| nixgehtmehr | 20.11.2013 12:20 |
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 23:07 on 19/11/2013 (Tobi)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013
Ran by Tobi (administrator) on TOBI-PC on 19-11-2013 22:52:10
Running from C:\Users\Tobi\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE
() C:\Program Files (x86)\SpotifyRemotelessHelper\SpotifyRemotelessHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE
() C:\Users\Tobi\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Tobi\Downloads\Defogger.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4123 2012-01-20] ()
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE [7138816 2012-06-15] (Broadcom Corporation)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [InstantUpdate] - C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [124520 2012-04-06] ()
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE [241280 2012-12-10] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [RemotelessHelper] - C:\Program Files (x86)\SpotifyRemotelessHelper\SpotifyRemotelessHelper.exe [2315264 2012-04-26] ()
HKCU\...\Run: [EPLTarget\P0000000000000001] - C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE [241280 2012-12-10] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [AmazonMP3DownloaderHelper] - C:\Users\Tobi\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-23] (Dritek System Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [684024 2012-10-17] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2013-09-23] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] ()
HKU\Gast\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE [241280 2012-12-10] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [245432 2012-12-03] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll [201136 2012-12-03] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8zlqmqeod.lnk
ShortcutTarget: 8zlqmqeod.lnk -> C:\PROGRA~3\doeqmqlz8.dss (No File)
Startup: C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {62236E59-4749-459D-B9C6-EFA5582264F3} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {732F1B53-007D-4941-B6BA-EC6EF3C0F118} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {CCDF1723-60F2-4FC1-8D69-B49E4F597F7D} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {F3223A89-69A8-42FA-B0FF-DC52FA3A7694} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121010160507.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121010160507.dll No File
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{086590FE-6C6E-44E5-A204-BAD2ECE09D1A}: [NameServer]190.14.36.90,206.214.214.28
Chrome:
=======
CHR RestoreOnStartup: "urls_to_restore_on_startup": null
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0
CHR Extension: (Google Wallet) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-11-17] (Adobe Systems)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE [48128 2012-06-15] (Broadcom Corporation)
==================== Drivers (Whitelisted) ====================
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-09-05] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-03-21] (Broadcom Corporation.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-19 22:52 - 2013-11-19 22:52 - 00018511 _____ C:\Users\Tobi\Downloads\FRST.txt
2013-11-19 22:51 - 2013-11-19 22:51 - 00000470 _____ C:\Users\Tobi\Downloads\defogger_disable.log
2013-11-19 22:51 - 2013-11-19 22:51 - 00000000 ____D C:\FRST
2013-11-19 22:51 - 2013-11-19 22:51 - 00000000 _____ C:\Users\Tobi\defogger_reenable
2013-11-19 22:50 - 2013-11-19 22:50 - 01957964 _____ (Farbar) C:\Users\Tobi\Downloads\FRST64.exe
2013-11-19 22:50 - 2013-11-19 22:50 - 00377856 _____ C:\Users\Tobi\Downloads\gmer_2.1.19163.exe
2013-11-19 22:49 - 2013-11-19 22:49 - 00050477 _____ C:\Users\Tobi\Downloads\Defogger.exe
2013-11-19 22:44 - 2013-11-19 22:45 - 05146522 _____ (Swearware) C:\Users\Tobi\Downloads\ComboFix.exe
2013-11-19 22:44 - 2013-11-19 22:44 - 01085542 _____ C:\Users\Tobi\Downloads\adwcleaner (1).exe
2013-11-19 22:44 - 2013-11-19 22:44 - 01034531 _____ (Thisisu) C:\Users\Tobi\Downloads\JRT.exe
2013-11-19 22:44 - 2013-11-19 22:44 - 00602112 _____ (OldTimer Tools) C:\Users\Tobi\Downloads\OTL.exe
2013-11-19 17:56 - 2013-11-19 17:56 - 02347384 _____ (ESET) C:\Users\Tobi\Downloads\esetsmartinstaller_enu.exe
2013-11-19 17:56 - 2013-11-19 17:56 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-19 17:51 - 2013-11-19 17:52 - 00000000 ____D C:\AdwCleaner
2013-11-19 17:50 - 2013-11-19 17:50 - 01085542 _____ C:\Users\Tobi\Downloads\adwcleaner.exe
2013-11-19 17:46 - 2013-11-19 17:46 - 00027961 _____ C:\ComboFix.txt
2013-11-19 17:29 - 2013-11-19 17:46 - 00000000 ____D C:\Qoobox
2013-11-19 17:29 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-19 17:29 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-19 17:29 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-19 17:29 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-19 17:29 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-19 17:29 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-19 17:29 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-19 17:29 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-19 17:28 - 2013-11-19 17:44 - 00000000 ____D C:\Windows\erdnt
2013-11-19 17:27 - 2013-11-19 17:28 - 00000000 ____D C:\Users\Tobi\AppData\Roaming\GetRightToGo
2013-11-18 19:43 - 2013-11-18 19:43 - 00000000 ____D C:\Users\Gast\Documents\Bluetooth-Exchange-Ordner
2013-11-18 19:43 - 2013-11-18 19:43 - 00000000 ____D C:\Users\Gast\AppData\Local\Broadcom
2013-11-17 11:39 - 2013-11-17 12:41 - 2147484841 _____ C:\Users\Tobi\Downloads\ADBEAudition_loopolgy.7z
2013-11-17 11:39 - 2013-11-17 11:39 - 01085512 _____ (Adobe Systems Incorporated) C:\Users\Tobi\Downloads\ADBEAudition_loopolgy (1).exe
2013-11-17 11:16 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-11-17 11:16 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-11-17 11:16 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-11-17 11:16 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-11-17 11:16 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-11-17 11:16 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-11-17 11:16 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-11-17 01:40 - 2013-11-17 01:40 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-11-17 01:40 - 2004-08-17 02:40 - 00016384 _____ C:\Windows\SysWOW64\FileOps.exe
2013-11-17 01:36 - 2013-11-17 01:37 - 00000000 ____D C:\AI_CS2_GR_NonRet
2013-11-17 01:12 - 2013-11-17 01:27 - 369959872 _____ (Adobe Systems Incorporated) C:\Users\Tobi\Downloads\ADBEAudition_ESD1_WWEFGJIS.exe
2013-11-17 01:12 - 2013-11-17 01:12 - 01085512 _____ (Adobe Systems Incorporated) C:\Users\Tobi\Downloads\ADBEAudition_loopolgy.exe
2013-11-17 01:11 - 2013-11-17 01:11 - 00000000 ____D C:\Users\Tobi\Documents\Updater
2013-11-17 01:10 - 2013-11-17 01:34 - 686230268 _____ (Adobe Systems Inc. ) C:\Users\Tobi\Downloads\AI_CS2_GR_NonRet.exe
2013-11-17 01:09 - 2013-11-17 01:09 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF
2013-11-17 01:03 - 2013-11-17 01:03 - 00000000 ____D C:\PS_CS2_Gr_NonRet
2013-11-17 00:57 - 2013-11-17 01:03 - 375232764 _____ (Adobe Systems Inc. ) C:\Users\Tobi\Downloads\PS_CS2_Gr_NonRet.exe
2013-11-16 23:37 - 2013-11-16 23:37 - 00000000 ____D C:\Users\Tobi\AppData\Local\{D9FBB0AD-5DB4-4CEE-BA84-E31432CFE26C}
2013-11-16 15:09 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-16 15:09 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-16 15:09 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-16 15:09 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-16 15:09 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-16 15:09 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-16 15:09 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-16 15:09 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-16 15:09 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-16 15:09 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-16 15:09 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-16 15:09 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-16 15:09 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-16 15:09 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-16 15:09 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-16 15:09 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-16 15:09 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-14 16:11 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 16:11 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 16:11 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 16:11 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 16:11 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 16:11 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 16:09 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 16:09 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 16:09 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 16:09 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 16:09 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 16:09 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 16:09 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 09:47 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-13 09:42 - 2013-11-13 09:42 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-13 09:42 - 2013-11-13 09:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-13 09:42 - 2013-11-13 09:42 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-13 09:42 - 2013-11-13 09:42 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-13 09:42 - 2013-11-13 09:42 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-13 09:42 - 2013-11-13 09:42 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-13 09:42 - 2013-11-13 09:42 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-13 09:42 - 2013-11-13 09:42 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-13 09:42 - 2013-11-13 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-13 09:42 - 2013-11-13 09:42 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-13 09:42 - 2013-11-13 09:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-13 09:40 - 2013-11-13 09:47 - 00010931 _____ C:\Windows\IE11_main.log
2013-11-12 21:26 - 2013-11-12 21:26 - 00000000 ____D C:\Users\Tobi\Downloads\rjez9.The.Sound.You.Need.Part.2FL
2013-11-12 21:25 - 2013-09-22 05:10 - 00000000 ____D C:\Users\Tobi\Downloads\The.Sound.You.Need.Part.2-FiLELiST
2013-11-11 12:52 - 2013-11-11 12:52 - 00000000 ____D C:\Users\Tobi\Documents\Bluetooth-Exchange-Ordner
2013-11-11 12:52 - 2013-11-11 12:52 - 00000000 ____D C:\Users\Tobi\AppData\Local\Broadcom
2013-11-11 12:48 - 2013-11-11 12:48 - 00000291 _____ C:\ProgramData\8zlqmqeod.reg
2013-11-11 12:47 - 2013-11-11 12:48 - 95025368 ____T C:\ProgramData\8zlqmqeod.bxx
2013-11-11 12:47 - 2013-11-11 12:47 - 00000000 _____ C:\ProgramData\8zlqmqeod.fvv
2013-11-07 18:06 - 2013-11-07 18:06 - 01831742 _____ C:\Users\Tobi\Downloads\VID-20131105-WA0000.mp4
2013-11-04 19:30 - 2013-11-04 19:30 - 00000000 ____D C:\Users\Tobi\AppData\Roaming\Thunderbird
2013-11-04 19:30 - 2013-11-04 19:30 - 00000000 ____D C:\Users\Tobi\AppData\Roaming\Mozilla
2013-11-04 19:30 - 2013-11-04 19:30 - 00000000 ____D C:\Users\Tobi\AppData\Local\Thunderbird
2013-11-04 19:29 - 2013-11-04 19:29 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-25 20:36 - 2013-10-25 20:36 - 00000000 ____D C:\Users\Tobi\AppData\Roaming\mresreg
2013-10-25 20:33 - 2013-11-04 19:37 - 00000000 ____D C:\Program Files (x86)\HomepageFIX2013
2013-10-25 20:32 - 2013-10-25 20:32 - 00000000 ____D C:\Program Files (x86)\mresreg
==================== One Month Modified Files and Folders =======
2013-11-19 22:52 - 2013-11-19 22:52 - 00018511 _____ C:\Users\Tobi\Downloads\FRST.txt
2013-11-19 22:51 - 2013-11-19 22:51 - 00000470 _____ C:\Users\Tobi\Downloads\defogger_disable.log
2013-11-19 22:51 - 2013-11-19 22:51 - 00000000 ____D C:\FRST
2013-11-19 22:51 - 2013-11-19 22:51 - 00000000 _____ C:\Users\Tobi\defogger_reenable
2013-11-19 22:51 - 2012-10-10 08:50 - 00000000 ____D C:\Users\Tobi
2013-11-19 22:50 - 2013-11-19 22:50 - 01957964 _____ (Farbar) C:\Users\Tobi\Downloads\FRST64.exe
2013-11-19 22:50 - 2013-11-19 22:50 - 00377856 _____ C:\Users\Tobi\Downloads\gmer_2.1.19163.exe
2013-11-19 22:50 - 2012-06-15 12:09 - 01383170 _____ C:\Windows\WindowsUpdate.log
2013-11-19 22:49 - 2013-11-19 22:49 - 00050477 _____ C:\Users\Tobi\Downloads\Defogger.exe
2013-11-19 22:45 - 2013-11-19 22:44 - 05146522 _____ (Swearware) C:\Users\Tobi\Downloads\ComboFix.exe
2013-11-19 22:44 - 2013-11-19 22:44 - 01085542 _____ C:\Users\Tobi\Downloads\adwcleaner (1).exe
2013-11-19 22:44 - 2013-11-19 22:44 - 01034531 _____ (Thisisu) C:\Users\Tobi\Downloads\JRT.exe
2013-11-19 22:44 - 2013-11-19 22:44 - 00602112 _____ (OldTimer Tools) C:\Users\Tobi\Downloads\OTL.exe
2013-11-19 22:39 - 2012-10-10 11:40 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-19 22:39 - 2012-10-10 11:40 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-19 22:39 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-19 22:39 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-19 17:58 - 2012-06-15 22:02 - 00696870 _____ C:\Windows\system32\perfh007.dat
2013-11-19 17:58 - 2012-06-15 22:02 - 00148134 _____ C:\Windows\system32\perfc007.dat
2013-11-19 17:58 - 2009-07-14 06:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-19 17:56 - 2013-11-19 17:56 - 02347384 _____ (ESET) C:\Users\Tobi\Downloads\esetsmartinstaller_enu.exe
2013-11-19 17:56 - 2013-11-19 17:56 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-19 17:54 - 2012-12-13 09:13 - 00000286 _____ C:\Windows\TWAIN.LOG
2013-11-19 17:54 - 2012-12-13 09:13 - 00000156 _____ C:\Windows\Twunk001.MTX
2013-11-19 17:54 - 2012-12-13 09:13 - 00000004 _____ C:\Windows\Twain001.Mtx
2013-11-19 17:53 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-19 17:53 - 2009-07-14 05:51 - 00011984 _____ C:\Windows\setupact.log
2013-11-19 17:52 - 2013-11-19 17:51 - 00000000 ____D C:\AdwCleaner
2013-11-19 17:50 - 2013-11-19 17:50 - 01085542 _____ C:\Users\Tobi\Downloads\adwcleaner.exe
2013-11-19 17:46 - 2013-11-19 17:46 - 00027961 _____ C:\ComboFix.txt
2013-11-19 17:46 - 2013-11-19 17:29 - 00000000 ____D C:\Qoobox
2013-11-19 17:46 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2013-11-19 17:44 - 2013-11-19 17:28 - 00000000 ____D C:\Windows\erdnt
2013-11-19 17:41 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-11-19 17:40 - 2010-11-21 04:47 - 00077660 _____ C:\Windows\PFRO.log
2013-11-19 17:40 - 2009-07-14 03:34 - 79167488 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-11-19 17:40 - 2009-07-14 03:34 - 44040192 _____ C:\Windows\system32\config\COMPONENTS.bak
2013-11-19 17:40 - 2009-07-14 03:34 - 24117248 _____ C:\Windows\system32\config\SYSTEM.bak
2013-11-19 17:40 - 2009-07-14 03:34 - 00786432 _____ C:\Windows\system32\config\DEFAULT.bak
2013-11-19 17:40 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2013-11-19 17:40 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2013-11-19 17:28 - 2013-11-19 17:27 - 00000000 ____D C:\Users\Tobi\AppData\Roaming\GetRightToGo
2013-11-19 17:09 - 2013-01-24 21:07 - 00000000 ____D C:\ProgramData\MFAData
2013-11-18 22:59 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-11-18 19:43 - 2013-11-18 19:43 - 00000000 ____D C:\Users\Gast\Documents\Bluetooth-Exchange-Ordner
2013-11-18 19:43 - 2013-11-18 19:43 - 00000000 ____D C:\Users\Gast\AppData\Local\Broadcom
2013-11-18 19:43 - 2012-11-27 09:44 - 00090120 _____ C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-18 19:43 - 2012-11-27 09:44 - 00001425 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-18 19:43 - 2012-11-27 09:44 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-18 19:43 - 2012-11-27 09:44 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-17 20:49 - 2012-10-28 19:39 - 00000000 ____D C:\Users\Tobi\AppData\Local\Spotify
2013-11-17 20:49 - 2012-10-28 19:38 - 00000000 ____D C:\Users\Tobi\AppData\Roaming\Spotify
2013-11-17 12:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-17 12:41 - 2013-11-17 11:39 - 2147484841 _____ C:\Users\Tobi\Downloads\ADBEAudition_loopolgy.7z
2013-11-17 11:39 - 2013-11-17 11:39 - 01085512 _____ (Adobe Systems Incorporated) C:\Users\Tobi\Downloads\ADBEAudition_loopolgy (1).exe
2013-11-17 11:02 - 2012-10-10 08:51 - 00090120 _____ C:\Users\Tobi\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-17 11:01 - 2009-07-14 05:45 - 02294248 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-17 01:40 - 2013-11-17 01:40 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-11-17 01:40 - 2012-03-26 08:00 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-11-17 01:37 - 2013-11-17 01:36 - 00000000 ____D C:\AI_CS2_GR_NonRet
2013-11-17 01:34 - 2013-11-17 01:10 - 686230268 _____ (Adobe Systems Inc. ) C:\Users\Tobi\Downloads\AI_CS2_GR_NonRet.exe
2013-11-17 01:27 - 2013-11-17 01:12 - 369959872 _____ (Adobe Systems Incorporated) C:\Users\Tobi\Downloads\ADBEAudition_ESD1_WWEFGJIS.exe
2013-11-17 01:15 - 2012-10-14 15:48 - 00000000 ____D C:\Users\Tobi\Desktop\Uni
2013-11-17 01:12 - 2013-11-17 01:12 - 01085512 _____ (Adobe Systems Incorporated) C:\Users\Tobi\Downloads\ADBEAudition_loopolgy.exe
2013-11-17 01:11 - 2013-11-17 01:11 - 00000000 ____D C:\Users\Tobi\Documents\Updater
2013-11-17 01:11 - 2012-10-12 14:43 - 00000000 ____D C:\Users\Tobi\AppData\Local\Adobe
2013-11-17 01:11 - 2012-10-10 09:13 - 00000000 ____D C:\Users\Tobi\AppData\Roaming\Adobe
2013-11-17 01:09 - 2013-11-17 01:09 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF
2013-11-17 01:09 - 2012-10-10 08:54 - 00000000 ___RD C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-17 01:08 - 2012-03-26 08:01 - 00000000 ____D C:\ProgramData\Adobe
2013-11-17 01:03 - 2013-11-17 01:03 - 00000000 ____D C:\PS_CS2_Gr_NonRet
2013-11-17 01:03 - 2013-11-17 00:57 - 375232764 _____ (Adobe Systems Inc. ) C:\Users\Tobi\Downloads\PS_CS2_Gr_NonRet.exe
2013-11-16 23:44 - 2013-10-10 09:32 - 00000000 ____D C:\Users\Tobi\Desktop\USB Stick
2013-11-16 23:37 - 2013-11-16 23:37 - 00000000 ____D C:\Users\Tobi\AppData\Local\{D9FBB0AD-5DB4-4CEE-BA84-E31432CFE26C}
2013-11-16 21:59 - 2012-10-10 08:55 - 00001425 _____ C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-16 21:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-16 15:06 - 2012-10-10 09:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-16 15:04 - 2013-07-21 09:10 - 00000000 ____D C:\Windows\system32\MRT
2013-11-16 13:44 - 2012-11-27 14:43 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-13 13:55 - 2013-10-09 09:49 - 00000000 ___RD C:\Users\Tobi\Dropbox
2013-11-13 13:54 - 2013-10-09 07:07 - 00000000 ____D C:\Users\Tobi\AppData\Roaming\Dropbox
2013-11-13 09:47 - 2013-11-13 09:40 - 00010931 _____ C:\Windows\IE11_main.log
2013-11-13 09:42 - 2013-11-13 09:42 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-13 09:42 - 2013-11-13 09:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-13 09:42 - 2013-11-13 09:42 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-13 09:42 - 2013-11-13 09:42 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-13 09:42 - 2013-11-13 09:42 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-13 09:42 - 2013-11-13 09:42 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-13 09:42 - 2013-11-13 09:42 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-13 09:42 - 2013-11-13 09:42 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-13 09:42 - 2013-11-13 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-13 09:42 - 2013-11-13 09:42 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-13 09:42 - 2013-11-13 09:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-13 09:42 - 2013-11-13 09:42 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-13 09:42 - 2013-11-13 09:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-12 21:26 - 2013-11-12 21:26 - 00000000 ____D C:\Users\Tobi\Downloads\rjez9.The.Sound.You.Need.Part.2FL
2013-11-12 12:44 - 2009-07-14 03:34 - 00000510 _____ C:\Windows\win.ini
2013-11-11 12:52 - 2013-11-11 12:52 - 00000000 ____D C:\Users\Tobi\Documents\Bluetooth-Exchange-Ordner
2013-11-11 12:52 - 2013-11-11 12:52 - 00000000 ____D C:\Users\Tobi\AppData\Local\Broadcom
2013-11-11 12:48 - 2013-11-11 12:48 - 00000291 _____ C:\ProgramData\8zlqmqeod.reg
2013-11-11 12:48 - 2013-11-11 12:47 - 95025368 ____T C:\ProgramData\8zlqmqeod.bxx
2013-11-11 12:47 - 2013-11-11 12:47 - 00000000 _____ C:\ProgramData\8zlqmqeod.fvv
2013-11-11 12:34 - 2012-10-10 14:23 - 00000000 ____D C:\Users\Tobi\AppData\Roaming\Skype
2013-11-07 18:06 - 2013-11-07 18:06 - 01831742 _____ C:\Users\Tobi\Downloads\VID-20131105-WA0000.mp4
2013-11-06 18:05 - 2012-11-12 21:09 - 00000000 ____D C:\Users\Tobi\Documents\BarföG
2013-11-04 19:37 - 2013-10-25 20:33 - 00000000 ____D C:\Program Files (x86)\HomepageFIX2013
2013-11-04 19:30 - 2013-11-04 19:30 - 00000000 ____D C:\Users\Tobi\AppData\Roaming\Thunderbird
2013-11-04 19:30 - 2013-11-04 19:30 - 00000000 ____D C:\Users\Tobi\AppData\Roaming\Mozilla
2013-11-04 19:30 - 2013-11-04 19:30 - 00000000 ____D C:\Users\Tobi\AppData\Local\Thunderbird
2013-11-04 19:29 - 2013-11-04 19:29 - 00000000 ____D C:\ProgramData\Mozilla
2013-11-01 12:37 - 2012-10-12 01:49 - 00000000 ____D C:\Users\Tobi\AppData\Roaming\vlc
2013-11-01 11:56 - 2013-10-09 07:08 - 00000000 ____D C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-10-27 19:22 - 2013-02-08 11:05 - 00000000 ____D C:\Users\Tobi\Documents\Tobi
2013-10-25 20:36 - 2013-10-25 20:36 - 00000000 ____D C:\Users\Tobi\AppData\Roaming\mresreg
2013-10-25 20:32 - 2013-10-25 20:32 - 00000000 ____D C:\Program Files (x86)\mresreg
Files to move or delete:
====================
C:\ProgramData\8zlqmqeod.bxx
C:\ProgramData\8zlqmqeod.fvv
C:\ProgramData\8zlqmqeod.reg
Some content of TEMP:
====================
C:\Users\Tobi\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-11 20:34
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2013
Ran by Tobi at 2013-11-19 22:52:52
Running from C:\Users\Tobi\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
clear.fi SDK - MVP 2 (x32 Version: 2.0.1505)
clear.fi SDK- Movie 2 (x32 Version: 2.0.1502)
Acer Backup Manager (x32 Version: 3.0.0.100)
Acer Crystal Eye Webcam (x32 Version: 1.5.2108.00)
Acer ePower Management (x32 Version: 6.00.3010)
Acer eRecovery Management (x32 Version: 5.00.3507)
Acer Instant Update Service (Version: 1.00.3004)
Acer ScreenSaver (x32 Version: 20.11.1107.1418)
Acer Updater (x32 Version: 1.02.3501)
Adobe AIR (x32 Version: 2.6.0.19120)
Adobe Bridge 1.0 (x32 Version: 001.000.001)
Adobe Common File Installer (x32 Version: 1.00.001)
Adobe Flash Player 11 ActiveX (x32 Version: 11.5.502.135)
Adobe Help Center 1.0 (x32 Version: 1.0.1)
Adobe Illustrator CS2 (x32 Version: 12.000.000)
Adobe Photoshop CS2 (x32 Version: 9.0)
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1)
Adobe SVG Viewer 3.0 (x32 Version: 3.0)
Age of Mythology (x32)
Amazon MP3-Downloader 1.0.18 (HKCU Version: 1.0.18)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
AVG 2013 (Version: 13.0.3426)
AVG 2013 (Version: 13.0.3629)
AVG 2013 (Version: 2013.0.3426)
Backup Manager V3 (x32 Version: 3.0.0.100)
Benutzerhandbuch EPSON BX535WD Series (x32)
Bonjour (Version: 3.0.0.10)
Broadcom Card Reader Driver Installer (Version: 15.0.7.2)
Broadcom NetLink Controller (Version: 15.0.7.1)
Broadcom Wireless Utility (Version: 5.100.82.120)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.01065)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.01065)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
clear.fi Media (x32 Version: 2.00.3004)
clear.fi Photo (x32 Version: 2.00.3004)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dolby Home Theater v4 (x32 Version: 7.2.7000.7)
Download Navigator (x32 Version: 1.1.0)
Dropbox (HKCU Version: 2.4.5)
ElsterFormular (x32 Version: 14.1.11318)
EPSON BX535WD Series Printer Uninstall
Epson Easy Photo Print 2 (x32 Version: 2.3.0.0)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (x32 Version: 1.00.0000)
Epson Event Manager (x32 Version: 2.50.0001)
EPSON Scan (x32)
EpsonNet Print (x32 Version: 2.4j)
ESET Online Scanner v3 (x32)
ETDWare PS/2-X64 10.6.9.9_WHQL (Version: 10.6.9.9)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Galerie foto Windows Live (x32 Version: 15.4.3502.0922)
Google Chrome (x32 Version: 31.0.1650.57)
Google Update Helper (x32 Version: 1.3.21.165)
Identity Card (x32 Version: 1.00.3501)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 8.0.2.1410)
Intel(R) Rapid Storage Technology (x32 Version: 11.1.0.1006)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
iTunes (Version: 11.1.1.11)
Java 7 Update 13 (x32 Version: 7.0.130)
Java Auto Updater (x32 Version: 2.1.9.0)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Launch Manager (x32 Version: 5.1.15)
League of Legends (x32 Version: 1.3)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Access MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Groove MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Language Pack 2010 - Spanish/Español (x32 Version: 14.0.7015.1000)
Microsoft Office O MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Basque) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Catalan) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Galician) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Portuguese (Brazil)) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office SharePoint Designer MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Word MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office X MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML4 Parser (x32 Version: 1.0.0)
MyWinLocker (Version: 4.0.14.27)
MyWinLocker 4 (x32 Version: 4.0.14.27)
MyWinLocker Suite (x32 Version: 4.0.14.19)
Netzwerkhandbuch EPSON BX535WD Series (x32)
NTI Media Maker 9 (x32 Version: 9.0.2.9006)
NVIDIA Grafiktreiber 310.70 (Version: 310.70)
NVIDIA Install Application (Version: 2.1002.95.599)
NVIDIA Optimus 1.11.3 (Version: 1.11.3)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Systemsteuerung 310.70 (Version: 310.70)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
Project64 1.6 (x32 Version: 1.6)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6543)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (x32)
Shared C Run-time for x64 (Version: 10.0.0)
Shredder (Version: 2.0.8.9)
Shredder (x32 Version: 2.0.8.9)
Skype™ 6.3 (x32 Version: 6.3.105)
SleepTimer Ultimate 1.11 (x32)
Spotify (HKCU Version: 0.9.6.72.ge389c074)
System Requirements Lab for Intel (x32 Version: 4.5.13.0)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.5 (Version: 2.5.1.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.5 (Version: 2.0.5)
Welcome Center (x32 Version: 1.02.3507)
WIDCOMM Bluetooth Software (Version: 6.5.1.2610)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)
Почта Windows Live (x32 Version: 15.4.3502.0922)
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)
بريد Windows Live (x32 Version: 15.4.3502.0922)
معرض صور Windows Live (x32 Version: 15.4.3502.0922)
==================== Restore Points =========================
17-11-2013 00:08:03 Adobe Photoshop CS2 wird installiert
17-11-2013 00:39:37 Adobe Illustrator CS2 wird installiert
17-11-2013 00:42:41 Windows Update
17-11-2013 20:29:28 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2013-11-19 17:41 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0AB7AB92-3616-4D1C-A0B5-F41EBC80F70E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-10] (Google Inc.)
Task: {2FF74785-5A88-476A-A009-688D847C890E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-10] (Google Inc.)
Task: {4F707023-F4AC-490C-AC96-6ECE341A3A6A} - System32\Tasks\IntelBootstrapCCDashServer => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
Task: {852DF4B3-3BC3-407D-A55B-93FB8D084EB0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {8FCCD5FC-865A-49C0-8A55-FF5E70DD5FA1} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PmmUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {AB61133F-D7B5-4CC2-A715-70342F2380C6} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {CF96B66F-A346-46F7-962B-1D5510F159F4} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {DC486354-47CF-4052-AE80-6927A3A7FB79} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-02-07] (Acer Incorporated)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
==================== Loaded Modules (whitelisted) =============
2012-05-14 11:29 - 2012-03-27 01:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-27 20:33 - 2012-08-27 20:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 20:33 - 2012-08-27 20:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 00465344 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 01081368 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 00125464 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2013-11-16 15:11 - 2013-11-14 12:28 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
2013-11-16 15:11 - 2013-11-14 12:28 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libegl.dll
2013-11-16 15:11 - 2013-11-14 12:29 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll
2013-11-16 15:11 - 2013-11-14 12:29 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
2013-11-16 15:11 - 2013-11-14 12:28 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
2013-08-27 17:29 - 2013-08-27 17:29 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\67f2d87ba056e1075fce76a8c50bb57e\IsdiInterop.ni.dll
2012-03-26 07:37 - 2012-02-02 00:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-06-15 12:25 - 2012-02-08 02:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/19/2013 10:50:08 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/19/2013 06:01:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2013
Error: (11/19/2013 06:01:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2013
Error: (11/19/2013 06:01:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/19/2013 06:01:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014
Error: (11/19/2013 06:01:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1014
Error: (11/19/2013 06:01:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/19/2013 05:56:43 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/19/2013 05:56:41 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/19/2013 05:54:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (11/19/2013 05:54:02 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (11/19/2013 05:52:54 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (11/19/2013 05:49:13 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (11/19/2013 05:47:43 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (11/19/2013 05:41:23 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (11/19/2013 05:40:11 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (11/19/2013 05:39:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (11/19/2013 05:39:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Error: (11/19/2013 05:39:45 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (11/19/2013 05:39:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126
Microsoft Office Sessions:
=========================
Error: (11/19/2013 10:50:08 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Tobi\Downloads\esetsmartinstaller_enu.exe
Error: (11/19/2013 06:01:03 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2013
Error: (11/19/2013 06:01:03 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2013
Error: (11/19/2013 06:01:03 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/19/2013 06:01:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014
Error: (11/19/2013 06:01:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1014
Error: (11/19/2013 06:01:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/19/2013 05:56:43 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Tobi\Downloads\esetsmartinstaller_enu.exe
Error: (11/19/2013 05:56:41 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Tobi\Downloads\esetsmartinstaller_enu.exe
Error: (11/19/2013 05:54:19 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2013-11-19 17:38:59.563
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-19 17:38:59.515
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 37%
Total physical RAM: 8030.36 MB
Available physical RAM: 4993.91 MB
Total Pagefile: 16058.89 MB
Available Pagefile: 12797.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:680.54 GB) (Free:513.46 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 20F8778A)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=681 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-11-19 23:02:53
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.JE4O 698,64GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Tobi\AppData\Local\Temp\kwldipod.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe[2368] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000779f1465 2 bytes [9F, 77]
.text C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe[2368] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000779f14bb 2 bytes [9F, 77]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2564] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000779f1465 2 bytes [9F, 77]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2564] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000779f14bb 2 bytes [9F, 77]
.text ... * 2
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2648] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000779f1465 2 bytes [9F, 77]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2648] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000779f14bb 2 bytes [9F, 77]
.text ... * 2
.text C:\Program Files (x86)\SpotifyRemotelessHelper\SpotifyRemotelessHelper.exe[4260] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000779f1465 2 bytes [9F, 77]
.text C:\Program Files (x86)\SpotifyRemotelessHelper\SpotifyRemotelessHelper.exe[4260] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000779f14bb 2 bytes [9F, 77]
.text ... * 2
.text C:\Users\Tobi\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000779f1465 2 bytes [9F, 77]
.text C:\Users\Tobi\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000779f14bb 2 bytes [9F, 77]
.text ... * 2
.text C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe[4964] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000779f1465 2 bytes [9F, 77]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe[4964] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000779f14bb 2 bytes [9F, 77]
.text ... * 2
.text C:\Program Files (x86)\Launch Manager\LManager.exe[5000] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000779f1465 2 bytes [9F, 77]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[5000] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000779f14bb 2 bytes [9F, 77]
.text ... * 2
.text C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe[4456] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000779f1465 2 bytes [9F, 77]
.text C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe[4456] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000779f14bb 2 bytes [9F, 77]
.text ... * 2
.text C:\Program Files (x86)\AVG\AVG2013\avgui.exe[4420] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000779f1465 2 bytes [9F, 77]
.text C:\Program Files (x86)\AVG\AVG2013\avgui.exe[4420] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000779f14bb 2 bytes [9F, 77]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000779f1465 2 bytes [9F, 77]
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000779f14bb 2 bytes [9F, 77]
.text ... * 2
.text C:\Windows\SysWOW64\RunDll32.exe[5692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000779f1465 2 bytes [9F, 77]
.text C:\Windows\SysWOW64\RunDll32.exe[5692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000779f14bb 2 bytes [9F, 77]
.text ... * 2
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[6492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000779f1465 2 bytes [9F, 77]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[6492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000779f14bb 2 bytes [9F, 77]
.text ... * 2
.text C:\Users\Tobi\Downloads\Defogger.exe[7300] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000779f1465 2 bytes [9F, 77]
.text C:\Users\Tobi\Downloads\Defogger.exe[7300] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000779f14bb 2 bytes [9F, 77]
.text ... * 2
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{F63BC6D4-A096-4BB7-B136-F2521B359960}\Connection@Name isatap.{5565742D-89DB-49D6-8057-68386A321049}
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind \Device\{B462BB35-3C71-4283-96B6-B98C33E40B92}?\Device\{F63BC6D4-A096-4BB7-B136-F2521B359960}?\Device\{842BEE08-5368-4829-8A12-E0C2E9CF3193}?\Device\{434FB1A0-EBE8-4B92-8211-1C6B273C745E}?\Device\{73C9EDFC-8E26-4AF9-B800-65C17C399B70}?\Device\{B35F0FE5-7808-4620-8A21-C9515B8AD4FD}?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route "{B462BB35-3C71-4283-96B6-B98C33E40B92}"?"{F63BC6D4-A096-4BB7-B136-F2521B359960}"?"{842BEE08-5368-4829-8A12-E0C2E9CF3193}"?"{434FB1A0-EBE8-4B92-8211-1C6B273C745E}"?"{73C9EDFC-8E26-4AF9-B800-65C17C399B70}"?"{B35F0FE5-7808-4620-8A21-C9515B8AD4FD}"?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export \Device\TCPIP6TUNNEL_{B462BB35-3C71-4283-96B6-B98C33E40B92}?\Device\TCPIP6TUNNEL_{F63BC6D4-A096-4BB7-B136-F2521B359960}?\Device\TCPIP6TUNNEL_{842BEE08-5368-4829-8A12-E0C2E9CF3193}?\Device\TCPIP6TUNNEL_{434FB1A0-EBE8-4B92-8211-1C6B273C745E}?\Device\TCPIP6TUNNEL_{73C9EDFC-8E26-4AF9-B800-65C17C399B70}?\Device\TCPIP6TUNNEL_{B35F0FE5-7808-4620-8A21-C9515B8AD4FD}?
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\08edb9f7c310
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{F63BC6D4-A096-4BB7-B136-F2521B359960}@InterfaceName isatap.{5565742D-89DB-49D6-8057-68386A321049}
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{F63BC6D4-A096-4BB7-B136-F2521B359960}@ReusableType 0
Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch2@Epoch 13645
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\08edb9f7c310 (not active ControlSet)
---- EOF - GMER 2.1 ----
|
So funktioniert es:
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
