FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-05-2014 1
Ran by Larissa (administrator) on SAMSUNG on 24-05-2014 16:19:15
Running from C:\Users\Larissa\Desktop
Platform: Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Smartbar) C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Luxand, Inc.) C:\Program Files (x86)\Luxand\Blink!\LuxandBlinkTray.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [Luxand Blink!] => C:\Program Files (x86)\Luxand\Blink!\LuxandBlinkTray.exe [7663936 2012-02-07] (Luxand, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1099173889-4246456777-3110026932-1002\...\Run: [Browser Infrastructure Helper] => C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.exe [20760 2014-04-23] (Smartbar)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC_PKR&co=DE&userid=f685d9d8-414d-4862-a38e-e45a9deb74b6&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC_PKR&co=DE&userid=f685d9d8-414d-4862-a38e-e45a9deb74b6&searchtype=hp&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC_PKR&co=DE&userid=f685d9d8-414d-4862-a38e-e45a9deb74b6&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000
SearchScopes: HKLM - DefaultScope {32C86B37-93B0-44EC-BF85-A8EB4E7A87C5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {32C86B37-93B0-44EC-BF85-A8EB4E7A87C5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope {32C86B37-93B0-44EC-BF85-A8EB4E7A87C5} URL =
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC_PKR&co=DE&userid=f685d9d8-414d-4862-a38e-e45a9deb74b6&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC_PKR&co=DE&userid=f685d9d8-414d-4862-a38e-e45a9deb74b6&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000
BHO: Yahoo Community Smartbar (by Linkury)Engine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\yxn48w67.default
FF NewTab: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDJ67jFfFbVMftvbWiaEmC2YrGUuaLZxJLoWFbslY4zG4oo2_NZe6obPkdAgqk8PPrWrR0b-cMVPq7VWQkUHqlBvVq_xvSeQOlgtjgC1hHWOY_4z84z0J2KjMPFSKv9sSwUkcRUREhq9NVKWfJeub98tZcxcJDNJ-FrJcsxyPq_P-Rk6ee4dAtL9rfDQ,,
FF DefaultSearchEngine: Web Search
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDJ67jFfFbVMftvbWiaEmC2YrGUuaLZxJLoWFbslY4zG4oo2_NZe6obPkdAgqk8PPrWrR0b-cMVPq7VWQkUHqlBvVq-Rccf6GdoAp2XCLoahzVsPcMOzHCxdIVzTOuKfLfRl4RFOFUqhhypiArJtcFfn_L38HyTYZrCSJs_IXkaSVGKIXg6heCoYG7nQ,,
FF Keyword.URL: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDJ67jFfFbVMftvbWiaEmC2YrGUuaLZxJLoWFbslY4zG4oo2_NZe6obPkdAgqk8PPrWrR0b-cMVPq7VWQkUHqlBvVq9StLGFvTo37xyTcemM400qM82bEU3GEWunzYk3elmJ-fEav7Y8mctufygVgZX_KMduu9lm9AF0Cd_tYuRcQnfMoy3_IaMSGo6w,,&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\yxn48w67.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Yahoo Community Smartbar - C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\yxn48w67.default\Extensions\{f685d9d8-414d-4862-a38e-e45a9deb74b6} [2014-05-23]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 IntelliMemory; C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [64848 2012-08-06] (Condusiv Technologies)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 KMService; C:\windows\SysWOW64\srvany.exe [8192 2013-08-12] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 intmfs; C:\Windows\System32\DRIVERS\intmfs.sys [24400 2012-08-06] (Condusiv Technologies)
R0 intmsd; C:\Windows\System32\DRIVERS\intmsd.sys [73552 2012-08-06] (Condusiv Technologies)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-24 16:19 - 2014-05-24 16:19 - 00016481 _____ () C:\Users\Larissa\Desktop\FRST.txt
2014-05-24 16:16 - 2014-05-24 16:16 - 02066432 _____ (Farbar) C:\Users\Larissa\Desktop\FRST64.exe
2014-05-24 16:12 - 2014-05-24 16:19 - 00000000 ____D () C:\FRST
2014-05-24 15:57 - 2014-05-24 15:57 - 00003116 _____ () C:\windows\System32\Tasks\WinZip Malware Protector_startup
2014-05-23 20:15 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-05-23 20:15 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-05-23 20:10 - 2014-05-23 20:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-23 19:28 - 2014-05-23 19:28 - 00002498 _____ () C:\Users\Larissa\Desktop\log.xml
2014-05-23 19:07 - 2014-05-23 19:07 - 00001233 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-05-23 19:07 - 2014-05-23 19:07 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Nico Mak Computing
2014-05-23 19:07 - 2014-05-23 19:07 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-05-23 19:07 - 2014-05-23 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-05-23 19:07 - 2014-05-23 19:07 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-05-23 19:07 - 2013-03-15 17:10 - 00020480 _____ () C:\windows\system32\wsusnative64.exe
2014-05-23 19:04 - 2014-05-23 19:04 - 00000000 ____D () C:\windows\SysWOW64\XPSViewer
2014-05-23 19:04 - 2014-05-23 19:04 - 00000000 ____D () C:\Program Files\MSBuild
2014-05-23 18:58 - 2014-05-23 18:58 - 00002516 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-05-23 18:58 - 2014-05-23 18:58 - 00002454 _____ () C:\Users\Larissa\Desktop\Search.lnk
2014-05-23 18:57 - 2014-05-23 18:57 - 00000000 ____D () C:\Users\Larissa\AppData\Local\Smartbar
2014-05-23 18:57 - 2014-05-23 18:57 - 00000000 ____D () C:\Users\Larissa\AppData\Local\LPT
2014-05-23 18:56 - 2014-05-23 18:56 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\OpenCandy
2014-05-23 18:56 - 2014-05-23 18:56 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Luxand
2014-05-23 18:56 - 2014-05-23 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Luxand
2014-05-23 18:56 - 2014-05-23 18:56 - 00000000 ____D () C:\Program Files (x86)\Luxand
2014-05-23 18:56 - 2012-02-07 23:45 - 01115136 _____ () C:\windows\system32\LuxandCredentialProvider.dll
2014-05-23 18:56 - 2012-02-07 23:45 - 00860160 _____ () C:\windows\system32\LuxandBlink.dll
2014-05-23 18:56 - 2011-07-28 14:51 - 07942144 _____ (Luxand, Inc.) C:\windows\system32\LuxandBlinkLib1.dll
2014-05-23 18:56 - 2011-07-28 14:50 - 07942144 _____ (Luxand, Inc.) C:\windows\system32\LuxandBlinkLib11.dll
2014-05-23 18:46 - 2014-05-23 18:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-20 11:34 - 2014-05-20 11:34 - 00000000 ____D () C:\Users\Larissa\AppData\Local\Windows Live
2014-05-20 10:42 - 2014-05-23 16:53 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\48230029.sys
2014-05-19 14:39 - 2014-05-19 14:39 - 00004012 _____ () C:\Users\Larissa\Documents\CEACAA0043XGFM.dat
2014-05-18 21:34 - 2014-05-18 21:34 - 00001302 _____ () C:\Users\Larissa\Documents\mbam.txt
2014-05-18 21:18 - 2014-05-18 21:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-18 20:54 - 2014-05-23 19:07 - 00196608 _____ () C:\windows\ocsetup_install_NetFx3.etl
2014-05-18 20:54 - 2014-05-23 19:07 - 00059245 _____ () C:\windows\ocsetup_cbs_install_NetFx3.txt
2014-05-18 20:54 - 2014-05-18 20:54 - 00002471 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-18 20:54 - 2014-05-18 20:54 - 00002029 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-05-18 20:48 - 2014-05-01 22:37 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-05-18 20:48 - 2014-05-01 22:37 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-16 19:54 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2014-05-16 19:54 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2014-05-16 19:52 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2014-05-16 17:01 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-05-16 17:01 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-05-16 17:01 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2014-05-16 17:01 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2014-05-16 17:01 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-05-16 17:01 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-05-16 17:01 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-05-16 17:01 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-05-16 17:01 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll
2014-05-16 17:01 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-05-16 17:01 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-05-16 17:01 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2014-05-16 17:01 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2014-05-16 17:01 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-05-16 17:01 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-05-16 17:01 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-05-16 17:01 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-05-16 17:01 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-05-16 17:01 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\workerdd.dll
2014-05-16 17:01 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-05-16 17:01 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-05-16 17:01 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-05-16 17:01 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-05-16 17:01 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-05-16 17:01 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-05-16 17:01 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-05-16 17:01 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-05-16 17:01 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-05-16 17:01 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-05-16 17:01 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-05-16 17:01 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2014-05-16 17:01 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-05-16 17:01 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-05-16 17:01 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-05-16 17:01 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-05-16 17:01 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-05-16 17:01 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2014-05-16 17:00 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-16 17:00 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-16 17:00 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-16 17:00 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-16 17:00 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-16 17:00 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-16 16:59 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-05-16 16:59 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\windows\system32\gpedit.dll
2014-05-16 16:59 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpedit.dll
2014-05-16 16:59 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-05-16 16:59 - 2014-02-27 01:18 - 00621568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-05-16 16:59 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2014-05-16 16:59 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2014-05-16 16:59 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2014-05-16 16:59 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\IPMIDrv.sys
2014-05-08 14:39 - 2014-05-23 18:12 - 04418760 _____ () C:\Users\Larissa\Desktop\Nigeria.pptx
2014-05-06 15:31 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-05-06 15:31 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-05-06 15:31 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 15:31 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-05-06 15:31 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 14:19 - 2014-05-06 15:19 - 00000000 ____D () C:\Users\Larissa\Desktop\Drucken
2014-05-02 16:06 - 2014-05-02 16:06 - 00003718 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-05-02 10:50 - 2014-05-02 10:50 - 00003476 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-05-02 10:50 - 2014-05-02 10:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-05-02 10:50 - 2014-05-02 10:50 - 00000000 ____D () C:\ProgramData\Intel(R) Update Manager
2014-05-02 10:47 - 2014-05-22 14:48 - 00000000 ____D () C:\Users\Larissa\Documents\Marcels Unterlagen
2014-04-27 10:19 - 2014-04-27 10:19 - 02167883 _____ () C:\Users\Larissa\Desktop\Sales_V03.pptx
2014-04-26 13:11 - 2014-04-26 13:40 - 02169309 _____ () C:\Users\Larissa\Desktop\Sales_V01.pptx
2014-04-26 10:56 - 2014-04-26 11:18 - 02242628 _____ () C:\Users\Larissa\Documents\Sales.pptx
2014-04-26 01:06 - 2014-04-26 01:06 - 00809510 _____ () C:\Users\Larissa\Documents\Relationship Selling Presentation_FINAL.pptx
==================== One Month Modified Files and Folders =======
2014-05-24 16:19 - 2014-05-24 16:19 - 00016481 _____ () C:\Users\Larissa\Desktop\FRST.txt
2014-05-24 16:19 - 2014-05-24 16:12 - 00000000 ____D () C:\FRST
2014-05-24 16:16 - 2014-05-24 16:16 - 02066432 _____ (Farbar) C:\Users\Larissa\Desktop\FRST64.exe
2014-05-24 16:16 - 2012-10-16 02:44 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-05-24 16:10 - 2012-10-16 01:59 - 01843161 _____ () C:\windows\WindowsUpdate.log
2014-05-24 16:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-05-24 15:59 - 2014-02-04 10:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-24 15:58 - 2012-10-16 02:41 - 00000000 ____D () C:\ProgramData\WinClon
2014-05-24 15:57 - 2014-05-24 15:57 - 00003116 _____ () C:\windows\System32\Tasks\WinZip Malware Protector_startup
2014-05-24 15:57 - 2012-07-26 10:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2014-05-24 15:56 - 2014-02-04 16:38 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-05-24 15:55 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-24 15:54 - 2012-08-05 23:07 - 00638964 _____ () C:\windows\PFRO.log
2014-05-24 00:19 - 2013-07-16 00:28 - 00000000 ____D () C:\Users\Larissa\AppData\Local\CrashDumps
2014-05-23 20:50 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-05-23 20:10 - 2014-05-23 20:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-23 19:28 - 2014-05-23 19:28 - 00002498 _____ () C:\Users\Larissa\Desktop\log.xml
2014-05-23 19:07 - 2014-05-23 19:07 - 00001233 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-05-23 19:07 - 2014-05-23 19:07 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Nico Mak Computing
2014-05-23 19:07 - 2014-05-23 19:07 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-05-23 19:07 - 2014-05-23 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-05-23 19:07 - 2014-05-23 19:07 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-05-23 19:07 - 2014-05-18 20:54 - 00196608 _____ () C:\windows\ocsetup_install_NetFx3.etl
2014-05-23 19:07 - 2014-05-18 20:54 - 00059245 _____ () C:\windows\ocsetup_cbs_install_NetFx3.txt
2014-05-23 19:07 - 2014-01-29 14:42 - 00781156 _____ () C:\windows\system32\perfh00A.dat
2014-05-23 19:07 - 2014-01-29 14:42 - 00158390 _____ () C:\windows\system32\perfc00A.dat
2014-05-23 19:07 - 2013-07-15 23:41 - 00743888 _____ () C:\windows\system32\perfh007.dat
2014-05-23 19:07 - 2013-07-15 23:41 - 00151574 _____ () C:\windows\system32\perfc007.dat
2014-05-23 19:05 - 2012-08-07 14:22 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-05-23 19:04 - 2014-05-23 19:04 - 00000000 ____D () C:\windows\SysWOW64\XPSViewer
2014-05-23 19:04 - 2014-05-23 19:04 - 00000000 ____D () C:\Program Files\MSBuild
2014-05-23 19:04 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\MUI
2014-05-23 18:58 - 2014-05-23 18:58 - 00002516 _____ () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-05-23 18:58 - 2014-05-23 18:58 - 00002454 _____ () C:\Users\Larissa\Desktop\Search.lnk
2014-05-23 18:57 - 2014-05-23 18:57 - 00000000 ____D () C:\Users\Larissa\AppData\Local\Smartbar
2014-05-23 18:57 - 2014-05-23 18:57 - 00000000 ____D () C:\Users\Larissa\AppData\Local\LPT
2014-05-23 18:56 - 2014-05-23 18:56 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\OpenCandy
2014-05-23 18:56 - 2014-05-23 18:56 - 00000000 ____D () C:\Users\Larissa\AppData\Roaming\Luxand
2014-05-23 18:56 - 2014-05-23 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Luxand
2014-05-23 18:56 - 2014-05-23 18:56 - 00000000 ____D () C:\Program Files (x86)\Luxand
2014-05-23 18:46 - 2014-05-23 18:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-23 18:12 - 2014-05-08 14:39 - 04418760 _____ () C:\Users\Larissa\Desktop\Nigeria.pptx
2014-05-23 17:53 - 2012-07-26 09:21 - 00024847 _____ () C:\windows\setupact.log
2014-05-23 16:53 - 2014-05-20 10:42 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\48230029.sys
2014-05-23 16:51 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-05-22 14:48 - 2014-05-02 10:47 - 00000000 ____D () C:\Users\Larissa\Documents\Marcels Unterlagen
2014-05-20 11:34 - 2014-05-20 11:34 - 00000000 ____D () C:\Users\Larissa\AppData\Local\Windows Live
2014-05-19 22:04 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-05-19 21:58 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-19 21:58 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-19 21:58 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-19 21:57 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-19 14:54 - 2013-11-18 15:00 - 00000000 ____D () C:\windows\system32\MRT
2014-05-19 14:51 - 2013-08-12 20:04 - 93223848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-05-19 14:51 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-05-19 14:39 - 2014-05-19 14:39 - 00004012 _____ () C:\Users\Larissa\Documents\CEACAA0043XGFM.dat
2014-05-18 21:34 - 2014-05-18 21:34 - 00001302 _____ () C:\Users\Larissa\Documents\mbam.txt
2014-05-18 21:34 - 2012-10-16 03:00 - 00000000 ____D () C:\windows\es
2014-05-18 21:18 - 2014-05-18 21:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-18 20:54 - 2014-05-18 20:54 - 00002471 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-18 20:54 - 2014-05-18 20:54 - 00002029 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-05-18 20:49 - 2013-07-15 07:16 - 00000000 ___RD () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-18 20:49 - 2013-07-15 07:16 - 00000000 ___RD () C:\Users\Larissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-18 20:45 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-05-18 20:45 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\SecureBootUpdates
2014-05-16 19:58 - 2013-08-01 22:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-16 16:56 - 2014-02-04 16:38 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-05-06 21:38 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-05-06 15:19 - 2014-05-06 14:19 - 00000000 ____D () C:\Users\Larissa\Desktop\Drucken
2014-05-06 07:14 - 2014-05-16 17:00 - 19274752 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-16 17:00 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-06 05:48 - 2014-05-16 17:00 - 14367232 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-06 05:48 - 2014-05-16 17:00 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-06 05:37 - 2014-05-16 17:00 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-06 05:26 - 2014-05-16 17:00 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-02 16:06 - 2014-05-02 16:06 - 00003718 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-05-02 16:06 - 2012-10-16 01:56 - 00000000 ____D () C:\ProgramData\Intel
2014-05-02 12:24 - 2012-07-26 09:28 - 02560648 _____ () C:\windows\system32\PerfStringBackup.INI
2014-05-02 10:50 - 2014-05-02 10:50 - 00003476 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-05-02 10:50 - 2014-05-02 10:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-05-02 10:50 - 2014-05-02 10:50 - 00000000 ____D () C:\ProgramData\Intel(R) Update Manager
2014-05-02 10:50 - 2012-10-16 01:56 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-05-01 22:37 - 2014-05-18 20:48 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-05-01 22:37 - 2014-05-18 20:48 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 10:17 - 2014-01-24 20:27 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-04-29 10:17 - 2014-01-24 20:27 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-04-27 10:19 - 2014-04-27 10:19 - 02167883 _____ () C:\Users\Larissa\Desktop\Sales_V03.pptx
2014-04-26 13:40 - 2014-04-26 13:11 - 02169309 _____ () C:\Users\Larissa\Desktop\Sales_V01.pptx
2014-04-26 11:18 - 2014-04-26 10:56 - 02242628 _____ () C:\Users\Larissa\Documents\Sales.pptx
2014-04-26 01:06 - 2014-04-26 01:06 - 00809510 _____ () C:\Users\Larissa\Documents\Relationship Selling Presentation_FINAL.pptx
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
Some content of TEMP:
====================
C:\Users\Larissa\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe
[2014-05-16 17:01] - [2014-04-12 11:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-20 12:43
==================== End Of Log ============================
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2014 1
Ran by Larissa at 2014-05-24 16:13:24
Running from C:\Users\Larissa\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.8 - Absolute Software)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version: - Microsoft)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ETDWare PS/2-X64 11.7.2.1_WHQL (HKLM\...\Elantech) (Version: 11.7.2.1 - ELAN Microelectronic Corp.)
Galería de fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Help Desk (HKLM\...\{D93F0B49-12AA-4AE6-8349-0ECB13B9532F}) (Version: 1.0.5 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 16.1.1.0084 - Intel Corporation) Hidden
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IntelliMemory (HKLM\...\{B506207A-C977-48B6-A14F-2C7E98EF0BE4}) (Version: 1.0.26 - Condusiv Technologies)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Luxand Blink! v2.4 (HKLM\...\LuxandBlink_is1) (Version: 2.4 - Luxand, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2010 - German/Deutsch (HKLM-x32\...\Office14.OMUI.de-de) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office O MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.6.5 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.0.7 - Samsung Electronics CO., LTD.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{F3E80B62-3C51-4940-A434-A1F517AB8D6A}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
Support Center (HKLM\...\{AC0273F1-68A3-42CF-B487-C594B0A92F8D}) (Version: 2.0.12 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.5 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{403BBE15-C64E-429A-9652-1C4EFF327457}) (Version: 2.0.20 - Samsung Electronics CO., LTD.)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{426BC106-F501-4D57-B908-4E550BD197F0}) (Version: 1.3.00 - Samsung Electronics CO., LTD.)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.)
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.10798 - WinZip International LLC)
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
Yahoo Community Smartbar (HKLM-x32\...\{D40BD1FB-10B4-4042-A5AE-8364941019F6}) (Version: 11.47.66.16718 - Linkury Inc.) <==== ATTENTION
Yahoo Community Smartbar Engine (HKCU\...\{3d992805-f9cb-491d-abce-cebe76198cfd}) (Version: 11.47.66.16718 - Linkury Inc.) <==== ATTENTION
==================== Restore Points =========================
23-05-2014 17:02:28 Windows Modules Installer
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {000042AD-2467-4F68-9DD1-CB560D48AD16} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2013-07-15] (Nico Mak Computing)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1B4AF6DF-D69D-4779-A1C2-75AB1235D34E} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-09-05] (Samsung Electronics CO., LTD.)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {34E46D6D-DA9F-45EF-9131-CF6070E3D761} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-16] (Adobe Systems Incorporated)
Task: {615CA0CE-E0FA-4C2C-BF9F-5AE0DB863B61} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {7C2F7270-D575-422A-A720-D38978CA8C8A} - System32\Tasks\SWUpdateAgent => C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-09-18] (Samsung Electronics CO., LTD.)
Task: {7D21CBD5-5B62-4C24-9F85-C5EC816C175B} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-08-17] (Samsung Electronics CO., LTD.)
Task: {8779DCF5-52DB-471D-9C58-C3F65AF4823A} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {87C964AE-36D6-4863-8E73-AF7811A969CB} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {A50CC89D-E96E-4068-9B99-AFED27BA39C1} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AF22DDAF-056E-4856-BEF0-26816D3FC38D} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-09-17] (SEC)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C9A1EE74-5EAA-4AF1-A53D-58B51FA85804} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F971E377-BF89-4F0C-917B-3CF565D83BC4} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe
==================== Loaded Modules (whitelisted) =============
2012-09-05 09:50 - 2012-09-05 09:50 - 00085112 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\office.odf
2012-09-14 12:18 - 2012-09-14 12:18 - 04238968 _____ () C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
2012-09-05 09:50 - 2012-09-05 09:50 - 00028792 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 01012856 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2014-05-23 19:07 - 2013-02-28 16:53 - 00886272 _____ () C:\Program Files (x86)\WinZip Malware Protector\System.Data.SQLite.dll
2014-05-23 19:07 - 2013-07-15 16:53 - 01717936 _____ () C:\Program Files (x86)\WinZip Malware Protector\aspsys.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00026744 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00060536 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00103544 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00038680 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00062744 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\srau.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00165656 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 02339096 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00057624 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\spbl.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00152344 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00012568 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\siem.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00059672 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\sppsm.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00704792 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00081688 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00013592 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00016664 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00051480 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\srut.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00019736 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\srsbs.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00058648 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00044312 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\smti.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00022808 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\srom.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00020760 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\smtu.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00032024 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\smta.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00013592 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\sgml.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00036632 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\srbu.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00052504 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00014616 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\srpdm.dll
2014-04-23 12:54 - 2014-04-23 12:54 - 00047384 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-04-23 12:53 - 2014-04-23 12:53 - 00025368 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00024856 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-04-23 12:55 - 2014-04-23 12:55 - 00246552 _____ () C:\Users\Larissa\AppData\Local\Smartbar\Application\srns.dll
2012-10-16 02:47 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 04:34 - 2012-06-08 04:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-10-16 02:35 - 2012-06-25 20:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-05-23 20:10 - 2014-05-23 20:10 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-23 18:58 - 2014-04-07 18:09 - 00099096 _____ () C:\Users\Larissa\AppData\Roaming\Mozilla\Firefox\Profiles\yxn48w67.default\extensions\{f685d9d8-414d-4862-a38e-e45a9deb74b6}\components\SmartbarFireFoxRemotePlugin_29.dll
2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\office.odf
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/24/2014 00:19:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 28.0.0.5186, Zeitstempel: 0x53240e37
Name des fehlerhaften Moduls: xul.dll, Version: 28.0.0.5186, Zeitstempel: 0x53240e04
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00184729
ID des fehlerhaften Prozesses: 0x4a4
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Vollständiger Name des fehlerhaften Pakets: firefox.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: firefox.exe5
Error: (05/23/2014 07:02:57 PM) (Source: VSS) (EventID: 12305) (User: )
Description: Volumeschattenkopie-Dienstfehler: Volume bzw. Datenträger ist nicht richtig angeschlossen oder wurde nicht gefunden.
Fehlerkontext: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 0000000000000160,0x00530194,0000000000000000,0,0000000E0BE91090,4096,[0]).
Operation:
Query Shadow Copies
Error: (05/23/2014 06:58:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GuaranaAgent.exe, Version: 2.0.12.0, Zeitstempel: 0x5053040f
Name des fehlerhaften Moduls: GuaranaAgent.exe, Version: 2.0.12.0, Zeitstempel: 0x5053040f
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00000000000241cd
ID des fehlerhaften Prozesses: 0xcd8
Startzeit der fehlerhaften Anwendung: 0xGuaranaAgent.exe0
Pfad der fehlerhaften Anwendung: GuaranaAgent.exe1
Pfad des fehlerhaften Moduls: GuaranaAgent.exe2
Berichtskennung: GuaranaAgent.exe3
Vollständiger Name des fehlerhaften Pakets: GuaranaAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GuaranaAgent.exe5
Error: (05/23/2014 06:36:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x2c0
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Vollständiger Name des fehlerhaften Pakets: mbam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam.exe5
Error: (05/23/2014 06:36:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x750
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Vollständiger Name des fehlerhaften Pakets: mbam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam.exe5
Error: (05/23/2014 06:35:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x728
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Vollständiger Name des fehlerhaften Pakets: mbam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam.exe5
Error: (05/23/2014 06:34:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x7fc
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Vollständiger Name des fehlerhaften Pakets: mbam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam.exe5
Error: (05/23/2014 06:34:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x690
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Vollständiger Name des fehlerhaften Pakets: mbam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam.exe5
Error: (05/23/2014 06:33:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x690
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Vollständiger Name des fehlerhaften Pakets: mbam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam.exe5
Error: (05/23/2014 06:33:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x700
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Vollständiger Name des fehlerhaften Pakets: mbam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam.exe5
System errors:
=============
Error: (05/24/2014 03:50:51 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "SAMSUNG" auf Transport "NetBT_Tcpip_{DCE7F84B-F965-44CA-A23A-00E72DA8313F}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.
Error: (05/23/2014 06:41:03 PM) (Source: DCOM) (EventID: 10016) (User: SAMSUNG)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}SAMSUNGLarissaS-1-5-21-1099173889-4246456777-3110026932-1002LocalHost (Using LRPC)UnavailableUnavailable
Error: (05/23/2014 06:41:03 PM) (Source: DCOM) (EventID: 10016) (User: SAMSUNG)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}SAMSUNGLarissaS-1-5-21-1099173889-4246456777-3110026932-1002LocalHost (Using LRPC)UnavailableUnavailable
Error: (05/23/2014 06:39:34 PM) (Source: DCOM) (EventID: 10005) (User: SAMSUNG)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (05/23/2014 06:38:36 PM) (Source: DCOM) (EventID: 10005) (User: SAMSUNG)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (05/23/2014 06:38:23 PM) (Source: DCOM) (EventID: 10005) (User: SAMSUNG)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (05/23/2014 06:38:06 PM) (Source: DCOM) (EventID: 10005) (User: SAMSUNG)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (05/23/2014 06:38:00 PM) (Source: DCOM) (EventID: 10005) (User: SAMSUNG)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (05/23/2014 06:37:45 PM) (Source: DCOM) (EventID: 10005) (User: SAMSUNG)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (05/23/2014 06:37:39 PM) (Source: DCOM) (EventID: 10005) (User: SAMSUNG)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Microsoft Office Sessions:
=========================
Error: (05/24/2014 00:19:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: firefox.exe28.0.0.518653240e37xul.dll28.0.0.518653240e04c0000005001847294a401cf76a98295adb1C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll4d6b1b11-e2c8-11e3-bea1-c48508f6780d
Error: (05/23/2014 07:02:57 PM) (Source: VSS) (EventID: 12305) (User: )
Description: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 0000000000000160,0x00530194,0000000000000000,0,0000000E0BE91090,4096,[0])
Operation:
Query Shadow Copies
Error: (05/23/2014 06:58:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GuaranaAgent.exe2.0.12.05053040fGuaranaAgent.exe2.0.12.05053040fc000040900000000000241cdcd801cf76a60dc020faC:\Program Files\Samsung\Support Center\GuaranaAgent.exeC:\Program Files\Samsung\Support Center\GuaranaAgent.exe87df14f4-e29b-11e3-bea1-c48508f6780d
Error: (05/23/2014 06:36:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd2c001cf76a52c3f2debC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll69f7a5bd-e298-11e3-bea0-50b7c376f3fe
Error: (05/23/2014 06:36:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd75001cf76a51d17e7c1C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll5ad2c1ee-e298-11e3-bea0-50b7c376f3fe
Error: (05/23/2014 06:35:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd72801cf76a51407f878C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll51d5e5bf-e298-11e3-bea0-50b7c376f3fe
Error: (05/23/2014 06:34:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd7fc01cf76a4e3baeeefC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll217366bd-e298-11e3-bea0-50b7c376f3fe
Error: (05/23/2014 06:34:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd69001cf76a4d5205569C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll12d8cd37-e298-11e3-bea0-50b7c376f3fe
Error: (05/23/2014 06:33:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd69001cf76a4c5712756C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll03299f28-e298-11e3-bea0-50b7c376f3fe
Error: (05/23/2014 06:33:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd70001cf76a4c3ac2283C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll01649a44-e298-11e3-bea0-50b7c376f3fe
==================== Memory info ===========================
Percentage of memory in use: 81%
Total physical RAM: 7893.53 MB
Available physical RAM: 1451.9 MB
Total Pagefile: 11477.53 MB
Available Pagefile: 4960.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:674.17 GB) (Free:629.4 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
