jeden Fall hatte ich danach die Toolbar und Startseite Iminent im Mozilla Firefox. Ich habe dann Malwarebytes Antimalware laufen lassen und der hat auch einiges gefunden: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 10.04.2014 Scan Time: 14:13:49 Logfile: malwarebytes 1.txt Administrator: Yes Version: 2.00.1.1004 Malware Database: v2014.04.09.03 Rootkit Database: v2014.03.27.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Chameleon: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Greg Scan Type: Threat Scan Result: Completed Objects Scanned: 244239 Time Elapsed: 59 min, 47 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Shuriken: Enabled PUP: Enabled PUM: Enabled Processes: 1 PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings\SecureAssist.exe, 3140, Delete-on-Reboot, [390e6cbc631856e04a3b1f43bc46847c] Modules: 0 (No malicious items detected) Registry Keys: 46 PUP.Optional.AdPeak.A, HKLM\SOFTWARE\CLASSES\APPID\{76A60138-58B3-4e27-85FB-8FEF344A8998}, Quarantined, [0641f830fb803501f326d638857d03fd], PUP.Optional.AdPeak.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{76A60138-58B3-4E27-85FB-8FEF344A8998}, Quarantined, [0641f830fb803501f326d638857d03fd], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\Rr Savings, Quarantined, [192e2602ff7c142235f469f85ba7f50b], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\suprasavings, Quarantined, [86c1a97f7506181e5f4f6003ab577888], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\Rr Savings, Quarantined, [ef585ccc4f2c4de99d8c8ed30ef4a957], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\SupraSavings, Quarantined, [c58250d8641748ee88a3e08127db19e7], PUP.Optional.SupraSavings.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SECUREASSIST, Quarantined, [390e6cbc631856e04a3b1f43bc46847c], PUP.Optional.SupraSavings.A, HKU\S-1-5-21-571916134-4208678346-963886956-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupraSavings, Quarantined, [c7801b0d790256e03d725c07d131c33d], PUP.Optional.SupraSavings.A, HKU\S-1-5-21-571916134-4208678346-963886956-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, Quarantined, [7fc840e82f4cd363e6aee67caf53936d], PUP.Optional.SupraSavings.A, HKU\S-1-5-21-571916134-4208678346-963886956-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\suprasavings, Quarantined, [a7a008209fdca294228e451ed929db25], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{9863E762-BACC-46E4-8CAA-2A6ADA06B65B}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{039D611A-7085-4E78-99E1-1BC6F49314C1}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{37A2ED38-A271-4338-92F0-2597C63AB0D6}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3F54B9ED-DBB6-4AC2-9136-9598304A4088}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{60EEBE82-A0B9-4D4B-A227-ECF69CE21BB5}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{70215BB2-D45B-4D40-A467-32AF0FF8036F}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{820B6267-576D-4A2D-94C4-980D227A0C4E}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9EF718B4-A84D-4E46-B365-7DF81E4CF73E}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C1F5E799-B218-4C32-B189-3C389BA140BB}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E8D63DD4-ACE0-47F1-836C-69E60B5366FD}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F60C9408-3110-4C98-A139-ABE1EE1111DD}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{039D611A-7085-4E78-99E1-1BC6F49314C1}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{37A2ED38-A271-4338-92F0-2597C63AB0D6}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3F54B9ED-DBB6-4AC2-9136-9598304A4088}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{60EEBE82-A0B9-4D4B-A227-ECF69CE21BB5}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{70215BB2-D45B-4D40-A467-32AF0FF8036F}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{820B6267-576D-4A2D-94C4-980D227A0C4E}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9EF718B4-A84D-4E46-B365-7DF81E4CF73E}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C1F5E799-B218-4C32-B189-3C389BA140BB}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E8D63DD4-ACE0-47F1-836C-69E60B5366FD}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F60C9408-3110-4C98-A139-ABE1EE1111DD}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{9863E762-BACC-46E4-8CAA-2A6ADA06B65B}, Quarantined, [9cab9791df9ca5915ce9055a72907b85], Registry Values: 1 PUP.Optional.SupraSavings.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SECUREASSIST|ImagePath, C:\Program Files\SupraSavings\SecureAssist.exe, Quarantined, [390e6cbc631856e04a3b1f43bc46847c] Registry Data: 0 (No malicious items detected) Folders: 2 PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings, Delete-on-Reboot, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings, Quarantined, [e067d454057642f4b392035c60a28f71], Files: 38 PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, Quarantined, [63e4c06847349a9c1b58dd6006fa07f9], PUP.Optional.SupraSavings.A, C:\temp\t.msi, Quarantined, [d96eda4e78034de96bc6709f7f857f81], PUP.Optional.AdPeak.A, C:\Windows\SysWOW64\SecureAssist.dll, Delete-on-Reboot, [59eec66295e6c5714f24b88541bfb749], PUP.Optional.Iminent.A, C:\Users\Greg\AppData\Local\Temp\n3155\Iminent_1712-b2fcad5e.exe, Quarantined, [5deac0681c5fbf777ab0f14cbf420df3], PUP.Optional.Rapiddown, C:\Users\Greg\AppData\Local\Temp\n3155\s3155.exe, Quarantined, [c0875fc98deefa3ca3f624366e937789], PUP.Optional.AdPeak.A, C:\Windows\Installer\10319f.msi, Quarantined, [48ff48e00c6fa78f9fd43607b54b1be5], PUP.Optional.SupraSavings.A, C:\Windows\Installer\ecdaf.msi, Quarantined, [5ceb8d9bf08b8da951e0d73820e49d63], PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings\SecureAssist.exe, Delete-on-Reboot, [390e6cbc631856e04a3b1f43bc46847c], PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings\Installbat.dll, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings\Installbat64.dll, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings\InstallDLL.dll, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings\InstallDLL64.dll, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings\Microsoft.Deployment.WindowsInstaller.dll, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings\Microsoft.Deployment.WindowsInstaller.xml, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings\PCProxyDLL64.dll, Delete-on-Reboot, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings\SecureAssist.dll, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings\SecureAssist.tlb, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings\SecureAssist64.dll, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings\SecureAssistLSP.exe, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings\SecureAssistLSP.ini, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings\SecureAssistLSP64.exe, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings\uninstaller.exe, Quarantined, [9cab9791df9ca5915ce9055a72907b85], PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\2rs3.dll, Quarantined, [e067d454057642f4b392035c60a28f71], PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\background.js, Quarantined, [e067d454057642f4b392035c60a28f71], PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\CustomActionInstall, Quarantined, [e067d454057642f4b392035c60a28f71], PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\CustomActionUninstall, Quarantined, [e067d454057642f4b392035c60a28f71], PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\icon128.png, Quarantined, [e067d454057642f4b392035c60a28f71], PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\icon16.png, Quarantined, [e067d454057642f4b392035c60a28f71], PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\icon32.png, Quarantined, [e067d454057642f4b392035c60a28f71], PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\icon48.png, Quarantined, [e067d454057642f4b392035c60a28f71], PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\icon64.png, Quarantined, [e067d454057642f4b392035c60a28f71], PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\icon8.png, Quarantined, [e067d454057642f4b392035c60a28f71], PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\iwalyk.js, Quarantined, [e067d454057642f4b392035c60a28f71], PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\manifest.json, Quarantined, [e067d454057642f4b392035c60a28f71], PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\marcopolo.js, Quarantined, [e067d454057642f4b392035c60a28f71], PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\Microsoft.Deployment.WindowsInstaller.dll, Quarantined, [e067d454057642f4b392035c60a28f71], PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\Microsoft.Deployment.WindowsInstaller.xml, Quarantined, [e067d454057642f4b392035c60a28f71], PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\SendJson.dll, Quarantined, [e067d454057642f4b392035c60a28f71], Physical Sectors: 0 (No malicious items detected) (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 10.04.2014 Scan Time: 14:39:26 Logfile: malwarebytes 2.txt Administrator: Yes Version: 2.00.1.1004 Malware Database: v2014.04.09.03 Rootkit Database: v2014.03.27.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Chameleon: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Greg Scan Type: Threat Scan Result: Completed Objects Scanned: 244081 Time Elapsed: 11 min, 50 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Shuriken: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Hier also meine Logfiles: FRST.txt: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 28 days old and could be outdated)
Ran by Greg (administrator) on ZENBOOKG on 10-04-2014 16:34:04
Running from C:\Users\Greg\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DOT3Q6KK
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG2014\avgwdsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
() C:\Windows\SysWOW64\DptfParticipantProcessorService.exe
() C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
() C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
() C:\Program Files\003\xmkysecqun64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
() C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Adobe Systems, Inc.) C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe
(Dropbox, Inc.) C:\Users\Greg\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Windows\AsScrPro.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG2014\avgui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Sphinx Software) C:\Program Files\Windows8FirewallControl\Windows8FirewallControl.exe
(Sphinx Software) C:\Program Files\Windows8FirewallControl\Windows8FirewallService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_77_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Users\Greg\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F6L2U10S\Defogger.exe
() C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MousewithoutBordersHelper.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12460136 2012-03-29] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] - C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11407120 2012-03-27] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows8FirewallControl] - C:\Program Files\Windows8FirewallControl\Windows8FirewallControl.exe [1205248 2013-09-30] (Sphinx Software)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-03] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] - C:\Windows\AsScrPro.exe [3058304 2012-09-18] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UIExec] - C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe [153424 2012-01-17] ()
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-571916134-4208678346-963886956-1000\...\Run: [AdobeBridge] - C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe [20761960 2012-03-13] (Adobe Systems, Inc.)
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Greg\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://watch.nba.com/nba/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Adobe\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Adobe\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 16 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9-x64 01 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 02 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 03 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 04 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 16 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\luzyy51h.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
==================== Services (Whitelisted) =================
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 DptfParticipantProcessorService; C:\Windows\SysWOW64\DptfParticipantProcessorService.exe [18944 2012-02-20] ()
R2 DptfPolicyConfigTDPService; C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe [19968 2012-02-20] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193536 2012-04-10] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
S2 MouseWithoutBordersSvc; C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [27872 2012-12-28] (Microsoft)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-08-23] ()
S3 RMWPService; C:\Program Files (x86)\Reference Manager 12\WebPublisher\thirdparty\Apache2\bin\RMWP_Apache_Admin.exe [20537 2004-01-28] (Apache Software Foundation)
S2 SkypeUpdate; C:\Program Files (x86)\Adobe\Skype\Updater\Updater.exe [171680 2013-09-05] (Skype Technologies)
S2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [728328 2014-03-31] (DEVGURU Co., LTD.)
R2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [270672 2012-01-17] ()
R2 Windows8FirewallService; C:\Program Files\Windows8FirewallControl\Windows8FirewallService.exe [3806720 2013-09-30] (Sphinx Software)
R2 xmkysecqun64; C:\Program Files\003\xmkysecqun64.exe [706560 2014-04-09] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R0 assd; C:\Windows\System32\Drivers\assd.sys [27056 2011-10-29] (ASUS Corporation)
S3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2011-12-21] (Windows (R) Win 7 DDK provider)
S3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2011-11-08] (Windows (R) Win 7 DDK provider)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 AX88772B; C:\Windows\System32\DRIVERS\ax88772b.sys [110592 2012-04-05] (ASIX Electronics Corp.)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R3 DptfDevDram; C:\Windows\System32\DRIVERS\DptfDevDram.sys [107288 2012-02-20] (Intel Corporation)
R3 DptfDevFan; C:\Windows\System32\DRIVERS\DptfDevFan.sys [42776 2012-02-20] (Intel Corporation)
R3 DptfDevGen; C:\Windows\System32\DRIVERS\DptfDevGen.sys [64792 2012-02-20] (Intel Corporation)
R3 DptfDevPch; C:\Windows\System32\DRIVERS\DptfDevPch.sys [96024 2012-02-20] (Intel Corporation)
R3 DptfDevProc; C:\Windows\System32\DRIVERS\DptfDevProc.sys [220952 2012-02-20] (Intel Corporation)
R3 DptfManager; C:\Windows\System32\DRIVERS\DptfManager.sys [357656 2012-02-20] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-25] (DT Soft Ltd)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-04-10] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2014-04-04] (hxxp://libusb-win32.sourceforge.net)
S3 libusbK; C:\Windows\System32\DRIVERS\libusbK.sys [47200 2014-04-04] (hxxp://libusb-win32.sourceforge.net)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U3 DfSdkS;
S3 DIRECTIO; \??\c:\BIT_TEMP\DirectIo.sys [X]
S3 vpnva; system32\DRIVERS\vpnva64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-10 16:33 - 2014-04-10 16:34 - 00000000 ____D () C:\FRST
2014-04-10 16:32 - 2014-04-10 16:32 - 00000540 _____ () C:\Users\Greg\Desktop\defogger_disable.log
2014-04-10 16:32 - 2014-04-10 16:32 - 00000168 _____ () C:\Users\Greg\defogger_reenable
2014-04-10 16:26 - 2014-04-10 16:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-10 16:17 - 2014-04-10 16:17 - 00000000 ____D () C:\Program Files\Windows8FirewallControl
2014-04-10 14:56 - 2014-04-10 14:56 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-10 14:50 - 2014-04-10 14:50 - 00000000 ____D () C:\Windows\ERUNT
2014-04-10 13:13 - 2014-04-10 14:27 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-10 13:13 - 2014-04-10 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 13:13 - 2014-04-10 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-10 13:13 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-10 13:13 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-10 13:13 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-10 13:12 - 2014-04-10 13:13 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Greg\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-10 13:11 - 2014-04-10 13:11 - 00613200 _____ (Chip Digital GmbH) C:\Users\Greg\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-04-10 12:59 - 2014-04-10 14:45 - 00000000 ____D () C:\AdwCleaner
2014-04-10 12:58 - 2014-04-10 12:58 - 01426178 _____ () C:\Users\Greg\Downloads\adwcleaner.exe
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ___HD () C:\$AVG
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\TuneUp Software
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\AVG2014
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-10 12:15 - 2014-04-10 12:28 - 00000000 ____D () C:\Program Files (x86)\AVG2014
2014-04-10 12:13 - 2014-04-10 12:31 - 00000000 ____D () C:\Users\Greg\AppData\Local\Avg2014
2014-04-10 12:13 - 2014-04-10 12:29 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-10 12:13 - 2014-04-10 12:13 - 00000000 ____D () C:\Users\Greg\AppData\Local\MFAData
2014-04-10 12:03 - 2014-04-10 12:03 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Auslogics
2014-04-09 00:12 - 2014-04-09 00:12 - 00000000 ____D () C:\Program Files (x86)\zebNet® Thunderbird Backup 2012
2014-04-09 00:12 - 2012-02-22 00:12 - 00069632 _____ (S.A.Dittrich) C:\Windows\SysWOW64\cXPIBrowser.ocx
2014-04-09 00:12 - 2011-12-07 21:38 - 00126976 ____N (S.A.Dittrich) C:\Windows\SysWOW64\cXPINET.ocx
2014-04-09 00:12 - 2011-09-25 23:24 - 00061440 ____N (ASX) C:\Windows\SysWOW64\cXPIInternet.ocx
2014-04-09 00:12 - 2011-09-25 23:22 - 00196608 ____N (ASX) C:\Windows\SysWOW64\CXPICOMCTL.OCX
2014-04-09 00:12 - 2005-04-15 20:58 - 01351392 ____N (Microsoft Corporation) C:\Windows\SysWOW64\COMCTL32.OCX
2014-04-09 00:07 - 2014-03-12 16:00 - 00338120 _____ (SecureAssist) C:\Windows\system32\SecureAssist64.dll
2014-04-09 00:05 - 2014-04-09 00:05 - 00000000 ____D () C:\Program Files\003
2014-04-09 00:02 - 2014-04-10 00:12 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\zebNet
2014-04-08 23:59 - 2014-04-09 00:12 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-08 23:59 - 2014-04-08 23:59 - 00001162 _____ () C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\zebNet® Backup for Thunderbird® TNG.lnk
2014-04-08 23:59 - 2014-04-08 23:59 - 00000000 ____D () C:\ProgramData\zebNet
2014-04-08 23:59 - 2014-04-08 23:59 - 00000000 ____D () C:\Program Files\zebNet
2014-04-08 23:55 - 2014-04-08 23:55 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2014-04-08 23:55 - 2014-04-08 16:05 - 00000830 _____ () C:\Users\Greg\Documents\indexfile.txt
2014-04-05 00:31 - 2014-03-31 06:49 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00188232 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdm.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00169288 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadbus.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00158024 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadserd.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00021320 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdfl.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwhnt.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwh.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcmnt.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcm.sys
2014-04-05 00:29 - 2014-04-05 00:29 - 00000000 ____D () C:\Users\Greg\.android
2014-04-04 23:07 - 2014-04-04 23:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-04-04 23:03 - 2014-03-31 06:49 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2014-04-04 23:03 - 2014-03-31 06:49 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2014-04-04 23:03 - 2014-03-31 06:49 - 00109056 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-04-04 22:07 - 2014-04-10 14:17 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-04-04 22:07 - 2014-04-04 22:42 - 00000000 ____D () C:\usb_driver
2014-04-04 22:07 - 2014-04-04 22:31 - 00067680 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusb0.dll
2014-04-04 22:07 - 2014-04-04 22:31 - 00052320 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusb0.sys
2014-04-04 22:07 - 2014-04-04 22:19 - 00238176 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusbK.dll
2014-04-04 22:07 - 2014-04-04 22:19 - 00170080 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusbK.dll
2014-04-04 22:07 - 2014-04-04 22:19 - 00076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusb0.dll
2014-04-04 22:07 - 2014-04-04 22:19 - 00047200 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusbK.sys
2014-04-04 22:07 - 2014-04-04 22:07 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2014-04-04 22:07 - 2014-04-04 22:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-04-04 21:55 - 2014-04-04 21:55 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-04-04 21:54 - 2014-04-04 21:54 - 00000000 ____D () C:\ProgramData\Samsung
2014-04-04 21:26 - 2014-04-04 21:26 - 00000000 ____D () C:\Users\Greg\AppData\Local\Downloaded Installations
2014-04-04 21:18 - 2014-04-04 21:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-26 22:30 - 2013-11-20 11:26 - 55279480 _____ () C:\Users\Greg\Desktop\gardaseetour 002.tif
2014-03-25 21:52 - 2014-03-25 21:52 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\MPC-HC
2014-03-25 21:51 - 2014-03-25 21:51 - 00000000 ____D () C:\Program Files (x86)\Combined Community Codec Pack
2014-03-22 11:13 - 2014-03-23 14:28 - 00000000 ____D () C:\Users\Greg\Desktop\pIKKß
2014-03-21 12:27 - 2014-04-09 00:07 - 00005552 _____ () C:\Windows\system32\SecureAssist.ini
2014-03-21 12:27 - 2014-04-09 00:07 - 00002504 _____ () C:\Windows\SysWOW64\SecureAssistOff.ini
2014-03-21 12:27 - 2014-04-09 00:07 - 00002504 _____ () C:\Windows\system32\SecureAssistOff.ini
2014-03-21 12:27 - 2014-03-21 12:27 - 00005696 _____ () C:\Windows\SysWOW64\SecureAssist.ini
2014-03-21 11:46 - 2014-03-21 11:46 - 00152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2014-03-14 16:52 - 2014-04-10 16:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-14 16:52 - 2014-03-14 16:56 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 20:43 - 2014-03-13 20:43 - 00000000 ____D () C:\Users\Greg\AppData\Local\gtk-2.0
2014-03-13 20:42 - 2014-03-13 20:45 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\banshee-1
2014-03-13 20:42 - 2014-03-13 20:42 - 00000000 ____D () C:\Users\Greg\Documents\.cache
2014-03-13 20:34 - 2014-03-13 20:34 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\MusicBrainz
2014-03-13 20:34 - 2014-03-13 20:34 - 00000000 ____D () C:\Users\Greg\AppData\Local\cache
==================== One Month Modified Files and Folders =======
2014-04-10 16:34 - 2014-04-10 16:33 - 00000000 ____D () C:\FRST
2014-04-10 16:32 - 2014-04-10 16:32 - 00000540 _____ () C:\Users\Greg\Desktop\defogger_disable.log
2014-04-10 16:32 - 2014-04-10 16:32 - 00000168 _____ () C:\Users\Greg\defogger_reenable
2014-04-10 16:32 - 2013-02-11 05:56 - 00000000 ____D () C:\Users\Greg
2014-04-10 16:26 - 2014-04-10 16:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-10 16:26 - 2013-02-11 11:58 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Mozilla
2014-04-10 16:26 - 2013-02-11 11:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-10 16:20 - 2009-07-14 07:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-10 16:19 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-10 16:19 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-10 16:17 - 2014-04-10 16:17 - 00000000 ____D () C:\Program Files\Windows8FirewallControl
2014-04-10 16:15 - 2012-09-18 00:11 - 01402701 _____ () C:\Windows\WindowsUpdate.log
2014-04-10 16:13 - 2013-07-13 10:10 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Dropbox
2014-04-10 16:13 - 2012-09-18 00:14 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-04-10 16:11 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-10 16:11 - 2009-07-14 06:51 - 00129801 _____ () C:\Windows\setupact.log
2014-04-10 16:03 - 2014-03-14 16:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-10 14:56 - 2014-04-10 14:56 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-10 14:50 - 2014-04-10 14:50 - 00000000 ____D () C:\Windows\ERUNT
2014-04-10 14:45 - 2014-04-10 12:59 - 00000000 ____D () C:\AdwCleaner
2014-04-10 14:27 - 2014-04-10 13:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-10 14:17 - 2014-04-04 22:07 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-04-10 14:17 - 2011-08-28 10:59 - 00495880 _____ () C:\Windows\PFRO.log
2014-04-10 13:13 - 2014-04-10 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 13:13 - 2014-04-10 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-10 13:13 - 2014-04-10 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Greg\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-10 13:11 - 2014-04-10 13:11 - 00613200 _____ (Chip Digital GmbH) C:\Users\Greg\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-04-10 13:10 - 2013-02-14 14:06 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\vlc
2014-04-10 13:03 - 2014-01-25 17:09 - 00000000 ___RD () C:\Users\Greg\Dropbox
2014-04-10 12:58 - 2014-04-10 12:58 - 01426178 _____ () C:\Users\Greg\Downloads\adwcleaner.exe
2014-04-10 12:31 - 2014-04-10 12:13 - 00000000 ____D () C:\Users\Greg\AppData\Local\Avg2014
2014-04-10 12:29 - 2014-04-10 12:13 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-10 12:28 - 2014-04-10 12:15 - 00000000 ____D () C:\Program Files (x86)\AVG2014
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ___HD () C:\$AVG
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\TuneUp Software
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\AVG2014
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-10 12:13 - 2014-04-10 12:13 - 00000000 ____D () C:\Users\Greg\AppData\Local\MFAData
2014-04-10 12:07 - 2013-03-22 22:20 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-04-10 12:03 - 2014-04-10 12:03 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Auslogics
2014-04-10 00:15 - 2013-02-14 15:39 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Thunderbird
2014-04-10 00:12 - 2014-04-09 00:02 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\zebNet
2014-04-09 00:12 - 2014-04-09 00:12 - 00000000 ____D () C:\Program Files (x86)\zebNet® Thunderbird Backup 2012
2014-04-09 00:12 - 2014-04-08 23:59 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-09 00:07 - 2014-03-21 12:27 - 00005552 _____ () C:\Windows\system32\SecureAssist.ini
2014-04-09 00:07 - 2014-03-21 12:27 - 00002504 _____ () C:\Windows\SysWOW64\SecureAssistOff.ini
2014-04-09 00:07 - 2014-03-21 12:27 - 00002504 _____ () C:\Windows\system32\SecureAssistOff.ini
2014-04-09 00:05 - 2014-04-09 00:05 - 00000000 ____D () C:\Program Files\003
2014-04-09 00:00 - 2013-02-14 15:39 - 00000000 ____D () C:\Users\Greg\AppData\Local\Thunderbird
2014-04-09 00:00 - 2013-02-14 15:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-08 23:59 - 2014-04-08 23:59 - 00001162 _____ () C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\zebNet® Backup for Thunderbird® TNG.lnk
2014-04-08 23:59 - 2014-04-08 23:59 - 00000000 ____D () C:\ProgramData\zebNet
2014-04-08 23:59 - 2014-04-08 23:59 - 00000000 ____D () C:\Program Files\zebNet
2014-04-08 23:55 - 2014-04-08 23:55 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2014-04-08 18:51 - 2012-09-18 00:14 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-04-08 16:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-08 16:05 - 2014-04-08 23:55 - 00000830 _____ () C:\Users\Greg\Documents\indexfile.txt
2014-04-05 00:29 - 2014-04-05 00:29 - 00000000 ____D () C:\Users\Greg\.android
2014-04-04 23:07 - 2014-04-04 23:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-04-04 22:42 - 2014-04-04 22:07 - 00000000 ____D () C:\usb_driver
2014-04-04 22:31 - 2014-04-04 22:07 - 00067680 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusb0.dll
2014-04-04 22:31 - 2014-04-04 22:07 - 00052320 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusb0.sys
2014-04-04 22:19 - 2014-04-04 22:07 - 00238176 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusbK.dll
2014-04-04 22:19 - 2014-04-04 22:07 - 00170080 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusbK.dll
2014-04-04 22:19 - 2014-04-04 22:07 - 00076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusb0.dll
2014-04-04 22:19 - 2014-04-04 22:07 - 00047200 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusbK.sys
2014-04-04 22:07 - 2014-04-04 22:07 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2014-04-04 22:07 - 2014-04-04 22:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-04-04 22:07 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-04 21:55 - 2014-04-04 21:55 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-04-04 21:54 - 2014-04-04 21:54 - 00000000 ____D () C:\ProgramData\Samsung
2014-04-04 21:26 - 2014-04-04 21:26 - 00000000 ____D () C:\Users\Greg\AppData\Local\Downloaded Installations
2014-04-04 21:18 - 2014-04-04 21:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-03 09:51 - 2014-04-10 13:13 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-10 13:13 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-10 13:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 06:49 - 2014-04-05 00:31 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-03-31 06:49 - 2014-04-04 23:03 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2014-03-31 06:49 - 2014-04-04 23:03 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2014-03-31 06:49 - 2014-04-04 23:03 - 00109056 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00188232 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdm.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00169288 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadbus.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00158024 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadserd.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00021320 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdfl.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwhnt.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwh.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcmnt.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcm.sys
2014-03-30 23:03 - 2013-02-14 14:08 - 00000000 ____D () C:\Users\Greg\AppData\Local\QuickPar
2014-03-30 22:31 - 2013-02-11 12:12 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\GrabIt
2014-03-27 11:36 - 2013-03-07 22:20 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\dvdcss
2014-03-25 21:52 - 2014-03-25 21:52 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\MPC-HC
2014-03-25 21:51 - 2014-03-25 21:51 - 00000000 ____D () C:\Program Files (x86)\Combined Community Codec Pack
2014-03-23 14:28 - 2014-03-22 11:13 - 00000000 ____D () C:\Users\Greg\Desktop\pIKKß
2014-03-21 12:27 - 2014-03-21 12:27 - 00005696 _____ () C:\Windows\SysWOW64\SecureAssist.ini
2014-03-21 11:46 - 2014-03-21 11:46 - 00152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2014-03-14 16:56 - 2014-03-14 16:52 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-14 16:56 - 2013-03-13 13:25 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-14 16:56 - 2013-03-13 13:25 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-13 20:45 - 2014-03-13 20:42 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\banshee-1
2014-03-13 20:43 - 2014-03-13 20:43 - 00000000 ____D () C:\Users\Greg\AppData\Local\gtk-2.0
2014-03-13 20:42 - 2014-03-13 20:42 - 00000000 ____D () C:\Users\Greg\Documents\.cache
2014-03-13 20:34 - 2014-03-13 20:34 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\MusicBrainz
2014-03-13 20:34 - 2014-03-13 20:34 - 00000000 ____D () C:\Users\Greg\AppData\Local\cache
2014-03-12 16:00 - 2014-04-09 00:07 - 00338120 _____ (SecureAssist) C:\Windows\system32\SecureAssist64.dll
Some content of TEMP:
====================
C:\Users\Greg\AppData\Local\Temp\amazonicon.exe
C:\Users\Greg\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Greg\AppData\Local\Temp\CMInstaller.exe
C:\Users\Greg\AppData\Local\Temp\Quarantine.exe
C:\Users\Greg\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Greg\AppData\Local\Temp\SpOrder.dll
C:\Users\Greg\AppData\Local\Temp\VSUSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-10 13:35
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Greg at 2014-04-10 16:34:27
Running from C:\Users\Greg\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DOT3Q6KK
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
7-Zip 9.30 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0930-000001000000}) (Version: 9.30.00.0 - Igor Pavlov)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.02) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0014 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.1 - ASUS)
ASUS PWR Option (HKLM-x32\...\{B7B60C4F-0DB8-42EF-8EDC-5F21D4C2D73F}) (Version: 1.2.1 - ASUS)
ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0009 - ASUS)
ASUS_Scr_ZenbookPrime (HKLM-x32\...\ASUS_Scr_ZenbookPrime) (Version: 1.0.0001 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0020 - ASUS)
AutoUnpack 4.5.2 (HKLM-x32\...\AutoUnpack_is1) (Version: - )
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4355 - AVG Technologies)
AVG 2014 (Version: 14.0.3882 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4355 - AVG Technologies) Hidden
AX88772B Windows 7 Drivers (HKLM-x32\...\InstallShield_{54A168C9-2250-4058-80EB-1F4A4192548A}) (Version: 1.0.2.0 - ASIX Electronics Corporation)
AX88772B Windows 7 Drivers (x32 Version: 1.0.2.0 - ASIX Electronics Corporation) Hidden
Caesar 3 (HKLM-x32\...\Caesar 3_is1) (Version: - GOG.com)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
CM Installer (HKLM-x32\...\{E8F42777-958D-4C14-9A42-8DCA1929FD26}) (Version: 1.0.0.0 - Cyanogen Inc.)
Combined Community Codec Pack 2014-03-09 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.03.09.0 - CCCP Project)
CrystalDiskInfo 5.4.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.4.2 - Crystal Dew World)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ETDWare PS/2-X64 10.5.9.0 (HKLM\...\Elantech) (Version: 10.5.9.0 - ELAN Microelectronic Corp.)
Free Video Call Recorder for Skype version 1.2.3.827 (HKLM-x32\...\Free Video Call Recorder for Skype_is1) (Version: 1.2.3.827 - DVDVideoSoft Ltd.)
GrabIt 1.7.2 Beta 6 (build 1008) (HKLM-x32\...\GrabIt_is1) (Version: - Ilan Shemes)
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.3.2 - ASUS)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Dynamic Platform & Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.1.1067 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{90F00673-A276-4A58-B675-B426D39D1E09}) (Version: 15.3.0.0398 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0153 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1024 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}) (Version: 3.0.13.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{ECE5B218-A086-4E18-A362-D11181681457}) (Version: 15.03.1000.1637 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Joe (HKLM-x32\...\{F8C986EA-13F8-4B39-91C3-A6B9A851CD34}) (Version: 4.01.0000 - Wirth IT Design)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Garage Mouse without Borders (HKLM-x32\...\{D3BC954F-D661-474C-B367-30EB6E56542E}) (Version: 2.1.2.1212 - Microsoft Garage)
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}) (Version: - )
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 22.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 22.0 (x86 de)) (Version: 22.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 22.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Rayman 2 (HKLM-x32\...\Rayman 2_is1) (Version: - GOG.com)
Rayman 2: The Great Escape GOG Edition (HKLM\...\{0e82bf4c-b906-4635-a97e-6a9740686b33}.sdb) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6608 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
Reference Manager 12 Professional Edition (HKLM-x32\...\{8BCAC105-C501-41F9-AED1-587024ABCA8C}) (Version: 12.0.3.3262 - Thomson Reuters)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.42.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.11.13348 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Stellarium 0.12.1 (HKLM\...\Stellarium_is1) (Version: 0.12.1 - Stellarium team)
suprasavings (HKLM\...\suprasavings) (Version: 2.0.1 - suprasavings)
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden
SupraSavings (x32 Version: 1.0.0.0 - SupraSavings) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows8FirewallControl (x64) 6.1.9.53 (HKLM\...\Windows8FirewallControl_is1) (Version: 6.1.9.53 - Sphinx Software)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.27 - ASUS)
Wise Registry Cleaner 7.65 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: - WiseCleaner.com, Inc.)
zebNet® Backup for Thunderbird® TNG 4.0.3.6 (HKLM\...\{252C8AFD-9F76-492C-8075-FEA02AC712E6}) (Version: 4.0.3.6 - zebNet® Ltd)
zebNet® Thunderbird Backup 2012 3.4.20 (HKLM\...\{C56ED89A-ADA0-4CAD-80AF-7E22AD3FE66D}) (Version: 3.4.20 - zebNet® Ltd)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:34 - 2013-02-11 23:09 - 00005810 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.40
127.0.0.1 192.150.8.100
127.0.0.1 192.150.8.118
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 crl.verisign.net
127.0.0.1 CRL.VERISIGN.NET.*
127.0.0.1 ereg.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 ereg.wip.adobe.com
127.0.0.1 ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 ereg.wip4.adobe.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 ood.opsource.net
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe.*
127.0.0.1 practivate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 practivate.adobe.ipp
127.0.0.1 practivate.adobe.newoa
127.0.0.1 practivate.adobe.ntp
127.0.0.1 tss-geotrust-crl.thawte.com
127.0.0.1 wip.adobe.com
127.0.0.1 wip1.adobe.com
127.0.0.1 wip2.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wip4.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
==================== Scheduled Tasks (whitelisted) =============
Task: {08668315-17CF-411C-B9BA-835A5E420DCF} - System32\Tasks\Secure Delete => C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe [2011-11-28] ()
Task: {25DA7FC5-6397-4998-B92A-3B3FB4D8514B} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-02-16] (ASUS)
Task: {3E7B422A-3F36-42C1-AA17-BCCD05B4B3A4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {492173E0-4A3F-4653-A3D4-75E9569B71A3} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {5D80DACF-DDFD-49F3-AFBB-C6A6DE67666F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {67473FE2-DADF-4867-ACD5-8CA8651EF76A} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-25] (ASUSTek Computer Inc.)
Task: {705F2FDA-C0C0-4D2C-9678-1A3F069EDC78} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-14] (Adobe Systems Incorporated)
Task: {835C2E8C-5324-4BCD-9708-763ABC9D0AAD} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {9AA1CC86-371F-4AFE-BFF5-F6FCB933F6B7} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {A0561424-CC51-4FF5-A035-5F8E7BAD9774} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {A414D2F6-49AC-4891-B16F-5082788D3344} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2012-02-17] (ASUSTek Computer Inc.)
Task: {B430CCC3-4277-433C-A28E-12AB5E4575D4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Loaded Modules (whitelisted) =============
2012-04-30 10:10 - 2012-02-20 05:31 - 00018944 _____ () C:\Windows\SysWOW64\DptfParticipantProcessorService.exe
2012-04-30 10:10 - 2012-02-20 05:31 - 00019968 _____ () C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe
2012-09-18 00:14 - 2012-02-21 21:29 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2013-10-04 11:35 - 2012-01-17 18:49 - 00270672 _____ () C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
2014-04-09 00:05 - 2014-04-09 00:05 - 00706560 _____ () C:\Program Files\003\xmkysecqun64.exe
2011-11-28 18:58 - 2011-11-28 18:58 - 00556976 _____ () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-04-30 10:09 - 2012-04-02 10:27 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-03-13 13:07 - 2012-03-13 13:07 - 00074752 _____ () C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Symlib.dll
2013-10-04 11:35 - 2012-01-17 18:49 - 00153424 _____ () C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
2014-04-10 16:32 - 2014-04-10 16:32 - 00050477 _____ () C:\Users\Greg\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F6L2U10S\Defogger.exe
2012-12-28 10:44 - 2012-12-28 10:44 - 00039648 _____ () C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MousewithoutBordersHelper.exe
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Greg\AppData\Roaming\Dropbox\bin\libcef.dll
2012-01-31 18:25 - 2012-01-31 18:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2012-09-18 00:14 - 2012-02-21 21:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:07BF512B
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^Users^Greg^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^slimKEYS.lnk => C:\Windows\pss\slimKEYS.lnk.Startup
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
==================== Faulty Device Manager Devices =============
Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/10/2014 04:17:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/10/2014 04:17:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/10/2014 04:14:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/10/2014 04:14:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/10/2014 04:13:49 PM) (Source: Application Error) (User: )
Description: Faulting application name: obexsrv.exe, version: 2.0.0.128, time stamp: 0x4ed5d3d0
Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp: 0x4ce7ba58
Exception code: 0xc0000005
Fault offset: 0x000332ff
Faulting process id: 0xb14
Faulting application start time: 0xobexsrv.exe0
Faulting application path: obexsrv.exe1
Faulting module path: obexsrv.exe2
Report Id: obexsrv.exe3
Error: (04/10/2014 04:12:09 PM) (Source: Application Error) (User: )
Description: Faulting application name: ss_conn_service.exe, version: 2.3.1.0, time stamp: 0x5305caea
Faulting module name: ss_conn_service.exe, version: 2.3.1.0, time stamp: 0x5305caea
Exception code: 0x40000015
Fault offset: 0x0005fbf6
Faulting process id: 0xbb8
Faulting application start time: 0xss_conn_service.exe0
Faulting application path: ss_conn_service.exe1
Faulting module path: ss_conn_service.exe2
Report Id: ss_conn_service.exe3
Error: (04/10/2014 04:10:14 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\Revo Uninstaller\Revouninstaller.exe Files (x86)\Revo Uninstaller\Revouninstaller.exe" ; Description = Revo Uninstaller's restore point - Mozilla Firefox 28.0 (x86 de); Error = 0x80070422).
Error: (04/10/2014 04:09:06 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\Revo Uninstaller\Revouninstaller.exe Files (x86)\Revo Uninstaller\Revouninstaller.exe" ; Description = Revo Uninstaller's restore point - ISI ResearchSoft - Export Helper; Error = 0x80070422).
System errors:
=============
Error: (04/10/2014 04:13:49 PM) (Source: Service Control Manager) (User: )
Description: The Bluetooth OBEX Service service terminated unexpectedly. It has done this 1 time(s).
Error: (04/10/2014 04:12:09 PM) (Source: Service Control Manager) (User: )
Description: The SAMSUNG Mobile Connectivity Service service terminated unexpectedly. It has done this 1 time(s).
Error: (04/10/2014 04:03:52 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
Error: (04/10/2014 04:17:57 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Greg\Desktop\esetsmartinstaller_deu.exe
Error: (04/10/2014 04:17:54 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Greg\Desktop\esetsmartinstaller_deu.exe
Error: (04/10/2014 04:14:54 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Greg\Desktop\esetsmartinstaller_deu.exe
Error: (04/10/2014 04:14:52 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Greg\Desktop\esetsmartinstaller_deu.exe
Error: (04/10/2014 04:13:49 PM) (Source: Application Error)(User: )
Description: obexsrv.exe2.0.0.1284ed5d3d0ntdll.dll6.1.7601.175144ce7ba58c0000005000332ffb1401cf54c6d319f317C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeC:\Windows\SysWOW64\ntdll.dll5567aba4-c0ba-11e3-b2d8-c485082b1ec9
Error: (04/10/2014 04:12:09 PM) (Source: Application Error)(User: )
Description: ss_conn_service.exe2.3.1.05305caeass_conn_service.exe2.3.1.05305caea400000150005fbf6bb801cf54c6d3013a9aC:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exeC:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe19cc8f93-c0ba-11e3-b2d8-c485082b1ec9
Error: (04/10/2014 04:10:14 PM) (Source: System Restore)(User: )
Description: C:\Program Files (x86)\Revo Uninstaller\Revouninstaller.exe Files (x86)\Revo Uninstaller\Revouninstaller.exe" Revo Uninstaller's restore point - Mozilla Firefox 28.0 (x86 de)0x80070422
Error: (04/10/2014 04:09:06 PM) (Source: System Restore)(User: )
Description: C:\Program Files (x86)\Revo Uninstaller\Revouninstaller.exe Files (x86)\Revo Uninstaller\Revouninstaller.exe" Revo Uninstaller's restore point - ISI ResearchSoft - Export Helper0x80070422
CodeIntegrity Errors:
===================================
Date: 2013-02-11 11:01:21.272
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Greg\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-02-11 11:01:21.257
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Greg\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-02-11 11:01:21.241
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Everest Home\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-02-11 11:01:21.226
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Everest Home\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 43%
Total physical RAM: 3981.93 MB
Available physical RAM: 2239.12 MB
Total Pagefile: 7962.05 MB
Available Pagefile: 5876.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:104.7 GB) (Free:52.34 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (UDISK 2.0) (Removable) (Total:0.96 GB) (Free:0.89 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119 GB) (Disk ID: D89D9D33)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 984 MB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
Und dann während des Scans nochmal diesselbe Meldung. Direkt danach dann noch die hier: C:\\Users\Greg\ntuser.dat: The process cannot access the file because it is being used by another process. GMER.txt: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-04-10 16:54:55
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 ADATA_XM rev.5.0. 119,24GB
Running: Gmer-19357.exe; Driver: C:\Users\Greg\AppData\Local\Temp\uxdyypog.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\services.exe[816] C:\Windows\system32\kernel32.dll!SetFileCompletionNotificationModes 0000000076b70550 14 bytes {JMP QWORD [RIP+0x0]}
.text C:\Windows\system32\svchost.exe[1092] C:\Windows\system32\kernel32.dll!SetFileCompletionNotificationModes 0000000076b70550 14 bytes {JMP QWORD [RIP+0x0]}
.text C:\Windows\system32\svchost.exe[1260] C:\Windows\system32\kernel32.dll!SetFileCompletionNotificationModes 0000000076b70550 14 bytes {JMP QWORD [RIP+0x0]}
.text C:\Windows\system32\svchost.exe[2016] C:\Windows\system32\kernel32.dll!SetFileCompletionNotificationModes 0000000076b70550 14 bytes {JMP QWORD [RIP+0x0]}
.text C:\Program Files\003\xmkysecqun64.exe[2608] C:\Windows\system32\kernel32.dll!SetFileCompletionNotificationModes 0000000076b70550 14 bytes {JMP QWORD [RIP+0x0]}
.text C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe[4092] C:\Windows\system32\KERNEL32.dll!SetFileCompletionNotificationModes 0000000076b70550 14 bytes {JMP QWORD [RIP+0x0]}
.text C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe[3296] C:\Windows\system32\KERNEL32.dll!SetFileCompletionNotificationModes 0000000076b70550 14 bytes {JMP QWORD [RIP+0x0]}
.text C:\Windows\AsScrPro.exe[1756] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075f11465 2 bytes [F1, 75]
.text C:\Windows\AsScrPro.exe[1756] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075f114bb 2 bytes [F1, 75]
.text ... * 2
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[2128] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075f11465 2 bytes [F1, 75]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[2128] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075f114bb 2 bytes [F1, 75]
.text ... * 2
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5304] C:\Windows\system32\kernel32.dll!SetFileCompletionNotificationModes 0000000076b70550 14 bytes {JMP QWORD [RIP+0x0]}
.text C:\Program Files\Windows8FirewallControl\Windows8FirewallService.exe[2204] C:\Windows\system32\kernel32.dll!SetFileCompletionNotificationModes 0000000076b70550 14 bytes {JMP QWORD [RIP+0x0]}
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\services.exe [816:3772] 00000000018ff430
Thread C:\Windows\system32\services.exe [816:3776] 00000000018ff430
Thread C:\Windows\system32\services.exe [816:3780] 00000000018ff430
Thread C:\Windows\system32\services.exe [816:3784] 00000000018ff430
Thread C:\Windows\system32\services.exe [816:3792] 000000000191dc30
Thread C:\Windows\system32\services.exe [816:3956] 000000000191dc30
Thread C:\Windows\system32\svchost.exe [1092:1132] 000000000017f430
Thread C:\Windows\system32\svchost.exe [1092:1136] 000000000017f430
Thread C:\Windows\system32\svchost.exe [1092:1140] 000000000017f430
Thread C:\Windows\system32\svchost.exe [1092:1144] 000000000017f430
Thread C:\Windows\system32\svchost.exe [1092:1152] 000000000019dc30
Thread C:\Windows\system32\svchost.exe [1260:1936] 00000000015df430
Thread C:\Windows\system32\svchost.exe [1260:1940] 00000000015df430
Thread C:\Windows\system32\svchost.exe [1260:1944] 00000000015df430
Thread C:\Windows\system32\svchost.exe [1260:1948] 00000000015df430
Thread C:\Windows\system32\svchost.exe [1260:1956] 00000000015fdc30
Thread C:\Windows\system32\svchost.exe [1260:1076] 00000000015fdc30
Thread C:\Windows\System32\spoolsv.exe [1984:4792] 00000000025cf430
Thread C:\Windows\System32\spoolsv.exe [1984:4796] 00000000025cf430
Thread C:\Windows\System32\spoolsv.exe [1984:4800] 00000000025cf430
Thread C:\Windows\System32\spoolsv.exe [1984:4804] 00000000025cf430
Thread C:\Windows\system32\svchost.exe [2016:4460] 000000000142f430
Thread C:\Windows\system32\svchost.exe [2016:4464] 000000000142f430
Thread C:\Windows\system32\svchost.exe [2016:4468] 000000000142f430
Thread C:\Windows\system32\svchost.exe [2016:4472] 000000000142f430
Thread C:\Windows\system32\svchost.exe [2016:4480] 000000000144dc30
Thread C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe [4092:1728] 000000000057f430
Thread C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe [4092:1716] 000000000057f430
Thread C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe [4092:1692] 000000000057f430
Thread C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe [4092:1588] 000000000057f430
Thread C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe [4092:3700] 000000000059dc30
Thread C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe [4092:3688] 000000000059dc30
Thread C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe [3296:1732] 00000000006af430
Thread C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe [3296:1700] 00000000006af430
Thread C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe [3296:1696] 00000000006af430
Thread C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe [3296:3664] 00000000006af430
Thread C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe [3296:3708] 00000000006cdc30
Thread C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe [3296:3692] 00000000006cdc30
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5304:3204] 0000000001f3f430
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5304:3220] 0000000001f3f430
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5304:2860] 0000000001f3f430
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5304:4144] 0000000001f3f430
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5304:6004] 0000000001f5dc30
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5304:2068] 0000000001f5dc30
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Es läuft eine geupdatete Win 7 x64 Version, AVG-Antivirus (kostenlos) und Windows8 FirewallControl. Viele Grüße, -zabbn- |
|
09.04.2014, 16:43
| #2 |
| /// the machine /// TB-Ausbilder    | Win 7: Mozilla öffnet keine Seiten: Iminent-Adware/Virus/Toolbar Hi,
__________________erstmal wird das gecrackte Adobe komplett gelöscht, dann kümmern wir uns um die Malware 
__________________ |
|
09.04.2014, 16:58
| #3 |
| | Win 7: Mozilla öffnet keine Seiten: Iminent-Adware/Virus/Toolbar eieiei, ist passiert... Nutze ich ja sowieso nie, von einem Fruend installiert usw. ...
__________________Soll ich neue logfiles posten? EDIT: Habe gerade festgestellt, dass Thunderbird auch nicht auf das Internet zugreifen kann. Vielleicht kann deswegen ESET auch nicht updaten... Geändert von zabbn (09.04.2014 um 17:09 Uhr) |
|
10.04.2014, 12:41
| #4 |
| /// the machine /// TB-Ausbilder | Win 7: Mozilla öffnet keine Seiten: Iminent-Adware/Virus/Toolbar Frische FRST logs bitte. Und: Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool Setze einen Haken bei folgenden Einträgen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.04.2014, 15:24
| #5 |
| | Win 7: Mozilla öffnet keine Seiten: Iminent-Adware/Virus/Toolbar FRST.txt: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 28 days old and could be outdated)
Ran by Greg (administrator) on ZENBOOKG on 10-04-2014 16:17:38
Running from C:\Users\Greg\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG2014\avgcsrva.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Sphinx Software) C:\Program Files\Windows8FirewallControl\Windows8FirewallService.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG2014\avgwdsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
() C:\Windows\SysWOW64\DptfParticipantProcessorService.exe
() C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG2014\avgnsa.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG2014\avgemca.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
() C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
() C:\Program Files\003\xmkysecqun64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
() C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sphinx Software) C:\Program Files\Windows8FirewallControl\Windows8FirewallControl.exe
(Dropbox, Inc.) C:\Users\Greg\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Windows\AsScrPro.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG2014\avgui.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_77_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Farbar) C:\Users\Greg\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QZTE4EAK\MiniToolBox.exe
() C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MousewithoutBordersHelper.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12460136 2012-03-29] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] - C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11407120 2012-03-27] (Intel Corporation)
HKLM\...\Run: [Windows8FirewallControl] - C:\Program Files\Windows8FirewallControl\Windows8FirewallControl.exe [1205248 2013-09-30] (Sphinx Software)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-03] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] - C:\Windows\AsScrPro.exe [3058304 2012-09-18] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UIExec] - C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe [153424 2012-01-17] ()
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Greg\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://duckduckgo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Adobe\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Adobe\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 16 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9-x64 01 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 02 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 03 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 04 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 16 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\luzyy51h.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
==================== Services (Whitelisted) =================
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 DptfParticipantProcessorService; C:\Windows\SysWOW64\DptfParticipantProcessorService.exe [18944 2012-02-20] ()
R2 DptfPolicyConfigTDPService; C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe [19968 2012-02-20] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193536 2012-04-10] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
S2 MouseWithoutBordersSvc; C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [27872 2012-12-28] (Microsoft)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-08-23] ()
S3 RMWPService; C:\Program Files (x86)\Reference Manager 12\WebPublisher\thirdparty\Apache2\bin\RMWP_Apache_Admin.exe [20537 2004-01-28] (Apache Software Foundation)
S2 SkypeUpdate; C:\Program Files (x86)\Adobe\Skype\Updater\Updater.exe [171680 2013-09-05] (Skype Technologies)
S2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [728328 2014-03-31] (DEVGURU Co., LTD.)
R2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [270672 2012-01-17] ()
R2 Windows8FirewallService; C:\Program Files\Windows8FirewallControl\Windows8FirewallService.exe [3806720 2013-09-30] (Sphinx Software)
R2 xmkysecqun64; C:\Program Files\003\xmkysecqun64.exe [706560 2014-04-09] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R0 assd; C:\Windows\System32\Drivers\assd.sys [27056 2011-10-29] (ASUS Corporation)
S3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2011-12-21] (Windows (R) Win 7 DDK provider)
S3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2011-11-08] (Windows (R) Win 7 DDK provider)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 AX88772B; C:\Windows\System32\DRIVERS\ax88772b.sys [110592 2012-04-05] (ASIX Electronics Corp.)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R3 DptfDevDram; C:\Windows\System32\DRIVERS\DptfDevDram.sys [107288 2012-02-20] (Intel Corporation)
R3 DptfDevFan; C:\Windows\System32\DRIVERS\DptfDevFan.sys [42776 2012-02-20] (Intel Corporation)
R3 DptfDevGen; C:\Windows\System32\DRIVERS\DptfDevGen.sys [64792 2012-02-20] (Intel Corporation)
R3 DptfDevPch; C:\Windows\System32\DRIVERS\DptfDevPch.sys [96024 2012-02-20] (Intel Corporation)
R3 DptfDevProc; C:\Windows\System32\DRIVERS\DptfDevProc.sys [220952 2012-02-20] (Intel Corporation)
R3 DptfManager; C:\Windows\System32\DRIVERS\DptfManager.sys [357656 2012-02-20] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-25] (DT Soft Ltd)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-04-10] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2014-04-04] (hxxp://libusb-win32.sourceforge.net)
S3 libusbK; C:\Windows\System32\DRIVERS\libusbK.sys [47200 2014-04-04] (hxxp://libusb-win32.sourceforge.net)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U3 DfSdkS;
S3 DIRECTIO; \??\c:\BIT_TEMP\DirectIo.sys [X]
S3 vpnva; system32\DRIVERS\vpnva64.sys [X]
U3 uxdyypog; \??\C:\Users\Greg\AppData\Local\Temp\uxdyypog.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-10 16:36 - 2014-04-10 16:36 - 00380416 _____ () C:\Users\Greg\Downloads\Gmer-19357.exe
2014-04-10 16:33 - 2014-04-10 16:17 - 00000000 ____D () C:\FRST
2014-04-10 16:32 - 2014-04-10 16:32 - 00000168 _____ () C:\Users\Greg\defogger_reenable
2014-04-10 16:26 - 2014-04-10 16:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-10 16:17 - 2014-04-10 16:17 - 00000000 ____D () C:\Program Files\Windows8FirewallControl
2014-04-10 16:14 - 2014-04-10 16:17 - 00017180 _____ () C:\Users\Greg\Downloads\FRST.txt
2014-04-10 16:14 - 2014-04-10 16:14 - 02157056 _____ (Farbar) C:\Users\Greg\Downloads\FRST64.exe
2014-04-10 14:56 - 2014-04-10 14:56 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-10 14:50 - 2014-04-10 14:50 - 00000000 ____D () C:\Windows\ERUNT
2014-04-10 13:13 - 2014-04-10 16:49 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-10 13:13 - 2014-04-10 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 13:13 - 2014-04-10 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-10 13:13 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-10 13:13 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-10 13:13 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-10 13:12 - 2014-04-10 13:13 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Greg\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-10 13:11 - 2014-04-10 13:11 - 00613200 _____ (Chip Digital GmbH) C:\Users\Greg\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-04-10 12:59 - 2014-04-10 14:45 - 00000000 ____D () C:\AdwCleaner
2014-04-10 12:58 - 2014-04-10 12:58 - 01426178 _____ () C:\Users\Greg\Downloads\adwcleaner.exe
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ___HD () C:\$AVG
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\TuneUp Software
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\AVG2014
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-10 12:15 - 2014-04-10 12:28 - 00000000 ____D () C:\Program Files (x86)\AVG2014
2014-04-10 12:13 - 2014-04-10 16:11 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-10 12:13 - 2014-04-10 12:31 - 00000000 ____D () C:\Users\Greg\AppData\Local\Avg2014
2014-04-10 12:13 - 2014-04-10 12:13 - 00000000 ____D () C:\Users\Greg\AppData\Local\MFAData
2014-04-10 12:03 - 2014-04-10 12:03 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Auslogics
2014-04-09 00:12 - 2014-04-09 00:12 - 00000000 ____D () C:\Program Files (x86)\zebNet® Thunderbird Backup 2012
2014-04-09 00:12 - 2012-02-22 00:12 - 00069632 _____ (S.A.Dittrich) C:\Windows\SysWOW64\cXPIBrowser.ocx
2014-04-09 00:12 - 2011-12-07 21:38 - 00126976 ____N (S.A.Dittrich) C:\Windows\SysWOW64\cXPINET.ocx
2014-04-09 00:12 - 2011-09-25 23:24 - 00061440 ____N (ASX) C:\Windows\SysWOW64\cXPIInternet.ocx
2014-04-09 00:12 - 2011-09-25 23:22 - 00196608 ____N (ASX) C:\Windows\SysWOW64\CXPICOMCTL.OCX
2014-04-09 00:12 - 2005-04-15 20:58 - 01351392 ____N (Microsoft Corporation) C:\Windows\SysWOW64\COMCTL32.OCX
2014-04-09 00:07 - 2014-03-12 16:00 - 00338120 _____ (SecureAssist) C:\Windows\system32\SecureAssist64.dll
2014-04-09 00:05 - 2014-04-09 00:05 - 00000000 ____D () C:\Program Files\003
2014-04-09 00:02 - 2014-04-10 00:12 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\zebNet
2014-04-08 23:59 - 2014-04-09 00:12 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-08 23:59 - 2014-04-08 23:59 - 00001162 _____ () C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\zebNet® Backup for Thunderbird® TNG.lnk
2014-04-08 23:59 - 2014-04-08 23:59 - 00000000 ____D () C:\ProgramData\zebNet
2014-04-08 23:59 - 2014-04-08 23:59 - 00000000 ____D () C:\Program Files\zebNet
2014-04-08 23:55 - 2014-04-08 23:55 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2014-04-08 23:55 - 2014-04-08 16:05 - 00000830 _____ () C:\Users\Greg\Documents\indexfile.txt
2014-04-05 00:31 - 2014-03-31 06:49 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00188232 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdm.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00169288 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadbus.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00158024 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadserd.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00021320 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdfl.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwhnt.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwh.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcmnt.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcm.sys
2014-04-05 00:29 - 2014-04-05 00:29 - 00000000 ____D () C:\Users\Greg\.android
2014-04-04 23:07 - 2014-04-04 23:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-04-04 23:03 - 2014-03-31 06:49 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2014-04-04 23:03 - 2014-03-31 06:49 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2014-04-04 23:03 - 2014-03-31 06:49 - 00109056 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-04-04 22:07 - 2014-04-10 14:17 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-04-04 22:07 - 2014-04-04 22:42 - 00000000 ____D () C:\usb_driver
2014-04-04 22:07 - 2014-04-04 22:31 - 00067680 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusb0.dll
2014-04-04 22:07 - 2014-04-04 22:31 - 00052320 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusb0.sys
2014-04-04 22:07 - 2014-04-04 22:19 - 00238176 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusbK.dll
2014-04-04 22:07 - 2014-04-04 22:19 - 00170080 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusbK.dll
2014-04-04 22:07 - 2014-04-04 22:19 - 00076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusb0.dll
2014-04-04 22:07 - 2014-04-04 22:19 - 00047200 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusbK.sys
2014-04-04 22:07 - 2014-04-04 22:07 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2014-04-04 22:07 - 2014-04-04 22:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-04-04 21:55 - 2014-04-04 21:55 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-04-04 21:54 - 2014-04-04 21:54 - 00000000 ____D () C:\ProgramData\Samsung
2014-04-04 21:26 - 2014-04-04 21:26 - 00000000 ____D () C:\Users\Greg\AppData\Local\Downloaded Installations
2014-04-04 21:18 - 2014-04-04 21:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-26 22:30 - 2013-11-20 11:26 - 55279480 _____ () C:\Users\Greg\Desktop\gardaseetour 002.tif
2014-03-25 21:52 - 2014-03-25 21:52 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\MPC-HC
2014-03-25 21:51 - 2014-03-25 21:51 - 00000000 ____D () C:\Program Files (x86)\Combined Community Codec Pack
2014-03-22 11:13 - 2014-03-23 14:28 - 00000000 ____D () C:\Users\Greg\Desktop\pIKKß
2014-03-21 12:27 - 2014-04-09 00:07 - 00005552 _____ () C:\Windows\system32\SecureAssist.ini
2014-03-21 12:27 - 2014-04-09 00:07 - 00002504 _____ () C:\Windows\SysWOW64\SecureAssistOff.ini
2014-03-21 12:27 - 2014-04-09 00:07 - 00002504 _____ () C:\Windows\system32\SecureAssistOff.ini
2014-03-21 12:27 - 2014-03-21 12:27 - 00005696 _____ () C:\Windows\SysWOW64\SecureAssist.ini
2014-03-21 11:46 - 2014-03-21 11:46 - 00152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2014-03-14 16:52 - 2014-04-10 16:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-14 16:52 - 2014-03-14 16:56 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 20:43 - 2014-03-13 20:43 - 00000000 ____D () C:\Users\Greg\AppData\Local\gtk-2.0
2014-03-13 20:42 - 2014-03-13 20:45 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\banshee-1
2014-03-13 20:42 - 2014-03-13 20:42 - 00000000 ____D () C:\Users\Greg\Documents\.cache
2014-03-13 20:34 - 2014-03-13 20:34 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\MusicBrainz
2014-03-13 20:34 - 2014-03-13 20:34 - 00000000 ____D () C:\Users\Greg\AppData\Local\cache
==================== One Month Modified Files and Folders =======
2014-04-11 13:44 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-11 13:44 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-11 13:42 - 2009-07-14 07:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-11 13:37 - 2013-07-13 10:10 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Dropbox
2014-04-11 13:37 - 2012-09-18 00:14 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-04-11 13:37 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-11 13:37 - 2009-07-14 06:51 - 00129857 _____ () C:\Windows\setupact.log
2014-04-11 13:36 - 2013-02-11 11:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-10 17:59 - 2013-03-13 13:13 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-10 17:59 - 2013-02-12 22:27 - 00000000 ____D () C:\Program Files\Adobe
2014-04-10 17:59 - 2013-02-11 12:24 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-10 17:59 - 2013-02-11 11:57 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Adobe
2014-04-10 17:47 - 2012-09-18 00:14 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-04-10 16:49 - 2014-04-10 13:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-10 16:36 - 2014-04-10 16:36 - 00380416 _____ () C:\Users\Greg\Downloads\Gmer-19357.exe
2014-04-10 16:32 - 2014-04-10 16:32 - 00000168 _____ () C:\Users\Greg\defogger_reenable
2014-04-10 16:32 - 2013-02-11 05:56 - 00000000 ____D () C:\Users\Greg
2014-04-10 16:26 - 2014-04-10 16:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-10 16:26 - 2013-02-11 11:58 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Mozilla
2014-04-10 16:17 - 2014-04-10 16:33 - 00000000 ____D () C:\FRST
2014-04-10 16:17 - 2014-04-10 16:17 - 00000000 ____D () C:\Program Files\Windows8FirewallControl
2014-04-10 16:17 - 2014-04-10 16:14 - 00017180 _____ () C:\Users\Greg\Downloads\FRST.txt
2014-04-10 16:17 - 2013-08-07 22:57 - 00000000 ____D () C:\Users\Greg\AppData\Local\CrashDumps
2014-04-10 16:14 - 2014-04-10 16:14 - 02157056 _____ (Farbar) C:\Users\Greg\Downloads\FRST64.exe
2014-04-10 16:11 - 2014-04-10 12:13 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-10 16:06 - 2014-03-14 16:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-10 16:06 - 2012-09-18 00:11 - 01406927 _____ () C:\Windows\WindowsUpdate.log
2014-04-10 14:56 - 2014-04-10 14:56 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-10 14:50 - 2014-04-10 14:50 - 00000000 ____D () C:\Windows\ERUNT
2014-04-10 14:45 - 2014-04-10 12:59 - 00000000 ____D () C:\AdwCleaner
2014-04-10 14:17 - 2014-04-04 22:07 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-04-10 14:17 - 2011-08-28 10:59 - 00495880 _____ () C:\Windows\PFRO.log
2014-04-10 13:13 - 2014-04-10 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 13:13 - 2014-04-10 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-10 13:13 - 2014-04-10 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Greg\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-10 13:11 - 2014-04-10 13:11 - 00613200 _____ (Chip Digital GmbH) C:\Users\Greg\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-04-10 13:10 - 2013-02-14 14:06 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\vlc
2014-04-10 13:03 - 2014-01-25 17:09 - 00000000 ___RD () C:\Users\Greg\Dropbox
2014-04-10 12:58 - 2014-04-10 12:58 - 01426178 _____ () C:\Users\Greg\Downloads\adwcleaner.exe
2014-04-10 12:31 - 2014-04-10 12:13 - 00000000 ____D () C:\Users\Greg\AppData\Local\Avg2014
2014-04-10 12:28 - 2014-04-10 12:15 - 00000000 ____D () C:\Program Files (x86)\AVG2014
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ___HD () C:\$AVG
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\TuneUp Software
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\AVG2014
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-10 12:13 - 2014-04-10 12:13 - 00000000 ____D () C:\Users\Greg\AppData\Local\MFAData
2014-04-10 12:07 - 2013-03-22 22:20 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-04-10 12:03 - 2014-04-10 12:03 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Auslogics
2014-04-10 00:15 - 2013-02-14 15:39 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Thunderbird
2014-04-10 00:12 - 2014-04-09 00:02 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\zebNet
2014-04-09 00:12 - 2014-04-09 00:12 - 00000000 ____D () C:\Program Files (x86)\zebNet® Thunderbird Backup 2012
2014-04-09 00:12 - 2014-04-08 23:59 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-09 00:07 - 2014-03-21 12:27 - 00005552 _____ () C:\Windows\system32\SecureAssist.ini
2014-04-09 00:07 - 2014-03-21 12:27 - 00002504 _____ () C:\Windows\SysWOW64\SecureAssistOff.ini
2014-04-09 00:07 - 2014-03-21 12:27 - 00002504 _____ () C:\Windows\system32\SecureAssistOff.ini
2014-04-09 00:05 - 2014-04-09 00:05 - 00000000 ____D () C:\Program Files\003
2014-04-09 00:00 - 2013-02-14 15:39 - 00000000 ____D () C:\Users\Greg\AppData\Local\Thunderbird
2014-04-09 00:00 - 2013-02-14 15:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-08 23:59 - 2014-04-08 23:59 - 00001162 _____ () C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\zebNet® Backup for Thunderbird® TNG.lnk
2014-04-08 23:59 - 2014-04-08 23:59 - 00000000 ____D () C:\ProgramData\zebNet
2014-04-08 23:59 - 2014-04-08 23:59 - 00000000 ____D () C:\Program Files\zebNet
2014-04-08 23:55 - 2014-04-08 23:55 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2014-04-08 16:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-08 16:05 - 2014-04-08 23:55 - 00000830 _____ () C:\Users\Greg\Documents\indexfile.txt
2014-04-05 00:29 - 2014-04-05 00:29 - 00000000 ____D () C:\Users\Greg\.android
2014-04-04 23:07 - 2014-04-04 23:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-04-04 22:42 - 2014-04-04 22:07 - 00000000 ____D () C:\usb_driver
2014-04-04 22:31 - 2014-04-04 22:07 - 00067680 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusb0.dll
2014-04-04 22:31 - 2014-04-04 22:07 - 00052320 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusb0.sys
2014-04-04 22:19 - 2014-04-04 22:07 - 00238176 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusbK.dll
2014-04-04 22:19 - 2014-04-04 22:07 - 00170080 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusbK.dll
2014-04-04 22:19 - 2014-04-04 22:07 - 00076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusb0.dll
2014-04-04 22:19 - 2014-04-04 22:07 - 00047200 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusbK.sys
2014-04-04 22:07 - 2014-04-04 22:07 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2014-04-04 22:07 - 2014-04-04 22:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-04-04 22:07 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-04 21:55 - 2014-04-04 21:55 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-04-04 21:54 - 2014-04-04 21:54 - 00000000 ____D () C:\ProgramData\Samsung
2014-04-04 21:26 - 2014-04-04 21:26 - 00000000 ____D () C:\Users\Greg\AppData\Local\Downloaded Installations
2014-04-04 21:18 - 2014-04-04 21:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-03 09:51 - 2014-04-10 13:13 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-10 13:13 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-10 13:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 06:49 - 2014-04-05 00:31 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-03-31 06:49 - 2014-04-04 23:03 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2014-03-31 06:49 - 2014-04-04 23:03 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2014-03-31 06:49 - 2014-04-04 23:03 - 00109056 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00188232 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdm.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00169288 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadbus.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00158024 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadserd.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00021320 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdfl.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwhnt.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwh.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcmnt.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcm.sys
2014-03-30 23:03 - 2013-02-14 14:08 - 00000000 ____D () C:\Users\Greg\AppData\Local\QuickPar
2014-03-30 22:31 - 2013-02-11 12:12 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\GrabIt
2014-03-27 11:36 - 2013-03-07 22:20 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\dvdcss
2014-03-25 21:52 - 2014-03-25 21:52 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\MPC-HC
2014-03-25 21:51 - 2014-03-25 21:51 - 00000000 ____D () C:\Program Files (x86)\Combined Community Codec Pack
2014-03-23 14:28 - 2014-03-22 11:13 - 00000000 ____D () C:\Users\Greg\Desktop\pIKKß
2014-03-21 12:27 - 2014-03-21 12:27 - 00005696 _____ () C:\Windows\SysWOW64\SecureAssist.ini
2014-03-21 11:46 - 2014-03-21 11:46 - 00152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2014-03-14 16:56 - 2014-03-14 16:52 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-14 16:56 - 2013-03-13 13:25 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-14 16:56 - 2013-03-13 13:25 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-13 20:45 - 2014-03-13 20:42 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\banshee-1
2014-03-13 20:43 - 2014-03-13 20:43 - 00000000 ____D () C:\Users\Greg\AppData\Local\gtk-2.0
2014-03-13 20:42 - 2014-03-13 20:42 - 00000000 ____D () C:\Users\Greg\Documents\.cache
2014-03-13 20:34 - 2014-03-13 20:34 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\MusicBrainz
2014-03-13 20:34 - 2014-03-13 20:34 - 00000000 ____D () C:\Users\Greg\AppData\Local\cache
2014-03-12 16:00 - 2014-04-09 00:07 - 00338120 _____ (SecureAssist) C:\Windows\system32\SecureAssist64.dll
Some content of TEMP:
====================
C:\Users\Greg\AppData\Local\Temp\amazonicon.exe
C:\Users\Greg\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Greg\AppData\Local\Temp\CMInstaller.exe
C:\Users\Greg\AppData\Local\Temp\Quarantine.exe
C:\Users\Greg\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Greg\AppData\Local\Temp\SpOrder.dll
C:\Users\Greg\AppData\Local\Temp\VSUSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-10 13:35
==================== End Of Log ============================
Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Greg at 2014-04-10 16:18:46
Running from C:\Users\Greg\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
7-Zip 9.30 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0930-000001000000}) (Version: 9.30.00.0 - Igor Pavlov)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.02) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0014 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.1 - ASUS)
ASUS PWR Option (HKLM-x32\...\{B7B60C4F-0DB8-42EF-8EDC-5F21D4C2D73F}) (Version: 1.2.1 - ASUS)
ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0009 - ASUS)
ASUS_Scr_ZenbookPrime (HKLM-x32\...\ASUS_Scr_ZenbookPrime) (Version: 1.0.0001 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0020 - ASUS)
AutoUnpack 4.5.2 (HKLM-x32\...\AutoUnpack_is1) (Version: - )
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4355 - AVG Technologies)
AVG 2014 (Version: 14.0.3882 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4355 - AVG Technologies) Hidden
AX88772B Windows 7 Drivers (HKLM-x32\...\InstallShield_{54A168C9-2250-4058-80EB-1F4A4192548A}) (Version: 1.0.2.0 - ASIX Electronics Corporation)
AX88772B Windows 7 Drivers (x32 Version: 1.0.2.0 - ASIX Electronics Corporation) Hidden
Caesar 3 (HKLM-x32\...\Caesar 3_is1) (Version: - GOG.com)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
CM Installer (HKLM-x32\...\{E8F42777-958D-4C14-9A42-8DCA1929FD26}) (Version: 1.0.0.0 - Cyanogen Inc.)
Combined Community Codec Pack 2014-03-09 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.03.09.0 - CCCP Project)
CrystalDiskInfo 5.4.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.4.2 - Crystal Dew World)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ETDWare PS/2-X64 10.5.9.0 (HKLM\...\Elantech) (Version: 10.5.9.0 - ELAN Microelectronic Corp.)
Free Video Call Recorder for Skype version 1.2.3.827 (HKLM-x32\...\Free Video Call Recorder for Skype_is1) (Version: 1.2.3.827 - DVDVideoSoft Ltd.)
GrabIt 1.7.2 Beta 6 (build 1008) (HKLM-x32\...\GrabIt_is1) (Version: - Ilan Shemes)
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.3.2 - ASUS)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Dynamic Platform & Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.1.1067 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{90F00673-A276-4A58-B675-B426D39D1E09}) (Version: 15.3.0.0398 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0153 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1024 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}) (Version: 3.0.13.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{ECE5B218-A086-4E18-A362-D11181681457}) (Version: 15.03.1000.1637 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Joe (HKLM-x32\...\{F8C986EA-13F8-4B39-91C3-A6B9A851CD34}) (Version: 4.01.0000 - Wirth IT Design)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Garage Mouse without Borders (HKLM-x32\...\{D3BC954F-D661-474C-B367-30EB6E56542E}) (Version: 2.1.2.1212 - Microsoft Garage)
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}) (Version: - )
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 22.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 22.0 (x86 de)) (Version: 22.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 22.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Rayman 2 (HKLM-x32\...\Rayman 2_is1) (Version: - GOG.com)
Rayman 2: The Great Escape GOG Edition (HKLM\...\{0e82bf4c-b906-4635-a97e-6a9740686b33}.sdb) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6608 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
Reference Manager 12 Professional Edition (HKLM-x32\...\{8BCAC105-C501-41F9-AED1-587024ABCA8C}) (Version: 12.0.3.3262 - Thomson Reuters)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.42.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.11.13348 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Stellarium 0.12.1 (HKLM\...\Stellarium_is1) (Version: 0.12.1 - Stellarium team)
suprasavings (HKLM\...\suprasavings) (Version: 2.0.1 - suprasavings)
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden
SupraSavings (x32 Version: 1.0.0.0 - SupraSavings) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows8FirewallControl (x64) 6.1.9.53 (HKLM\...\Windows8FirewallControl_is1) (Version: 6.1.9.53 - Sphinx Software)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.27 - ASUS)
Wise Registry Cleaner 7.65 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: - WiseCleaner.com, Inc.)
zebNet® Backup for Thunderbird® TNG 4.0.3.6 (HKLM\...\{252C8AFD-9F76-492C-8075-FEA02AC712E6}) (Version: 4.0.3.6 - zebNet® Ltd)
zebNet® Thunderbird Backup 2012 3.4.20 (HKLM\...\{C56ED89A-ADA0-4CAD-80AF-7E22AD3FE66D}) (Version: 3.4.20 - zebNet® Ltd)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:34 - 2013-02-11 23:09 - 00005810 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.40
127.0.0.1 192.150.8.100
127.0.0.1 192.150.8.118
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 crl.verisign.net
127.0.0.1 CRL.VERISIGN.NET.*
127.0.0.1 ereg.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 ereg.wip.adobe.com
127.0.0.1 ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 ereg.wip4.adobe.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 ood.opsource.net
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe.*
127.0.0.1 practivate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 practivate.adobe.ipp
127.0.0.1 practivate.adobe.newoa
127.0.0.1 practivate.adobe.ntp
127.0.0.1 tss-geotrust-crl.thawte.com
127.0.0.1 wip.adobe.com
127.0.0.1 wip1.adobe.com
127.0.0.1 wip2.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wip4.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
==================== Scheduled Tasks (whitelisted) =============
Task: {08668315-17CF-411C-B9BA-835A5E420DCF} - System32\Tasks\Secure Delete => C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe [2011-11-28] ()
Task: {25DA7FC5-6397-4998-B92A-3B3FB4D8514B} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-02-16] (ASUS)
Task: {3E7B422A-3F36-42C1-AA17-BCCD05B4B3A4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {492173E0-4A3F-4653-A3D4-75E9569B71A3} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {5D80DACF-DDFD-49F3-AFBB-C6A6DE67666F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {67473FE2-DADF-4867-ACD5-8CA8651EF76A} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-25] (ASUSTek Computer Inc.)
Task: {705F2FDA-C0C0-4D2C-9678-1A3F069EDC78} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-14] (Adobe Systems Incorporated)
Task: {835C2E8C-5324-4BCD-9708-763ABC9D0AAD} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {9AA1CC86-371F-4AFE-BFF5-F6FCB933F6B7} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {A0561424-CC51-4FF5-A035-5F8E7BAD9774} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {A414D2F6-49AC-4891-B16F-5082788D3344} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2012-02-17] (ASUSTek Computer Inc.)
Task: {B430CCC3-4277-433C-A28E-12AB5E4575D4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Loaded Modules (whitelisted) =============
2012-04-30 10:10 - 2012-02-20 05:31 - 00018944 _____ () C:\Windows\SysWOW64\DptfParticipantProcessorService.exe
2012-04-30 10:10 - 2012-02-20 05:31 - 00019968 _____ () C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe
2012-09-18 00:14 - 2012-02-21 21:29 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2013-10-04 11:35 - 2012-01-17 18:49 - 00270672 _____ () C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
2014-04-09 00:05 - 2014-04-09 00:05 - 00706560 _____ () C:\Program Files\003\xmkysecqun64.exe
2011-11-28 18:58 - 2011-11-28 18:58 - 00556976 _____ () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-04-30 10:09 - 2012-04-02 10:27 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-10-04 11:35 - 2012-01-17 18:49 - 00153424 _____ () C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
2012-12-28 10:44 - 2012-12-28 10:44 - 00039648 _____ () C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MousewithoutBordersHelper.exe
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Greg\AppData\Roaming\Dropbox\bin\libcef.dll
2012-01-31 18:25 - 2012-01-31 18:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2012-09-18 00:14 - 2012-02-21 21:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:07BF512B
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^Users^Greg^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^slimKEYS.lnk => C:\Windows\pss\slimKEYS.lnk.Startup
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
==================== Faulty Device Manager Devices =============
Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/10/2014 04:17:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: Gmer-19357.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83
Faulting module name: Gmer-19357.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83
Exception code: 0xc0000005
Fault offset: 0x000011aa
Faulting process id: 0x1928
Faulting application start time: 0xGmer-19357.exe0
Faulting application path: Gmer-19357.exe1
Faulting module path: Gmer-19357.exe2
Report Id: Gmer-19357.exe3
Error: (04/11/2014 01:50:04 PM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location F:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
Error: (04/11/2014 01:37:21 PM) (Source: Application Error) (User: )
Description: Faulting application name: ss_conn_service.exe, version: 2.3.1.0, time stamp: 0x5305caea
Faulting module name: ss_conn_service.exe, version: 2.3.1.0, time stamp: 0x5305caea
Exception code: 0x40000015
Fault offset: 0x0005fbf6
Faulting process id: 0xc40
Faulting application start time: 0xss_conn_service.exe0
Faulting application path: ss_conn_service.exe1
Faulting module path: ss_conn_service.exe2
Report Id: ss_conn_service.exe3
Error: (04/10/2014 05:57:44 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\Revo Uninstaller\Revouninstaller.exe Files (x86)\Revo Uninstaller\Revouninstaller.exe" ; Description = Revo Uninstaller's restore point - Adobe Photoshop CS6; Error = 0x80070422).
Error: (04/10/2014 05:52:54 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80070422).
Error: (04/10/2014 04:17:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/10/2014 04:17:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/10/2014 04:14:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/10/2014 04:14:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/10/2014 04:13:49 PM) (Source: Application Error) (User: )
Description: Faulting application name: obexsrv.exe, version: 2.0.0.128, time stamp: 0x4ed5d3d0
Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp: 0x4ce7ba58
Exception code: 0xc0000005
Fault offset: 0x000332ff
Faulting process id: 0xb14
Faulting application start time: 0xobexsrv.exe0
Faulting application path: obexsrv.exe1
Faulting module path: obexsrv.exe2
Report Id: obexsrv.exe3
System errors:
=============
Error: (04/11/2014 01:37:22 PM) (Source: Service Control Manager) (User: )
Description: The SAMSUNG Mobile Connectivity Service service terminated unexpectedly. It has done this 1 time(s).
Error: (04/10/2014 04:44:43 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.
Error: (04/10/2014 04:44:42 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.
Error: (04/10/2014 04:44:41 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.
Error: (04/10/2014 04:44:40 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.
Error: (04/10/2014 04:44:38 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.
Error: (04/10/2014 04:44:37 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.
Error: (04/10/2014 04:44:36 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.
Error: (04/10/2014 04:44:35 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.
Error: (04/10/2014 04:44:34 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.
Microsoft Office Sessions:
=========================
Error: (04/10/2014 04:17:08 PM) (Source: Application Error)(User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aa192801cf54c6f40bfbd1C:\Users\Greg\Downloads\Gmer-19357.exeC:\Users\Greg\Downloads\Gmer-19357.execc71aa8f-c0ba-11e3-8b90-ca55d1e0a6f0
Error: (04/11/2014 01:50:04 PM) (Source: Windows Backup)(User: )
Description: F:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)
Error: (04/11/2014 01:37:21 PM) (Source: Application Error)(User: )
Description: ss_conn_service.exe2.3.1.05305caeass_conn_service.exe2.3.1.05305caea400000150005fbf6c4001cf557a5dc65ad9C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exeC:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exea472d7bc-c16d-11e3-8b8f-c485082b1ec9
Error: (04/10/2014 05:57:44 PM) (Source: System Restore)(User: )
Description: C:\Program Files (x86)\Revo Uninstaller\Revouninstaller.exe Files (x86)\Revo Uninstaller\Revouninstaller.exe" Revo Uninstaller's restore point - Adobe Photoshop CS60x80070422
Error: (04/10/2014 05:52:54 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationScheduled Checkpoint0x80070422
Error: (04/10/2014 04:17:57 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Greg\Desktop\esetsmartinstaller_deu.exe
Error: (04/10/2014 04:17:54 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Greg\Desktop\esetsmartinstaller_deu.exe
Error: (04/10/2014 04:14:54 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Greg\Desktop\esetsmartinstaller_deu.exe
Error: (04/10/2014 04:14:52 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Greg\Desktop\esetsmartinstaller_deu.exe
Error: (04/10/2014 04:13:49 PM) (Source: Application Error)(User: )
Description: obexsrv.exe2.0.0.1284ed5d3d0ntdll.dll6.1.7601.175144ce7ba58c0000005000332ffb1401cf54c6d319f317C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeC:\Windows\SysWOW64\ntdll.dll5567aba4-c0ba-11e3-b2d8-c485082b1ec9
CodeIntegrity Errors:
===================================
Date: 2013-02-11 11:01:21.272
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Greg\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-02-11 11:01:21.257
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Greg\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-02-11 11:01:21.241
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Everest Home\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-02-11 11:01:21.226
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Everest Home\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 42%
Total physical RAM: 3981.93 MB
Available physical RAM: 2301.04 MB
Total Pagefile: 7962.05 MB
Available Pagefile: 6108.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:104.7 GB) (Free:53.93 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119 GB) (Disk ID: D89D9D33)
Partition: GPT Partition Type.
==================== End Of Log ============================
Code:
ATTFilter MiniToolBox by Farbar Version: 23-01-2014
Ran by Greg (administrator) on 10-04-2014 at 16:21:25
Running from "C:\Users\Greg\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QZTE4EAK"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.40
127.0.0.1 192.150.8.100
127.0.0.1 192.150.8.118
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate-sjc0.adobe.com
There are 46 more lines starting with "127.0.0.1"
========================= IP Configuration: ================================
Intel(R) Centrino(R) Advanced-N 6235 = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Microsoft Virtual WiFi Miniport Adapter #2 (Hardware not present)
Cisco Systems VPN Adapter for 64-bit Windows = Cisco VPN (Hardware not present)
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
set global icmpredirects=enabled taskoffload=disabled
set interface interface="Bluetooth Network Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Wireless Network Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Microsoft Virtual WiFi Miniport Adapter" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Microsoft Virtual WiFi Miniport Adapter #2" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Cisco VPN" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
popd
# End of IPv4 configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : ZenbookG
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : fritz.box
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . : fritz.box
Description . . . . . . . . . . . : Intel(R) Centrino(R) Advanced-N 6235
Physical Address. . . . . . . . . : C4-85-08-2B-1E-C5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d9bb:cdc0:6833:268d%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.178.25(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Donnerstag, 10. April 2014 16:06:23
Lease Expires . . . . . . . . . . : Sonntag, 20. April 2014 16:06:27
Default Gateway . . . . . . . . . : 192.168.178.1
DHCP Server . . . . . . . . . . . : 192.168.178.1
DHCPv6 IAID . . . . . . . . . . . : 298091784
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-E9-59-EB-C4-85-08-1C-94-D1
DNS Servers . . . . . . . . . . . : 192.168.178.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.fritz.box:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : fritz.box
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:1029:e95:3f57:4de6(Preferred)
Link-local IPv6 Address . . . . . : fe80::1029:e95:3f57:4de6%27(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.178.1
Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: 192.168.178.1
Ping request could not find host yahoo.com. Please check the name and try again.
Pinging with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for *Ywo瘘˜4ä':
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...c4 85 08 2b 1e c5 ......Intel(R) Centrino(R) Advanced-N 6235
1...........................Software Loopback Interface 1
29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
27...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.178.1 192.168.178.25 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.178.0 255.255.255.0 On-link 192.168.178.25 281
192.168.178.25 255.255.255.255 On-link 192.168.178.25 281
192.168.178.255 255.255.255.255 On-link 192.168.178.25 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.178.25 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.178.25 281
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
27 58 ::/0 On-link
1 306 ::1/128 On-link
27 58 2001::/32 On-link
27 306 2001:0:9d38:6ab8:1029:e95:3f57:4de6/128
On-link
13 281 fe80::/64 On-link
27 306 fe80::/64 On-link
27 306 fe80::1029:e95:3f57:4de6/128
On-link
13 281 fe80::d9bb:cdc0:6833:268d/128
On-link
1 306 ff00::/8 On-link
27 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\SecureAssist.dll [File not found] ()
Catalog9 02 C:\Windows\system32\SecureAssist.dll [File not found] ()
Catalog9 03 C:\Windows\system32\SecureAssist.dll [File not found] ()
Catalog9 04 C:\Windows\system32\SecureAssist.dll [File not found] ()
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\SecureAssist.dll [File not found] ()
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\SecureAssist64.dll [338120] (SecureAssist)
x64-Catalog9 02 C:\Windows\System32\SecureAssist64.dll [338120] (SecureAssist)
x64-Catalog9 03 C:\Windows\System32\SecureAssist64.dll [338120] (SecureAssist)
x64-Catalog9 04 C:\Windows\System32\SecureAssist64.dll [338120] (SecureAssist)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 15 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 16 C:\Windows\System32\SecureAssist64.dll [338120] (SecureAssist)
========================= Event log errors: ===============================
Application errors:
==================
Error: (04/10/2014 04:17:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: Gmer-19357.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83
Faulting module name: Gmer-19357.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83
Exception code: 0xc0000005
Fault offset: 0x000011aa
Faulting process id: 0x1928
Faulting application start time: 0xGmer-19357.exe0
Faulting application path: Gmer-19357.exe1
Faulting module path: Gmer-19357.exe2
Report Id: Gmer-19357.exe3
Error: (04/11/2014 01:50:04 PM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location F:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
Error: (04/11/2014 01:37:21 PM) (Source: Application Error) (User: )
Description: Faulting application name: ss_conn_service.exe, version: 2.3.1.0, time stamp: 0x5305caea
Faulting module name: ss_conn_service.exe, version: 2.3.1.0, time stamp: 0x5305caea
Exception code: 0x40000015
Fault offset: 0x0005fbf6
Faulting process id: 0xc40
Faulting application start time: 0xss_conn_service.exe0
Faulting application path: ss_conn_service.exe1
Faulting module path: ss_conn_service.exe2
Report Id: ss_conn_service.exe3
Error: (04/10/2014 05:57:44 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\Revo Uninstaller\Revouninstaller.exe Files (x86)\Revo Uninstaller\Revouninstaller.exe" ; Description = Revo Uninstaller's restore point - Adobe Photoshop CS6; Error = 0x80070422).
Error: (04/10/2014 05:52:54 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80070422).
Error: (04/10/2014 04:17:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/10/2014 04:17:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/10/2014 04:14:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/10/2014 04:14:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/10/2014 04:13:49 PM) (Source: Application Error) (User: )
Description: Faulting application name: obexsrv.exe, version: 2.0.0.128, time stamp: 0x4ed5d3d0
Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp: 0x4ce7ba58
Exception code: 0xc0000005
Fault offset: 0x000332ff
Faulting process id: 0xb14
Faulting application start time: 0xobexsrv.exe0
Faulting application path: obexsrv.exe1
Faulting module path: obexsrv.exe2
Report Id: obexsrv.exe3
System errors:
=============
Error: (04/11/2014 01:37:22 PM) (Source: Service Control Manager) (User: )
Description: The SAMSUNG Mobile Connectivity Service service terminated unexpectedly. It has done this 1 time(s).
Error: (04/10/2014 04:44:43 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.
Error: (04/10/2014 04:44:42 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.
Error: (04/10/2014 04:44:41 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.
Error: (04/10/2014 04:44:40 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.
Error: (04/10/2014 04:44:38 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.
Error: (04/10/2014 04:44:37 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.
Error: (04/10/2014 04:44:36 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.
Error: (04/10/2014 04:44:35 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.
Error: (04/10/2014 04:44:34 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753635.
Microsoft Office Sessions:
=========================
Error: (04/10/2014 04:17:08 PM) (Source: Application Error)(User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aa192801cf54c6f40bfbd1C:\Users\Greg\Downloads\Gmer-19357.exeC:\Users\Greg\Downloads\Gmer-19357.execc71aa8f-c0ba-11e3-8b90-ca55d1e0a6f0
Error: (04/11/2014 01:50:04 PM) (Source: Windows Backup)(User: )
Description: F:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)
Error: (04/11/2014 01:37:21 PM) (Source: Application Error)(User: )
Description: ss_conn_service.exe2.3.1.05305caeass_conn_service.exe2.3.1.05305caea400000150005fbf6c4001cf557a5dc65ad9C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exeC:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exea472d7bc-c16d-11e3-8b8f-c485082b1ec9
Error: (04/10/2014 05:57:44 PM) (Source: System Restore)(User: )
Description: C:\Program Files (x86)\Revo Uninstaller\Revouninstaller.exe Files (x86)\Revo Uninstaller\Revouninstaller.exe" Revo Uninstaller's restore point - Adobe Photoshop CS60x80070422
Error: (04/10/2014 05:52:54 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationScheduled Checkpoint0x80070422
Error: (04/10/2014 04:17:57 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Greg\Desktop\esetsmartinstaller_deu.exe
Error: (04/10/2014 04:17:54 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Greg\Desktop\esetsmartinstaller_deu.exe
Error: (04/10/2014 04:14:54 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Greg\Desktop\esetsmartinstaller_deu.exe
Error: (04/10/2014 04:14:52 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Greg\Desktop\esetsmartinstaller_deu.exe
Error: (04/10/2014 04:13:49 PM) (Source: Application Error)(User: )
Description: obexsrv.exe2.0.0.1284ed5d3d0ntdll.dll6.1.7601.175144ce7ba58c0000005000332ffb1401cf54c6d319f317C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeC:\Windows\SysWOW64\ntdll.dll5567aba4-c0ba-11e3-b2d8-c485082b1ec9
CodeIntegrity Errors:
===================================
Date: 2013-02-11 11:01:21.272
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Greg\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-02-11 11:01:21.257
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Greg\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-02-11 11:01:21.241
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Everest Home\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-02-11 11:01:21.226
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Everest Home\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
=========================== Installed Programs ============================
1&1 Surf-Stick (Version: 1.0.0.2)
7-Zip 9.30 (x64 edition) (Version: 9.30.00.0)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.77)
Adobe Flash Player 12 Plugin (Version: 12.0.0.77)
Adobe Reader XI (11.0.02) - Deutsch (Version: 11.0.02)
ASUS FaceLogon (Version: 1.0.0014)
ASUS Power4Gear Hybrid (Version: 1.2.1)
ASUS PWR Option (Version: 1.2.1)
ASUS Secure Delete (Version: 1.00.0009)
ASUS_Scr_ZenbookPrime (Version: 1.0.0001)
ATK Package (Version: 1.0.0020)
AutoUnpack 4.5.2
AVG 2014 (Version: 14.0.3882)
AVG 2014 (Version: 14.0.4355)
AVG 2014 (Version: 2014.0.4355)
AX88772B Windows 7 Drivers (Version: 1.0.2.0)
Caesar 3
Cisco Systems VPN Client 5.0.07.0290 (Version: 5.0.7)
CM Installer (Version: 1.0.0.0)
Combined Community Codec Pack 2014-03-09 (Version: 2014.03.09.0)
CrystalDiskInfo 5.4.2 (Version: 5.4.2)
DAEMON Tools Lite (Version: 4.46.1.0328)
Dropbox (Version: 2.4.11)
ESET Online Scanner v3
ETDWare PS/2-X64 10.5.9.0 (Version: 10.5.9.0)
Free Video Call Recorder for Skype version 1.2.3.827 (Version: 1.2.3.827)
GrabIt 1.7.2 Beta 6 (build 1008)
InstantOn for NB (Version: 2.3.2)
Intel PROSet Wireless
Intel(R) Dynamic Platform & Thermal Framework (Version: 6.0.1.1067)
Intel(R) Manageability Engine Firmware Recovery Agent (Version: 1.0.0.35342)
Intel(R) Management Engine Components (Version: 8.0.3.1427)
Intel(R) OpenCL CPU Runtime
Intel(R) Processor Graphics (Version: 8.15.10.2696)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.3.0.0398)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 2.1.1.0153)
Intel(R) Rapid Start Technology (Version: 1.0.0.1024)
Intel(R) USB 3.0 eXtensible Host Controller Driver (Version: 1.0.4.225)
Intel(R) WiDi (Version: 3.0.13.0)
Intel(R) Wireless Display
Intel® PROSet/Wireless WiFi-Software (Version: 15.03.1000.1637)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
Joe (Version: 4.01.0000)
Malwarebytes Anti-Malware Version 2.0.1.1004 (Version: 2.0.1.1004)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Garage Mouse without Borders (Version: 2.1.2.1212)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017)
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Silverlight (Version: 4.0.50401.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (Version: 11.0.61030.0)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (Version: 11.0.61030)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (Version: 11.0.61030)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
MozBackup 1.5.1
Mozilla Firefox 22.0 (x86 de) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
Mozilla Thunderbird 24.4.0 (x86 de) (Version: 24.4.0)
Opera 12.16 (Version: 12.16.1860)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017)
QuickPar 0.9 (Version: 0.9)
Rayman 2: The Great Escape GOG Edition
Realtek High Definition Audio Driver (Version: 6.0.1.6608)
Realtek USB 2.0 Reader Driver (Version: 6.1.7600.10010)
Reference Manager 12 Professional Edition (Version: 12.0.3.3262)
Revo Uninstaller 1.95 (Version: 1.95)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.42.0)
Skype Click to Call (Version: 6.11.13348)
Skype™ 6.11 (Version: 6.11.102)
Stellarium 0.12.1 (Version: 0.12.1)
SupraSavings (Version: 1.0.0.0)
suprasavings (Version: 2.0.1)
TrueCrypt (Version: 7.1a)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
VLC media player 2.0.5 (Version: 2.0.5)
Winamp (Version: 5.63 )
Winamp Erkennungs-Plug-in (Version: 1.0.0.1)
Windows 7 USB/DVD Download Tool (Version: 1.0.30)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows8FirewallControl (x64) 6.1.9.53 (Version: 6.1.9.53)
WinFlash (Version: 2.41.1)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
Wireless Console 3 (Version: 3.0.27)
Wise Registry Cleaner 7.65
zebNet® Backup for Thunderbird® TNG 4.0.3.6 (Version: 4.0.3.6)
zebNet® Thunderbird Backup 2012 3.4.20 (Version: 3.4.20)
========================= Memory info: ===================================
Percentage of memory in use: 41%
Total physical RAM: 3981.93 MB
Available physical RAM: 2331.1 MB
Total Pagefile: 7962.05 MB
Available Pagefile: 6145.96 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.54 MB
========================= Partitions: =====================================
1 Drive c: (OS) (Fixed) (Total:104.7 GB) (Free:53.93 GB) NTFS
========================= Users: ========================================
User accounts for \\ZENBOOKG
Administrator Greg Guest
========================= Minidump Files ==================================
No minidump file found
**** End of log ****
|
|
11.04.2014, 06:49
| #6 |
| /// the machine /// TB-Ausbilder | Win 7: Mozilla öffnet keine Seiten: Iminent-Adware/Virus/Toolbar Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Winsock: Catalog9 01 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 16 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9-x64 01 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 02 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 03 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 04 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 16 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
R2 xmkysecqun64; C:\Program Files\003\xmkysecqun64.exe [706560 2014-04-09] ()
2014-04-09 00:07 - 2014-03-12 16:00 - 00338120 _____ (SecureAssist) C:\Windows\system32\SecureAssist64.dll
2014-04-09 00:05 - 2014-04-09 00:05 - 00000000 ____D () C:\Program Files\003
cmd: netsh winsock reset
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Win 7: Mozilla öffnet keine Seiten: Iminent-Adware/Virus/Toolbar |
|
11.04.2014, 12:35
| #7 |
| | Win 7: Mozilla öffnet keine Seiten: Iminent-Adware/Virus/Toolbar Hallo! fixlog: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Greg at 2014-04-11 12:46:32 Run:1
Running from C:\Users\Greg\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Winsock: Catalog9 01 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9 16 C:\Windows\system32\SecureAssist.dll File Not found ()
Winsock: Catalog9-x64 01 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 02 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 03 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 04 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 16 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
R2 xmkysecqun64; C:\Program Files\003\xmkysecqun64.exe [706560 2014-04-09] ()
2014-04-09 00:07 - 2014-03-12 16:00 - 00338120 _____ (SecureAssist) C:\Windows\system32\SecureAssist64.dll
2014-04-09 00:05 - 2014-04-09 00:05 - 00000000 ____D () C:\Program Files\003
cmd: netsh winsock reset
*****************
Winsock: Catalog entry 000000000001 => Deleted successfully.
Winsock: Catalog entry 000000000002 => Deleted successfully.
Winsock: Catalog entry 000000000003 => Deleted successfully.
Winsock: Catalog entry 000000000004 => Deleted successfully.
Winsock: Catalog entry 000000000016 => Deleted successfully.
Winsock: Catalog entry 000000000001 => Deleted successfully.
Winsock: Catalog entry 000000000002 => Deleted successfully.
Winsock: Catalog entry 000000000003 => Deleted successfully.
Winsock: Catalog entry 000000000004 => Deleted successfully.
Winsock: Catalog entry 000000000016 => Deleted successfully.
xmkysecqun64 => Unable to stop service
xmkysecqun64 => Service deleted successfully.
C:\Windows\system32\SecureAssist64.dll => Moved successfully.
C:\Program Files\003 => Moved successfully.
========= netsh winsock reset =========
Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 10107
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
========= End of CMD: =========
==== End of Fixlog ====
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 11.04.2014 Suchlauf-Zeit: 12:56:42 Logdatei: mbam.txt Administrator: Ja Version: 2.00.1.1004 Malware Datenbank: v2014.04.11.05 Rootkit Datenbank: v2014.03.27.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Greg Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 245750 Verstrichene Zeit: 7 Min, 55 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 1 PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\suprasavings, In Quarantäne, [669a8e72c33d1fe1f6a8ef7422e09868], Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.023 - Report created 11/04/2014 at 13:05:05
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Greg - ZENBOOKG
# Running from : C:\Users\Greg\Downloads\adwcleaner (1).exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16421
-\\ Mozilla Firefox v22.0 (de)
[ File : C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\luzyy51h.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [6537 octets] - [10/04/2014 12:59:37]
AdwCleaner[R1].txt - [1005 octets] - [10/04/2014 14:43:51]
AdwCleaner[R2].txt - [1010 octets] - [11/04/2014 13:04:19]
AdwCleaner[S0].txt - [6653 octets] - [10/04/2014 13:00:33]
AdwCleaner[S1].txt - [1035 octets] - [10/04/2014 14:45:28]
AdwCleaner[S2].txt - [933 octets] - [11/04/2014 13:05:05]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [992 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Greg on 11.04.2014 at 13:11:18,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.04.2014 at 13:16:53,97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 29 days old and could be outdated)
Ran by Greg (administrator) on ZENBOOKG on 11-04-2014 13:35:17
Running from C:\Users\Greg\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Sphinx Software) C:\Program Files\Windows8FirewallControl\Windows8FirewallService.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG2014\avgwdsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
() C:\Windows\SysWOW64\DptfParticipantProcessorService.exe
() C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
() C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sphinx Software) C:\Program Files\Windows8FirewallControl\Windows8FirewallControl.exe
(Dropbox, Inc.) C:\Users\Greg\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Windows\AsScrPro.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG2014\avgui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Thisisu) C:\Users\Greg\Downloads\JRT.exe
() C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MousewithoutBordersHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG2014\avgcsrva.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12460136 2012-03-29] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] - C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11407120 2012-03-27] (Intel Corporation)
HKLM\...\Run: [Windows8FirewallControl] - C:\Program Files\Windows8FirewallControl\Windows8FirewallControl.exe [1205248 2013-09-30] (Sphinx Software)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-03] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] - C:\Windows\AsScrPro.exe [3058304 2012-09-18] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UIExec] - C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe [153424 2012-01-17] ()
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Greg\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://duckduckgo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Adobe\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Adobe\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\luzyy51h.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
==================== Services (Whitelisted) =================
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 DptfParticipantProcessorService; C:\Windows\SysWOW64\DptfParticipantProcessorService.exe [18944 2012-02-20] ()
R2 DptfPolicyConfigTDPService; C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe [19968 2012-02-20] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193536 2012-04-10] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
S2 MouseWithoutBordersSvc; C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [27872 2012-12-28] (Microsoft)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-08-23] ()
S3 RMWPService; C:\Program Files (x86)\Reference Manager 12\WebPublisher\thirdparty\Apache2\bin\RMWP_Apache_Admin.exe [20537 2004-01-28] (Apache Software Foundation)
S2 SkypeUpdate; C:\Program Files (x86)\Adobe\Skype\Updater\Updater.exe [171680 2013-09-05] (Skype Technologies)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [728328 2014-03-31] (DEVGURU Co., LTD.)
R2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [270672 2012-01-17] ()
R2 Windows8FirewallService; C:\Program Files\Windows8FirewallControl\Windows8FirewallService.exe [3806720 2013-09-30] (Sphinx Software)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R0 assd; C:\Windows\System32\Drivers\assd.sys [27056 2011-10-29] (ASUS Corporation)
S3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2011-12-21] (Windows (R) Win 7 DDK provider)
S3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2011-11-08] (Windows (R) Win 7 DDK provider)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 AX88772B; C:\Windows\System32\DRIVERS\ax88772b.sys [110592 2012-04-05] (ASIX Electronics Corp.)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R3 DptfDevDram; C:\Windows\System32\DRIVERS\DptfDevDram.sys [107288 2012-02-20] (Intel Corporation)
R3 DptfDevFan; C:\Windows\System32\DRIVERS\DptfDevFan.sys [42776 2012-02-20] (Intel Corporation)
R3 DptfDevGen; C:\Windows\System32\DRIVERS\DptfDevGen.sys [64792 2012-02-20] (Intel Corporation)
R3 DptfDevPch; C:\Windows\System32\DRIVERS\DptfDevPch.sys [96024 2012-02-20] (Intel Corporation)
R3 DptfDevProc; C:\Windows\System32\DRIVERS\DptfDevProc.sys [220952 2012-02-20] (Intel Corporation)
R3 DptfManager; C:\Windows\System32\DRIVERS\DptfManager.sys [357656 2012-02-20] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-25] (DT Soft Ltd)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-04-10] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2014-04-04] (hxxp://libusb-win32.sourceforge.net)
S3 libusbK; C:\Windows\System32\DRIVERS\libusbK.sys [47200 2014-04-04] (hxxp://libusb-win32.sourceforge.net)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512 2014-04-11] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U3 DfSdkS;
S3 DIRECTIO; \??\c:\BIT_TEMP\DirectIo.sys [X]
S3 vpnva; system32\DRIVERS\vpnva64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-11 13:16 - 2014-04-11 13:16 - 00000624 _____ () C:\Users\Greg\Desktop\JRT.txt
2014-04-11 13:10 - 2014-04-11 13:10 - 01016261 _____ (Thisisu) C:\Users\Greg\Downloads\JRT.exe
2014-04-11 13:03 - 2014-04-11 13:03 - 01426178 _____ () C:\Users\Greg\Downloads\adwcleaner (1).exe
2014-04-11 12:57 - 2014-04-11 12:57 - 00001269 _____ () C:\Users\Greg\Downloads\mbam.txt
2014-04-10 18:36 - 2014-04-10 18:37 - 00000000 ____D () C:\Users\Greg\Documents\Thunderbird
2014-04-10 16:36 - 2014-04-10 16:36 - 00380416 _____ () C:\Users\Greg\Downloads\Gmer-19357.exe
2014-04-10 16:33 - 2014-04-11 13:35 - 00000000 ____D () C:\FRST
2014-04-10 16:32 - 2014-04-10 16:32 - 00000168 _____ () C:\Users\Greg\defogger_reenable
2014-04-10 16:26 - 2014-04-10 16:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-10 16:21 - 2014-04-10 16:22 - 00035206 _____ () C:\Users\Greg\Downloads\Result.txt
2014-04-10 16:18 - 2014-04-10 16:19 - 00038599 _____ () C:\Users\Greg\Downloads\Addition.txt
2014-04-10 16:17 - 2014-04-10 16:17 - 00000000 ____D () C:\Program Files\Windows8FirewallControl
2014-04-10 16:14 - 2014-04-11 13:35 - 00016440 _____ () C:\Users\Greg\Downloads\FRST.txt
2014-04-10 16:14 - 2014-04-10 16:14 - 02157056 _____ (Farbar) C:\Users\Greg\Downloads\FRST64.exe
2014-04-10 14:56 - 2014-04-10 14:56 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-10 14:50 - 2014-04-10 14:50 - 00000000 ____D () C:\Windows\ERUNT
2014-04-10 13:13 - 2014-04-11 12:48 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-10 13:13 - 2014-04-10 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 13:13 - 2014-04-10 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-10 13:13 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-10 13:13 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-10 13:13 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-10 13:12 - 2014-04-10 13:13 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Greg\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-10 13:11 - 2014-04-10 13:11 - 00613200 _____ (Chip Digital GmbH) C:\Users\Greg\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-04-10 12:59 - 2014-04-11 13:05 - 00000000 ____D () C:\AdwCleaner
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ___HD () C:\$AVG
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\TuneUp Software
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\AVG2014
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-10 12:15 - 2014-04-10 12:28 - 00000000 ____D () C:\Program Files (x86)\AVG2014
2014-04-10 12:13 - 2014-04-11 12:43 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-10 12:13 - 2014-04-10 12:31 - 00000000 ____D () C:\Users\Greg\AppData\Local\Avg2014
2014-04-10 12:13 - 2014-04-10 12:13 - 00000000 ____D () C:\Users\Greg\AppData\Local\MFAData
2014-04-10 12:03 - 2014-04-10 12:03 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Auslogics
2014-04-09 00:12 - 2014-04-09 00:12 - 00000000 ____D () C:\Program Files (x86)\zebNet® Thunderbird Backup 2012
2014-04-09 00:12 - 2012-02-22 00:12 - 00069632 _____ (S.A.Dittrich) C:\Windows\SysWOW64\cXPIBrowser.ocx
2014-04-09 00:12 - 2011-12-07 21:38 - 00126976 ____N (S.A.Dittrich) C:\Windows\SysWOW64\cXPINET.ocx
2014-04-09 00:12 - 2011-09-25 23:24 - 00061440 ____N (ASX) C:\Windows\SysWOW64\cXPIInternet.ocx
2014-04-09 00:12 - 2011-09-25 23:22 - 00196608 ____N (ASX) C:\Windows\SysWOW64\CXPICOMCTL.OCX
2014-04-09 00:12 - 2005-04-15 20:58 - 01351392 ____N (Microsoft Corporation) C:\Windows\SysWOW64\COMCTL32.OCX
2014-04-09 00:02 - 2014-04-10 00:12 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\zebNet
2014-04-08 23:59 - 2014-04-09 00:12 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-08 23:59 - 2014-04-08 23:59 - 00001162 _____ () C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\zebNet® Backup for Thunderbird® TNG.lnk
2014-04-08 23:59 - 2014-04-08 23:59 - 00000000 ____D () C:\ProgramData\zebNet
2014-04-08 23:59 - 2014-04-08 23:59 - 00000000 ____D () C:\Program Files\zebNet
2014-04-08 23:55 - 2014-04-08 23:55 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2014-04-08 23:55 - 2014-04-08 16:05 - 00000830 _____ () C:\Users\Greg\Documents\indexfile.txt
2014-04-05 00:31 - 2014-03-31 06:49 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00188232 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdm.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00169288 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadbus.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00158024 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadserd.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00021320 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdfl.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwhnt.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwh.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcmnt.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcm.sys
2014-04-05 00:29 - 2014-04-05 00:29 - 00000000 ____D () C:\Users\Greg\.android
2014-04-04 23:07 - 2014-04-04 23:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-04-04 23:03 - 2014-03-31 06:49 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2014-04-04 23:03 - 2014-03-31 06:49 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2014-04-04 23:03 - 2014-03-31 06:49 - 00109056 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-04-04 22:07 - 2014-04-10 14:17 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-04-04 22:07 - 2014-04-04 22:42 - 00000000 ____D () C:\usb_driver
2014-04-04 22:07 - 2014-04-04 22:31 - 00067680 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusb0.dll
2014-04-04 22:07 - 2014-04-04 22:31 - 00052320 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusb0.sys
2014-04-04 22:07 - 2014-04-04 22:19 - 00238176 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusbK.dll
2014-04-04 22:07 - 2014-04-04 22:19 - 00170080 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusbK.dll
2014-04-04 22:07 - 2014-04-04 22:19 - 00076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusb0.dll
2014-04-04 22:07 - 2014-04-04 22:19 - 00047200 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusbK.sys
2014-04-04 22:07 - 2014-04-04 22:07 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2014-04-04 22:07 - 2014-04-04 22:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-04-04 21:55 - 2014-04-04 21:55 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-04-04 21:54 - 2014-04-04 21:54 - 00000000 ____D () C:\ProgramData\Samsung
2014-04-04 21:26 - 2014-04-04 21:26 - 00000000 ____D () C:\Users\Greg\AppData\Local\Downloaded Installations
2014-04-04 21:18 - 2014-04-04 21:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-26 22:30 - 2013-11-20 11:26 - 55279480 _____ () C:\Users\Greg\Desktop\gardaseetour 002.tif
2014-03-25 21:52 - 2014-03-25 21:52 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\MPC-HC
2014-03-25 21:51 - 2014-03-25 21:51 - 00000000 ____D () C:\Program Files (x86)\Combined Community Codec Pack
2014-03-22 11:13 - 2014-03-23 14:28 - 00000000 ____D () C:\Users\Greg\Desktop\pIKKß
2014-03-21 12:27 - 2014-04-09 00:07 - 00005552 _____ () C:\Windows\system32\SecureAssist.ini
2014-03-21 12:27 - 2014-04-09 00:07 - 00002504 _____ () C:\Windows\SysWOW64\SecureAssistOff.ini
2014-03-21 12:27 - 2014-04-09 00:07 - 00002504 _____ () C:\Windows\system32\SecureAssistOff.ini
2014-03-21 12:27 - 2014-03-21 12:27 - 00005696 _____ () C:\Windows\SysWOW64\SecureAssist.ini
2014-03-21 11:46 - 2014-03-21 11:46 - 00152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2014-03-14 16:52 - 2014-04-11 12:56 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-14 16:52 - 2014-03-14 16:56 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 20:43 - 2014-03-13 20:43 - 00000000 ____D () C:\Users\Greg\AppData\Local\gtk-2.0
2014-03-13 20:42 - 2014-03-13 20:45 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\banshee-1
2014-03-13 20:42 - 2014-03-13 20:42 - 00000000 ____D () C:\Users\Greg\Documents\.cache
2014-03-13 20:34 - 2014-03-13 20:34 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\MusicBrainz
2014-03-13 20:34 - 2014-03-13 20:34 - 00000000 ____D () C:\Users\Greg\AppData\Local\cache
==================== One Month Modified Files and Folders =======
2014-04-11 13:36 - 2013-02-11 11:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-11 13:35 - 2014-04-10 16:33 - 00000000 ____D () C:\FRST
2014-04-11 13:35 - 2014-04-10 16:14 - 00016440 _____ () C:\Users\Greg\Downloads\FRST.txt
2014-04-11 13:16 - 2014-04-11 13:16 - 00000624 _____ () C:\Users\Greg\Desktop\JRT.txt
2014-04-11 13:13 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-11 13:13 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-11 13:12 - 2009-07-14 07:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-11 13:10 - 2014-04-11 13:10 - 01016261 _____ (Thisisu) C:\Users\Greg\Downloads\JRT.exe
2014-04-11 13:06 - 2014-01-25 17:09 - 00000000 ___RD () C:\Users\Greg\Dropbox
2014-04-11 13:06 - 2013-07-13 10:10 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Dropbox
2014-04-11 13:06 - 2012-09-18 00:14 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-04-11 13:06 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-11 13:06 - 2009-07-14 06:51 - 00129969 _____ () C:\Windows\setupact.log
2014-04-11 13:05 - 2014-04-10 12:59 - 00000000 ____D () C:\AdwCleaner
2014-04-11 13:05 - 2012-09-18 00:11 - 01415328 _____ () C:\Windows\WindowsUpdate.log
2014-04-11 13:03 - 2014-04-11 13:03 - 01426178 _____ () C:\Users\Greg\Downloads\adwcleaner (1).exe
2014-04-11 12:57 - 2014-04-11 12:57 - 00001269 _____ () C:\Users\Greg\Downloads\mbam.txt
2014-04-11 12:56 - 2014-03-14 16:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-11 12:48 - 2014-04-10 13:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-11 12:43 - 2014-04-10 12:13 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-10 18:37 - 2014-04-10 18:36 - 00000000 ____D () C:\Users\Greg\Documents\Thunderbird
2014-04-10 17:59 - 2013-03-13 13:13 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-10 17:59 - 2013-02-12 22:27 - 00000000 ____D () C:\Program Files\Adobe
2014-04-10 17:59 - 2013-02-11 12:24 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-10 17:59 - 2013-02-11 11:57 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Adobe
2014-04-10 17:47 - 2012-09-18 00:14 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-04-10 16:36 - 2014-04-10 16:36 - 00380416 _____ () C:\Users\Greg\Downloads\Gmer-19357.exe
2014-04-10 16:32 - 2014-04-10 16:32 - 00000168 _____ () C:\Users\Greg\defogger_reenable
2014-04-10 16:32 - 2013-02-11 05:56 - 00000000 ____D () C:\Users\Greg
2014-04-10 16:26 - 2014-04-10 16:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-10 16:26 - 2013-02-11 11:58 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Mozilla
2014-04-10 16:22 - 2014-04-10 16:21 - 00035206 _____ () C:\Users\Greg\Downloads\Result.txt
2014-04-10 16:19 - 2014-04-10 16:18 - 00038599 _____ () C:\Users\Greg\Downloads\Addition.txt
2014-04-10 16:17 - 2014-04-10 16:17 - 00000000 ____D () C:\Program Files\Windows8FirewallControl
2014-04-10 16:17 - 2013-08-07 22:57 - 00000000 ____D () C:\Users\Greg\AppData\Local\CrashDumps
2014-04-10 16:14 - 2014-04-10 16:14 - 02157056 _____ (Farbar) C:\Users\Greg\Downloads\FRST64.exe
2014-04-10 14:56 - 2014-04-10 14:56 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-10 14:50 - 2014-04-10 14:50 - 00000000 ____D () C:\Windows\ERUNT
2014-04-10 14:17 - 2014-04-04 22:07 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-04-10 14:17 - 2011-08-28 10:59 - 00495880 _____ () C:\Windows\PFRO.log
2014-04-10 13:13 - 2014-04-10 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 13:13 - 2014-04-10 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-10 13:13 - 2014-04-10 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Greg\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-10 13:11 - 2014-04-10 13:11 - 00613200 _____ (Chip Digital GmbH) C:\Users\Greg\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-04-10 13:10 - 2013-02-14 14:06 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\vlc
2014-04-10 12:31 - 2014-04-10 12:13 - 00000000 ____D () C:\Users\Greg\AppData\Local\Avg2014
2014-04-10 12:28 - 2014-04-10 12:15 - 00000000 ____D () C:\Program Files (x86)\AVG2014
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ___HD () C:\$AVG
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\TuneUp Software
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\AVG2014
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-10 12:13 - 2014-04-10 12:13 - 00000000 ____D () C:\Users\Greg\AppData\Local\MFAData
2014-04-10 12:07 - 2013-03-22 22:20 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-04-10 12:03 - 2014-04-10 12:03 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Auslogics
2014-04-10 00:15 - 2013-02-14 15:39 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Thunderbird
2014-04-10 00:12 - 2014-04-09 00:02 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\zebNet
2014-04-09 00:12 - 2014-04-09 00:12 - 00000000 ____D () C:\Program Files (x86)\zebNet® Thunderbird Backup 2012
2014-04-09 00:12 - 2014-04-08 23:59 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-09 00:07 - 2014-03-21 12:27 - 00005552 _____ () C:\Windows\system32\SecureAssist.ini
2014-04-09 00:07 - 2014-03-21 12:27 - 00002504 _____ () C:\Windows\SysWOW64\SecureAssistOff.ini
2014-04-09 00:07 - 2014-03-21 12:27 - 00002504 _____ () C:\Windows\system32\SecureAssistOff.ini
2014-04-09 00:00 - 2013-02-14 15:39 - 00000000 ____D () C:\Users\Greg\AppData\Local\Thunderbird
2014-04-09 00:00 - 2013-02-14 15:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-08 23:59 - 2014-04-08 23:59 - 00001162 _____ () C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\zebNet® Backup for Thunderbird® TNG.lnk
2014-04-08 23:59 - 2014-04-08 23:59 - 00000000 ____D () C:\ProgramData\zebNet
2014-04-08 23:59 - 2014-04-08 23:59 - 00000000 ____D () C:\Program Files\zebNet
2014-04-08 23:55 - 2014-04-08 23:55 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2014-04-08 16:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-08 16:05 - 2014-04-08 23:55 - 00000830 _____ () C:\Users\Greg\Documents\indexfile.txt
2014-04-05 00:29 - 2014-04-05 00:29 - 00000000 ____D () C:\Users\Greg\.android
2014-04-04 23:07 - 2014-04-04 23:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-04-04 22:42 - 2014-04-04 22:07 - 00000000 ____D () C:\usb_driver
2014-04-04 22:31 - 2014-04-04 22:07 - 00067680 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusb0.dll
2014-04-04 22:31 - 2014-04-04 22:07 - 00052320 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusb0.sys
2014-04-04 22:19 - 2014-04-04 22:07 - 00238176 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusbK.dll
2014-04-04 22:19 - 2014-04-04 22:07 - 00170080 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusbK.dll
2014-04-04 22:19 - 2014-04-04 22:07 - 00076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusb0.dll
2014-04-04 22:19 - 2014-04-04 22:07 - 00047200 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusbK.sys
2014-04-04 22:07 - 2014-04-04 22:07 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2014-04-04 22:07 - 2014-04-04 22:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-04-04 22:07 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-04 21:55 - 2014-04-04 21:55 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-04-04 21:54 - 2014-04-04 21:54 - 00000000 ____D () C:\ProgramData\Samsung
2014-04-04 21:26 - 2014-04-04 21:26 - 00000000 ____D () C:\Users\Greg\AppData\Local\Downloaded Installations
2014-04-04 21:18 - 2014-04-04 21:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-03 09:51 - 2014-04-10 13:13 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-10 13:13 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-10 13:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 06:49 - 2014-04-05 00:31 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-03-31 06:49 - 2014-04-04 23:03 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2014-03-31 06:49 - 2014-04-04 23:03 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2014-03-31 06:49 - 2014-04-04 23:03 - 00109056 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00188232 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdm.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00169288 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadbus.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00158024 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadserd.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00021320 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdfl.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwhnt.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwh.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcmnt.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcm.sys
2014-03-30 23:03 - 2013-02-14 14:08 - 00000000 ____D () C:\Users\Greg\AppData\Local\QuickPar
2014-03-30 22:31 - 2013-02-11 12:12 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\GrabIt
2014-03-27 11:36 - 2013-03-07 22:20 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\dvdcss
2014-03-25 21:52 - 2014-03-25 21:52 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\MPC-HC
2014-03-25 21:51 - 2014-03-25 21:51 - 00000000 ____D () C:\Program Files (x86)\Combined Community Codec Pack
2014-03-23 14:28 - 2014-03-22 11:13 - 00000000 ____D () C:\Users\Greg\Desktop\pIKKß
2014-03-21 12:27 - 2014-03-21 12:27 - 00005696 _____ () C:\Windows\SysWOW64\SecureAssist.ini
2014-03-21 11:46 - 2014-03-21 11:46 - 00152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2014-03-14 16:56 - 2014-03-14 16:52 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-14 16:56 - 2013-03-13 13:25 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-14 16:56 - 2013-03-13 13:25 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-13 20:45 - 2014-03-13 20:42 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\banshee-1
2014-03-13 20:43 - 2014-03-13 20:43 - 00000000 ____D () C:\Users\Greg\AppData\Local\gtk-2.0
2014-03-13 20:42 - 2014-03-13 20:42 - 00000000 ____D () C:\Users\Greg\Documents\.cache
2014-03-13 20:34 - 2014-03-13 20:34 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\MusicBrainz
2014-03-13 20:34 - 2014-03-13 20:34 - 00000000 ____D () C:\Users\Greg\AppData\Local\cache
Some content of TEMP:
====================
C:\Users\Greg\AppData\Local\Temp\amazonicon.exe
C:\Users\Greg\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Greg\AppData\Local\Temp\CMInstaller.exe
C:\Users\Greg\AppData\Local\Temp\Quarantine.exe
C:\Users\Greg\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Greg\AppData\Local\Temp\SpOrder.dll
C:\Users\Greg\AppData\Local\Temp\VSUSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-10 13:35
==================== End Of Log ============================
|
|
13.04.2014, 14:09
| #8 |
| /// the machine /// TB-Ausbilder | Win 7: Mozilla öffnet keine Seiten: Iminent-Adware/Virus/ToolbarESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.04.2014, 14:25
| #9 |
| | Win 7: Mozilla öffnet keine Seiten: Iminent-Adware/Virus/Toolbar Hi! Hatte jetzt schon keine Probleme mehr, allerdings habe ich das Gerät auch kaum genutzt. Hier die logs: Eset log.txt: Code:
ATTFilter ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
esets_scanner_update returned -1 esets_gle=45314
esets_scanner_update returned -1 esets_gle=45314
esets_scanner_update returned -1 esets_gle=45314
esets_scanner_update returned -1 esets_gle=45314
esets_scanner_update returned -1 esets_gle=45314
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=2789ab900a594c4f81df89a0f5f13b4c
# engine=17901
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-16 01:12:38
# local_time=2014-04-16 03:12:38 (+0100, W. Europe Daylight Time)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 5885625 149283808 0 0
# scanned=127285
# found=1
# cleaned=0
# scan_time=63759
sh=297AB44B22D59DC00DA6E7138A6F57CAAA379D74 ft=1 fh=a263ea30718c1c6d vn="a variant of Win64/Adware.Adpeak.C application" ac=I fn="C:\FRST\Quarantine\C\Program Files\003\xmkysecqun64.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.81
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG AntiVirus Free Edition 2014
Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
Wise Registry Cleaner 7.65
Adobe Flash Player 12.0.0.77
Adobe Reader XI
Mozilla Firefox (28.0)
Mozilla Thunderbird (24.4.0)
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
Mozilla Firefox Windows8FirewallService.exe -?-
Windows8FirewallControl Windows8FirewallControl.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-04-2014 01
Ran by Greg (administrator) on ZENBOOKG on 16-04-2014 15:20:59
Running from C:\Users\Greg\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Sphinx Software) C:\Program Files\Windows8FirewallControl\Windows8FirewallService.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG2014\avgwdsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
() C:\Windows\SysWOW64\DptfParticipantProcessorService.exe
() C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
() C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sphinx Software) C:\Program Files\Windows8FirewallControl\Windows8FirewallControl.exe
(Dropbox, Inc.) C:\Users\Greg\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Windows\AsScrPro.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG2014\avgui.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MousewithoutBordersHelper.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12460136 2012-03-29] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11407120 2012-03-27] (Intel Corporation)
HKLM\...\Run: [Windows8FirewallControl] => C:\Program Files\Windows8FirewallControl\Windows8FirewallControl.exe [1205248 2013-09-30] (Sphinx Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-03] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2012-09-18] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe [153424 2012-01-17] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Greg\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://duckduckgo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Adobe\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Adobe\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\luzyy51h.default
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "ftp", "111.119.192.34"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "111.119.192.34"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "111.119.192.34"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "111.119.192.34"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\luzyy51h.default\Extensions\nostmp [2014-04-11]
FF Extension: Stealthy - C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\luzyy51h.default\Extensions\stealthyextension@gmail.com.xpi [2014-04-11]
FF Extension: Adblock Plus - C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\luzyy51h.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-11]
==================== Services (Whitelisted) =================
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 DptfParticipantProcessorService; C:\Windows\SysWOW64\DptfParticipantProcessorService.exe [18944 2012-02-20] ()
R2 DptfPolicyConfigTDPService; C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe [19968 2012-02-20] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193536 2012-04-10] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
S2 MouseWithoutBordersSvc; C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [27872 2012-12-28] (Microsoft)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-08-23] ()
S3 RMWPService; C:\Program Files (x86)\Reference Manager 12\WebPublisher\thirdparty\Apache2\bin\RMWP_Apache_Admin.exe [20537 2004-01-28] (Apache Software Foundation)
S2 SkypeUpdate; C:\Program Files (x86)\Adobe\Skype\Updater\Updater.exe [171680 2013-09-05] (Skype Technologies)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [728328 2014-03-31] (DEVGURU Co., LTD.)
R2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [270672 2012-01-17] ()
R2 Windows8FirewallService; C:\Program Files\Windows8FirewallControl\Windows8FirewallService.exe [3806720 2013-09-30] (Sphinx Software)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R0 assd; C:\Windows\System32\Drivers\assd.sys [27056 2011-10-29] (ASUS Corporation)
S3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2011-12-21] (Windows (R) Win 7 DDK provider)
S3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2011-11-08] (Windows (R) Win 7 DDK provider)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 AX88772B; C:\Windows\System32\DRIVERS\ax88772b.sys [110592 2012-04-05] (ASIX Electronics Corp.)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R3 DptfDevDram; C:\Windows\System32\DRIVERS\DptfDevDram.sys [107288 2012-02-20] (Intel Corporation)
R3 DptfDevFan; C:\Windows\System32\DRIVERS\DptfDevFan.sys [42776 2012-02-20] (Intel Corporation)
R3 DptfDevGen; C:\Windows\System32\DRIVERS\DptfDevGen.sys [64792 2012-02-20] (Intel Corporation)
R3 DptfDevPch; C:\Windows\System32\DRIVERS\DptfDevPch.sys [96024 2012-02-20] (Intel Corporation)
R3 DptfDevProc; C:\Windows\System32\DRIVERS\DptfDevProc.sys [220952 2012-02-20] (Intel Corporation)
R3 DptfManager; C:\Windows\System32\DRIVERS\DptfManager.sys [357656 2012-02-20] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-25] (DT Soft Ltd)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-04-10] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2014-04-04] (hxxp://libusb-win32.sourceforge.net)
S3 libusbK; C:\Windows\System32\DRIVERS\libusbK.sys [47200 2014-04-04] (hxxp://libusb-win32.sourceforge.net)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512 2014-04-11] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U3 DfSdkS;
S3 DIRECTIO; \??\c:\BIT_TEMP\DirectIo.sys [X]
S3 vpnva; system32\DRIVERS\vpnva64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-16 15:20 - 2014-04-16 15:20 - 00000000 ____D () C:\Users\Greg\Downloads\FRST-OlderVersion
2014-04-16 15:17 - 2014-04-16 15:17 - 00987448 _____ () C:\Users\Greg\Downloads\SecurityCheck.exe
2014-04-15 21:24 - 2014-04-15 21:24 - 02347384 _____ (ESET) C:\Users\Greg\Downloads\esetsmartinstaller_enu.exe
2014-04-11 17:37 - 2014-04-11 17:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-11 13:16 - 2014-04-11 13:16 - 00000624 _____ () C:\Users\Greg\Desktop\JRT.txt
2014-04-11 13:10 - 2014-04-11 13:10 - 01016261 _____ (Thisisu) C:\Users\Greg\Downloads\JRT.exe
2014-04-11 13:03 - 2014-04-11 13:03 - 01426178 _____ () C:\Users\Greg\Downloads\adwcleaner (1).exe
2014-04-11 12:57 - 2014-04-11 12:57 - 00001269 _____ () C:\Users\Greg\Downloads\mbam.txt
2014-04-10 18:36 - 2014-04-10 18:37 - 00000000 ____D () C:\Users\Greg\Documents\Thunderbird
2014-04-10 16:36 - 2014-04-10 16:36 - 00380416 _____ () C:\Users\Greg\Downloads\Gmer-19357.exe
2014-04-10 16:33 - 2014-04-16 15:20 - 00000000 ____D () C:\FRST
2014-04-10 16:32 - 2014-04-10 16:32 - 00000168 _____ () C:\Users\Greg\defogger_reenable
2014-04-10 16:21 - 2014-04-10 16:22 - 00035206 _____ () C:\Users\Greg\Downloads\Result.txt
2014-04-10 16:18 - 2014-04-10 16:19 - 00038599 _____ () C:\Users\Greg\Downloads\Addition.txt
2014-04-10 16:17 - 2014-04-10 16:17 - 00000000 ____D () C:\Program Files\Windows8FirewallControl
2014-04-10 16:14 - 2014-04-16 15:20 - 02158080 _____ (Farbar) C:\Users\Greg\Downloads\FRST64.exe
2014-04-10 16:14 - 2014-04-16 15:20 - 00016977 _____ () C:\Users\Greg\Downloads\FRST.txt
2014-04-10 14:50 - 2014-04-10 14:50 - 00000000 ____D () C:\Windows\ERUNT
2014-04-10 13:13 - 2014-04-11 12:48 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-10 13:13 - 2014-04-10 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 13:13 - 2014-04-10 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-10 13:13 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-10 13:13 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-10 13:13 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-10 13:12 - 2014-04-10 13:13 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Greg\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-10 13:11 - 2014-04-10 13:11 - 00613200 _____ (Chip Digital GmbH) C:\Users\Greg\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-04-10 12:59 - 2014-04-11 13:05 - 00000000 ____D () C:\AdwCleaner
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ___HD () C:\$AVG
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\TuneUp Software
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\AVG2014
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-10 12:15 - 2014-04-14 11:54 - 00000000 ____D () C:\Program Files (x86)\AVG2014
2014-04-10 12:13 - 2014-04-15 17:36 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-10 12:13 - 2014-04-10 12:31 - 00000000 ____D () C:\Users\Greg\AppData\Local\Avg2014
2014-04-10 12:13 - 2014-04-10 12:13 - 00000000 ____D () C:\Users\Greg\AppData\Local\MFAData
2014-04-10 12:03 - 2014-04-10 12:03 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Auslogics
2014-04-09 00:12 - 2014-04-09 00:12 - 00000000 ____D () C:\Program Files (x86)\zebNet® Thunderbird Backup 2012
2014-04-09 00:12 - 2012-02-22 00:12 - 00069632 _____ (S.A.Dittrich) C:\Windows\SysWOW64\cXPIBrowser.ocx
2014-04-09 00:12 - 2011-12-07 21:38 - 00126976 ____N (S.A.Dittrich) C:\Windows\SysWOW64\cXPINET.ocx
2014-04-09 00:12 - 2011-09-25 23:24 - 00061440 ____N (ASX) C:\Windows\SysWOW64\cXPIInternet.ocx
2014-04-09 00:12 - 2011-09-25 23:22 - 00196608 ____N (ASX) C:\Windows\SysWOW64\CXPICOMCTL.OCX
2014-04-09 00:12 - 2005-04-15 20:58 - 01351392 ____N (Microsoft Corporation) C:\Windows\SysWOW64\COMCTL32.OCX
2014-04-09 00:02 - 2014-04-10 00:12 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\zebNet
2014-04-08 23:59 - 2014-04-09 00:12 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-08 23:59 - 2014-04-08 23:59 - 00001162 _____ () C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\zebNet® Backup for Thunderbird® TNG.lnk
2014-04-08 23:59 - 2014-04-08 23:59 - 00000000 ____D () C:\ProgramData\zebNet
2014-04-08 23:59 - 2014-04-08 23:59 - 00000000 ____D () C:\Program Files\zebNet
2014-04-08 23:55 - 2014-04-08 23:55 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2014-04-08 23:55 - 2014-04-08 16:05 - 00000830 _____ () C:\Users\Greg\Documents\indexfile.txt
2014-04-05 00:31 - 2014-03-31 06:49 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00188232 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdm.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00169288 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadbus.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00158024 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadserd.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00021320 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdfl.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwhnt.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwh.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcmnt.sys
2014-04-05 00:31 - 2014-03-31 06:48 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcm.sys
2014-04-05 00:29 - 2014-04-05 00:29 - 00000000 ____D () C:\Users\Greg\.android
2014-04-04 23:07 - 2014-04-04 23:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-04-04 23:03 - 2014-03-31 06:49 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2014-04-04 23:03 - 2014-03-31 06:49 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2014-04-04 23:03 - 2014-03-31 06:49 - 00109056 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-04-04 22:07 - 2014-04-10 14:17 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-04-04 22:07 - 2014-04-04 22:42 - 00000000 ____D () C:\usb_driver
2014-04-04 22:07 - 2014-04-04 22:31 - 00067680 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusb0.dll
2014-04-04 22:07 - 2014-04-04 22:31 - 00052320 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusb0.sys
2014-04-04 22:07 - 2014-04-04 22:19 - 00238176 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusbK.dll
2014-04-04 22:07 - 2014-04-04 22:19 - 00170080 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusbK.dll
2014-04-04 22:07 - 2014-04-04 22:19 - 00076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusb0.dll
2014-04-04 22:07 - 2014-04-04 22:19 - 00047200 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusbK.sys
2014-04-04 22:07 - 2014-04-04 22:07 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2014-04-04 22:07 - 2014-04-04 22:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-04-04 21:55 - 2014-04-04 21:55 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-04-04 21:54 - 2014-04-04 21:54 - 00000000 ____D () C:\ProgramData\Samsung
2014-04-04 21:26 - 2014-04-04 21:26 - 00000000 ____D () C:\Users\Greg\AppData\Local\Downloaded Installations
2014-04-04 21:18 - 2014-04-04 21:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-26 22:30 - 2013-11-20 11:26 - 55279480 _____ () C:\Users\Greg\Desktop\gardaseetour 002.tif
2014-03-25 21:52 - 2014-03-25 21:52 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\MPC-HC
2014-03-25 21:51 - 2014-03-25 21:51 - 00000000 ____D () C:\Program Files (x86)\Combined Community Codec Pack
2014-03-22 11:13 - 2014-03-23 14:28 - 00000000 ____D () C:\Users\Greg\Desktop\pIKKß
2014-03-21 12:27 - 2014-04-09 00:07 - 00005552 _____ () C:\Windows\system32\SecureAssist.ini
2014-03-21 12:27 - 2014-04-09 00:07 - 00002504 _____ () C:\Windows\SysWOW64\SecureAssistOff.ini
2014-03-21 12:27 - 2014-04-09 00:07 - 00002504 _____ () C:\Windows\system32\SecureAssistOff.ini
2014-03-21 12:27 - 2014-03-21 12:27 - 00005696 _____ () C:\Windows\SysWOW64\SecureAssist.ini
2014-03-21 11:46 - 2014-03-21 11:46 - 00152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
==================== One Month Modified Files and Folders =======
2014-04-16 15:21 - 2014-04-10 16:14 - 00016977 _____ () C:\Users\Greg\Downloads\FRST.txt
2014-04-16 15:20 - 2014-04-16 15:20 - 00000000 ____D () C:\Users\Greg\Downloads\FRST-OlderVersion
2014-04-16 15:20 - 2014-04-10 16:33 - 00000000 ____D () C:\FRST
2014-04-16 15:20 - 2014-04-10 16:14 - 02158080 _____ (Farbar) C:\Users\Greg\Downloads\FRST64.exe
2014-04-16 15:17 - 2014-04-16 15:17 - 00987448 _____ () C:\Users\Greg\Downloads\SecurityCheck.exe
2014-04-16 15:12 - 2013-02-14 14:06 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\vlc
2014-04-16 15:02 - 2014-03-14 16:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-16 10:05 - 2012-09-18 00:11 - 01441244 _____ () C:\Windows\WindowsUpdate.log
2014-04-15 22:49 - 2009-07-14 06:51 - 00131393 _____ () C:\Windows\setupact.log
2014-04-15 22:47 - 2009-07-14 07:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-15 21:29 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-15 21:29 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-15 21:24 - 2014-04-15 21:24 - 02347384 _____ (ESET) C:\Users\Greg\Downloads\esetsmartinstaller_enu.exe
2014-04-15 21:23 - 2014-01-25 17:09 - 00000000 ___RD () C:\Users\Greg\Dropbox
2014-04-15 21:23 - 2013-07-13 10:10 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Dropbox
2014-04-15 21:22 - 2012-09-18 00:14 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-04-15 21:22 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-15 17:47 - 2012-09-18 00:14 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-04-15 17:36 - 2014-04-10 12:13 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-15 17:31 - 2009-07-14 07:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-14 11:54 - 2014-04-10 12:15 - 00000000 ____D () C:\Program Files (x86)\AVG2014
2014-04-12 11:18 - 2013-02-11 11:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-11 17:37 - 2014-04-11 17:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-11 13:16 - 2014-04-11 13:16 - 00000624 _____ () C:\Users\Greg\Desktop\JRT.txt
2014-04-11 13:10 - 2014-04-11 13:10 - 01016261 _____ (Thisisu) C:\Users\Greg\Downloads\JRT.exe
2014-04-11 13:05 - 2014-04-10 12:59 - 00000000 ____D () C:\AdwCleaner
2014-04-11 13:03 - 2014-04-11 13:03 - 01426178 _____ () C:\Users\Greg\Downloads\adwcleaner (1).exe
2014-04-11 12:57 - 2014-04-11 12:57 - 00001269 _____ () C:\Users\Greg\Downloads\mbam.txt
2014-04-11 12:48 - 2014-04-10 13:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-10 18:37 - 2014-04-10 18:36 - 00000000 ____D () C:\Users\Greg\Documents\Thunderbird
2014-04-10 17:59 - 2013-03-13 13:13 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-10 17:59 - 2013-02-12 22:27 - 00000000 ____D () C:\Program Files\Adobe
2014-04-10 17:59 - 2013-02-11 12:24 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-10 17:59 - 2013-02-11 11:57 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Adobe
2014-04-10 16:36 - 2014-04-10 16:36 - 00380416 _____ () C:\Users\Greg\Downloads\Gmer-19357.exe
2014-04-10 16:32 - 2014-04-10 16:32 - 00000168 _____ () C:\Users\Greg\defogger_reenable
2014-04-10 16:32 - 2013-02-11 05:56 - 00000000 ____D () C:\Users\Greg
2014-04-10 16:26 - 2013-02-11 11:58 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Mozilla
2014-04-10 16:22 - 2014-04-10 16:21 - 00035206 _____ () C:\Users\Greg\Downloads\Result.txt
2014-04-10 16:19 - 2014-04-10 16:18 - 00038599 _____ () C:\Users\Greg\Downloads\Addition.txt
2014-04-10 16:17 - 2014-04-10 16:17 - 00000000 ____D () C:\Program Files\Windows8FirewallControl
2014-04-10 16:17 - 2013-08-07 22:57 - 00000000 ____D () C:\Users\Greg\AppData\Local\CrashDumps
2014-04-10 14:50 - 2014-04-10 14:50 - 00000000 ____D () C:\Windows\ERUNT
2014-04-10 14:17 - 2014-04-04 22:07 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-04-10 14:17 - 2011-08-28 10:59 - 00495880 _____ () C:\Windows\PFRO.log
2014-04-10 13:13 - 2014-04-10 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 13:13 - 2014-04-10 13:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-10 13:13 - 2014-04-10 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Greg\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-10 13:11 - 2014-04-10 13:11 - 00613200 _____ (Chip Digital GmbH) C:\Users\Greg\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-04-10 12:31 - 2014-04-10 12:13 - 00000000 ____D () C:\Users\Greg\AppData\Local\Avg2014
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ___HD () C:\$AVG
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\TuneUp Software
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\AVG2014
2014-04-10 12:16 - 2014-04-10 12:16 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-10 12:13 - 2014-04-10 12:13 - 00000000 ____D () C:\Users\Greg\AppData\Local\MFAData
2014-04-10 12:07 - 2013-03-22 22:20 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-04-10 12:03 - 2014-04-10 12:03 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Auslogics
2014-04-10 00:15 - 2013-02-14 15:39 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\Thunderbird
2014-04-10 00:12 - 2014-04-09 00:02 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\zebNet
2014-04-09 00:12 - 2014-04-09 00:12 - 00000000 ____D () C:\Program Files (x86)\zebNet® Thunderbird Backup 2012
2014-04-09 00:12 - 2014-04-08 23:59 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-09 00:07 - 2014-03-21 12:27 - 00005552 _____ () C:\Windows\system32\SecureAssist.ini
2014-04-09 00:07 - 2014-03-21 12:27 - 00002504 _____ () C:\Windows\SysWOW64\SecureAssistOff.ini
2014-04-09 00:07 - 2014-03-21 12:27 - 00002504 _____ () C:\Windows\system32\SecureAssistOff.ini
2014-04-09 00:00 - 2013-02-14 15:39 - 00000000 ____D () C:\Users\Greg\AppData\Local\Thunderbird
2014-04-09 00:00 - 2013-02-14 15:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-08 23:59 - 2014-04-08 23:59 - 00001162 _____ () C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\zebNet® Backup for Thunderbird® TNG.lnk
2014-04-08 23:59 - 2014-04-08 23:59 - 00000000 ____D () C:\ProgramData\zebNet
2014-04-08 23:59 - 2014-04-08 23:59 - 00000000 ____D () C:\Program Files\zebNet
2014-04-08 23:55 - 2014-04-08 23:55 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2014-04-08 16:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-08 16:05 - 2014-04-08 23:55 - 00000830 _____ () C:\Users\Greg\Documents\indexfile.txt
2014-04-05 00:29 - 2014-04-05 00:29 - 00000000 ____D () C:\Users\Greg\.android
2014-04-04 23:07 - 2014-04-04 23:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-04-04 22:42 - 2014-04-04 22:07 - 00000000 ____D () C:\usb_driver
2014-04-04 22:31 - 2014-04-04 22:07 - 00067680 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusb0.dll
2014-04-04 22:31 - 2014-04-04 22:07 - 00052320 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusb0.sys
2014-04-04 22:19 - 2014-04-04 22:07 - 00238176 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusbK.dll
2014-04-04 22:19 - 2014-04-04 22:07 - 00170080 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusbK.dll
2014-04-04 22:19 - 2014-04-04 22:07 - 00076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusb0.dll
2014-04-04 22:19 - 2014-04-04 22:07 - 00047200 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusbK.sys
2014-04-04 22:07 - 2014-04-04 22:07 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2014-04-04 22:07 - 2014-04-04 22:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-04-04 22:07 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-04 21:55 - 2014-04-04 21:55 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-04-04 21:54 - 2014-04-04 21:54 - 00000000 ____D () C:\ProgramData\Samsung
2014-04-04 21:26 - 2014-04-04 21:26 - 00000000 ____D () C:\Users\Greg\AppData\Local\Downloaded Installations
2014-04-04 21:18 - 2014-04-04 21:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-03 09:51 - 2014-04-10 13:13 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-10 13:13 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-10 13:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 06:49 - 2014-04-05 00:31 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-03-31 06:49 - 2014-04-04 23:03 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2014-03-31 06:49 - 2014-04-04 23:03 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2014-03-31 06:49 - 2014-04-04 23:03 - 00109056 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00188232 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdm.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00169288 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadbus.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00158024 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadserd.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00021320 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdfl.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwhnt.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwh.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcmnt.sys
2014-03-31 06:48 - 2014-04-05 00:31 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcm.sys
2014-03-30 23:03 - 2013-02-14 14:08 - 00000000 ____D () C:\Users\Greg\AppData\Local\QuickPar
2014-03-30 22:31 - 2013-02-11 12:12 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\GrabIt
2014-03-27 11:36 - 2013-03-07 22:20 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\dvdcss
2014-03-25 21:52 - 2014-03-25 21:52 - 00000000 ____D () C:\Users\Greg\AppData\Roaming\MPC-HC
2014-03-25 21:51 - 2014-03-25 21:51 - 00000000 ____D () C:\Program Files (x86)\Combined Community Codec Pack
2014-03-23 14:28 - 2014-03-22 11:13 - 00000000 ____D () C:\Users\Greg\Desktop\pIKKß
2014-03-21 12:27 - 2014-03-21 12:27 - 00005696 _____ () C:\Windows\SysWOW64\SecureAssist.ini
2014-03-21 11:46 - 2014-03-21 11:46 - 00152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
Some content of TEMP:
====================
C:\Users\Greg\AppData\Local\Temp\amazonicon.exe
C:\Users\Greg\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Greg\AppData\Local\Temp\CMInstaller.exe
C:\Users\Greg\AppData\Local\Temp\Quarantine.exe
C:\Users\Greg\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Greg\AppData\Local\Temp\SpOrder.dll
C:\Users\Greg\AppData\Local\Temp\VSUSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-10 13:35
==================== End Of Log ============================
|
|
17.04.2014, 10:08
| #10 |
| /// the machine /// TB-Ausbilder | Win 7: Mozilla öffnet keine Seiten: Iminent-Adware/Virus/Toolbar Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Du kannst deine Freund herschicken wenn Sie Probleme haben Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.04.2014, 10:15
| #11 |
| | Win 7: Mozilla öffnet keine Seiten: Iminent-Adware/Virus/Toolbar Hallo nochmal! Also vielen Dank für deine Hilfe, damit ist das hier beendet. Beste Grüße, -zabbn- fixlog.txt: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-04-2014
Ran by Greg at 2014-04-17 11:10:26 Run:2
Running from C:\Users\Greg\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
*****************
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\DatamngrCoordinator.exe => Key deleted successfully.
==== End of Fixlog ====
|
|
18.04.2014, 09:45
| #12 |
| /// the machine /// TB-Ausbilder | Win 7: Mozilla öffnet keine Seiten: Iminent-Adware/Virus/Toolbar Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win 7: Mozilla öffnet keine Seiten: Iminent-Adware/Virus/Toolbar |
| 0x8007042, 4d36e972-e325-11ce-bfc1-08002be10318, adobe, appdatalow, avg, avg antivirus, cyanogen, desktop, dvdvideosoft ltd., failed, installation, mozilla, ntdll.dll, photoshop, pup.optional.adpeak.a, pup.optional.iminent.a, pup.optional.rapiddown, pup.optional.suprasavings.a, required, revo uninstaller, rr savings, rundll, svchost.exe, system, usb, windows |
Linear-Darstellung
