Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
VAF Player lässt sich nicht deinstallieren!

VAF Player lässt sich nicht deinstallieren!


Log-Analyse und Auswertung: VAF Player lässt sich nicht deinstallieren!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Seite 1 von 2 1 2
Alt 02.09.2013, 22:08   #1
Ju_Vo
 
VAF Player lässt sich nicht deinstallieren! - Standard

VAF Player lässt sich nicht deinstallieren!


Hallo,

Der VAF Player lässt sich nicht deinstallieren. Es öffnet sich ein Fenster, welches behauptet, dass die Datei nicht gefunden werden kann...

Ich bin nicht wirklich ein Computerchecker, bitte alles gaaaanz einfach erklären!

VIELEN DANK!!!

P.S.: Gmer konnte ich zunächst nicht ausführen. (Bluescreen). Als ich das Häckchen bei "Devices" entfernt habe, ließ es sich ausführen.

Alt 03.09.2013, 05:12   #2
schrauber
/// the machine
/// TB-Ausbilder
 
VAF Player lässt sich nicht deinstallieren! - Standard

VAF Player lässt sich nicht deinstallieren!


hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 03.09.2013, 20:23   #3
Ju_Vo
 
VAF Player lässt sich nicht deinstallieren! - Standard

VAF Player lässt sich nicht deinstallieren!


Teil 1 GMER:

Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-09-02 22:41:17
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST916031 rev.DE05 149,05GB
Running: gmer_2.1.19163 (1).exe; Driver: C:\Users\Juls\AppData\Local\Temp\pxldypoc.sys


---- System - GMER 2.1 ----

SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwAddBootEntry [0x8DE19610]
SSDT   \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                     ZwAllocateVirtualMemory [0x8E4785FA]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwAssignProcessToJobObject [0x8DE1A0E6]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwCreateEvent [0x8DE25F18]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwCreateEventPair [0x8DE25F64]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwCreateIoCompletion [0x8DE260FE]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwCreateMutant [0x8DE25E86]
SSDT   \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                     ZwCreateSection [0x8E478992]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwCreateSemaphore [0x8DE25ECE]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwCreateThread [0x8DE1A5E4]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwCreateTimer [0x8DE260B8]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwDebugActiveProcess [0x8DE1AE9C]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwDeleteBootEntry [0x8DE19676]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwDuplicateObject [0x8DE1E596]
SSDT   \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                     ZwFreeVirtualMemory [0x8E4786C2]
SSDT   \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                     ZwLoadDriver [0x8E476C12]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwModifyBootEntry [0x8DE196DC]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwNotifyChangeKey [0x8DE1E98C]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwNotifyChangeMultipleKeys [0x8DE1B92C]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwOpenEvent [0x8DE25F42]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwOpenEventPair [0x8DE25F86]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwOpenIoCompletion [0x8DE26122]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwOpenMutant [0x8DE25EAC]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwOpenProcess [0x8DE1DE78]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwOpenSection [0x8DE26036]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwOpenSemaphore [0x8DE25EF6]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwOpenThread [0x8DE1E26E]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwOpenTimer [0x8DE260DC]
SSDT   \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                     ZwProtectVirtualMemory [0x8E478822]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwQueryObject [0x8DE1B7F8]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwQueueApcThread [0x8DE1B34E]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwSetBootEntryOrder [0x8DE19742]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwSetBootOptions [0x8DE197A8]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwSetContextThread [0x8DE1AD16]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwSetSystemInformation [0x8DE192F8]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwSetSystemPowerState [0x8DE194CE]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwShutdownSystem [0x8DE1945C]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwSuspendProcess [0x8DE1B066]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwSuspendThread [0x8DE1B1C8]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwSystemDebugControl [0x8DE19556]
SSDT   \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                     ZwTerminateProcess [0x8E4788EA]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwTerminateThread [0x8DE1ACF6]
SSDT   \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                     ZwUnloadDriver [0x8E476C42]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwVdmControl [0x8DE1980E]
SSDT   \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                     ZwWriteVirtualMemory [0x8E47876E]
SSDT   \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                     ZwCreateThreadEx [0x8DE1A800]

Code   \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                     ZwCreateProcessEx [0x8E491E00]
Code   \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                     ObInsertObject
Code   \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                     ObMakeTemporaryObject

---- Kernel code sections - GMER 2.1 ----

.text  ntkrnlpa.exe!KeSetEvent + 10D                                                                                                             82AE9758 4 Bytes  [10, 96, E1, 8D]
.text  ntkrnlpa.exe!KeSetEvent + 131                                                                                                             82AE977C 4 Bytes  [FA, 85, 47, 8E] {CLI ; TEST [EDI-0x72], EAX}
.text  ntkrnlpa.exe!KeSetEvent + 191                                                                                                             82AE97DC 4 Bytes  [E6, A0, E1, 8D] {OUT 0xa0, AL; LOOPZ 0xffffff91}
.text  ntkrnlpa.exe!KeSetEvent + 1D1                                                                                                             82AE981C 8 Bytes  [18, 5F, E2, 8D, 64, 5F, E2, ...]
.text  ntkrnlpa.exe!KeSetEvent + 1DD                                                                                                             82AE9828 4 Bytes  [FE, 60, E2, 8D]
.text  ...                                                                                                                                       
PAGE   ntkrnlpa.exe!ObMakeTemporaryObject                                                                                                        82C14669 5 Bytes  JMP 8E48EC9A \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE   ntkrnlpa.exe!ObInsertObject                                                                                                               82C6D6F3 5 Bytes  JMP 8E4907B4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE   ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 110                                                                                               82C7700F 4 Bytes  CALL 8DE1BFEF \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE   ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 121                                                                                              82C7AC83 4 Bytes  CALL 8DE1C005 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE   ntkrnlpa.exe!ZwCreateProcessEx                                                                                                            82CCF058 7 Bytes  JMP 8E491E04 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
.text  ntdll.dll!LdrLoadDll                                                                                                                      76F29378 5 Bytes  [E9, 7B, 6E, 23, 89] {JMP 0x89236e80}
.text  ntdll.dll!LdrUnloadDll                                                                                                                    76F3B680 5 Bytes  [E9, 77, 4D, 22, 89] {JMP 0x89224d7c}

---- User code sections - GMER 2.1 ----

.text  C:\Windows\system32\csrss.exe[608] KERNEL32.dll!GetBinaryTypeW + 70                                                                       76C12447 1 Byte  [62]
.text  C:\Windows\system32\wininit.exe[652] kernel32.dll!GetBinaryTypeW + 70                                                                     76C12447 1 Byte  [62]
.text  C:\Windows\system32\csrss.exe[664] KERNEL32.dll!GetBinaryTypeW + 70                                                                       76C12447 1 Byte  [62]
.text  C:\Windows\system32\taskeng.exe[696] kernel32.dll!GetBinaryTypeW + 70                                                                     76C12447 1 Byte  [62]
.text  C:\Windows\system32\services.exe[700] kernel32.dll!GetBinaryTypeW + 70                                                                    76C12447 1 Byte  [62]
.text  ...                                                                                                                                       
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[1248] ntdll.dll!LdrLoadDll                                                         76F29378 5 Bytes  JMP 001601F8 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[1248] ntdll.dll!LdrUnloadDll                                                       76F3B680 5 Bytes  JMP 001603FC 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[1248] KERNEL32.dll!GetBinaryTypeW + 70                                             76C12447 1 Byte  [62]
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[1248] ADVAPI32.dll!CreateServiceW                                                  76309EB4 5 Bytes  JMP 001803FC 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[1248] ADVAPI32.dll!DeleteService                                                   7630A07E 5 Bytes  JMP 00180600 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[1248] ADVAPI32.dll!SetServiceObjectSecurity                                        76346CD9 5 Bytes  JMP 00181014 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[1248] ADVAPI32.dll!ChangeServiceConfigA                                            76346DD9 5 Bytes  JMP 00180804 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[1248] ADVAPI32.dll!ChangeServiceConfigW                                            76346F81 5 Bytes  JMP 00180A08 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[1248] ADVAPI32.dll!ChangeServiceConfig2A                                           76347099 5 Bytes  JMP 00180C0C 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[1248] ADVAPI32.dll!ChangeServiceConfig2W                                           763471E1 5 Bytes  JMP 00180E10 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[1248] ADVAPI32.dll!CreateServiceA                                                  763472A1 5 Bytes  JMP 001801F8 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[1248] USER32.dll!SetWindowsHookExA                                                 761E6322 5 Bytes  JMP 00190600 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[1248] USER32.dll!SetWindowsHookExW                                                 761E87AD 5 Bytes  JMP 00190804 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[1248] USER32.dll!UnhookWindowsHookEx                                               761E98DB 5 Bytes  JMP 00190A08 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[1248] USER32.dll!SetWinEventHook                                                   761E9F3A 5 Bytes  JMP 001901F8 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[1248] USER32.dll!UnhookWinEvent                                                    761EC06F 5 Bytes  JMP 001903FC 
.text  C:\Windows\system32\AUDIODG.EXE[1304] kernel32.dll!GetBinaryTypeW + 70                                                                    76C12447 1 Byte  [62]
.text  C:\Program Files\Dell\QuickSet\quickset.exe[1328] ntdll.dll!LdrLoadDll                                                                    76F29378 5 Bytes  JMP 001601F8 
.text  C:\Program Files\Dell\QuickSet\quickset.exe[1328] ntdll.dll!LdrUnloadDll                                                                  76F3B680 5 Bytes  JMP 001603FC 
.text  C:\Program Files\Dell\QuickSet\quickset.exe[1328] KERNEL32.dll!GetBinaryTypeW + 70                                                        76C12447 1 Byte  [62]
.text  C:\Program Files\Dell\QuickSet\quickset.exe[1328] USER32.dll!SetWindowsHookExA                                                            761E6322 5 Bytes  JMP 00270600 
.text  C:\Program Files\Dell\QuickSet\quickset.exe[1328] USER32.dll!SetWindowsHookExW                                                            761E87AD 5 Bytes  JMP 00270804 
.text  C:\Program Files\Dell\QuickSet\quickset.exe[1328] USER32.dll!UnhookWindowsHookEx                                                          761E98DB 5 Bytes  JMP 00270A08 
.text  C:\Program Files\Dell\QuickSet\quickset.exe[1328] USER32.dll!SetWinEventHook                                                              761E9F3A 5 Bytes  JMP 002701F8 
.text  C:\Program Files\Dell\QuickSet\quickset.exe[1328] USER32.dll!UnhookWinEvent                                                               761EC06F 5 Bytes  JMP 002703FC 
.text  C:\Program Files\Dell\QuickSet\quickset.exe[1328] ADVAPI32.dll!CreateServiceW                                                             76309EB4 5 Bytes  JMP 002803FC 
.text  C:\Program Files\Dell\QuickSet\quickset.exe[1328] ADVAPI32.dll!DeleteService                                                              7630A07E 5 Bytes  JMP 00280600 
.text  C:\Program Files\Dell\QuickSet\quickset.exe[1328] ADVAPI32.dll!SetServiceObjectSecurity                                                   76346CD9 5 Bytes  JMP 00281014 
.text  C:\Program Files\Dell\QuickSet\quickset.exe[1328] ADVAPI32.dll!ChangeServiceConfigA                                                       76346DD9 5 Bytes  JMP 00280804 
.text  C:\Program Files\Dell\QuickSet\quickset.exe[1328] ADVAPI32.dll!ChangeServiceConfigW                                                       76346F81 5 Bytes  JMP 00280A08 
.text  C:\Program Files\Dell\QuickSet\quickset.exe[1328] ADVAPI32.dll!ChangeServiceConfig2A                                                      76347099 5 Bytes  JMP 00280C0C 
.text  C:\Program Files\Dell\QuickSet\quickset.exe[1328] ADVAPI32.dll!ChangeServiceConfig2W                                                      763471E1 5 Bytes  JMP 00280E10 
.text  C:\Program Files\Dell\QuickSet\quickset.exe[1328] ADVAPI32.dll!CreateServiceA                                                             763472A1 5 Bytes  JMP 002801F8 
.text  C:\Windows\system32\svchost.exe[1432] kernel32.dll!GetBinaryTypeW + 70                                                                    76C12447 1 Byte  [62]
.text  C:\Windows\system32\svchost.exe[1484] kernel32.dll!GetBinaryTypeW + 70                                                                    76C12447 1 Byte  [62]
.text  C:\Windows\Explorer.EXE[1548] kernel32.dll!GetBinaryTypeW + 70                                                                            76C12447 1 Byte  [62]
.text  C:\Program Files\Dell\DellDock\DockLogin.exe[1560] kernel32.dll!GetBinaryTypeW + 70                                                       76C12447 1 Byte  [62]
.text  C:\Program Files\Windows Sidebar\sidebar.exe[1652] ntdll.dll!LdrLoadDll                                                                   76F29378 5 Bytes  JMP 000601F8 
.text  C:\Program Files\Windows Sidebar\sidebar.exe[1652] ntdll.dll!LdrUnloadDll                                                                 76F3B680 5 Bytes  JMP 000603FC 
.text  C:\Program Files\Windows Sidebar\sidebar.exe[1652] KERNEL32.dll!GetBinaryTypeW + 70                                                       76C12447 1 Byte  [62]
.text  C:\Program Files\Windows Sidebar\sidebar.exe[1652] ADVAPI32.dll!CreateServiceW                                                            76309EB4 5 Bytes  JMP 000703FC 
.text  C:\Program Files\Windows Sidebar\sidebar.exe[1652] ADVAPI32.dll!DeleteService                                                             7630A07E 5 Bytes  JMP 00070600 
.text  C:\Program Files\Windows Sidebar\sidebar.exe[1652] ADVAPI32.dll!SetServiceObjectSecurity                                                  76346CD9 5 Bytes  JMP 00071014 
.text  C:\Program Files\Windows Sidebar\sidebar.exe[1652] ADVAPI32.dll!ChangeServiceConfigA                                                      76346DD9 5 Bytes  JMP 00070804 
.text  C:\Program Files\Windows Sidebar\sidebar.exe[1652] ADVAPI32.dll!ChangeServiceConfigW                                                      76346F81 5 Bytes  JMP 00070A08 
.text  C:\Program Files\Windows Sidebar\sidebar.exe[1652] ADVAPI32.dll!ChangeServiceConfig2A                                                     76347099 5 Bytes  JMP 00070C0C 
.text  C:\Program Files\Windows Sidebar\sidebar.exe[1652] ADVAPI32.dll!ChangeServiceConfig2W                                                     763471E1 5 Bytes  JMP 00070E10 
.text  C:\Program Files\Windows Sidebar\sidebar.exe[1652] ADVAPI32.dll!CreateServiceA                                                            763472A1 5 Bytes  JMP 000701F8 
.text  C:\Program Files\Windows Sidebar\sidebar.exe[1652] USER32.dll!SetWindowsHookExA                                                           761E6322 5 Bytes  JMP 00080600 
.text  C:\Program Files\Windows Sidebar\sidebar.exe[1652] USER32.dll!SetWindowsHookExW                                                           761E87AD 5 Bytes  JMP 00080804 
.text  C:\Program Files\Windows Sidebar\sidebar.exe[1652] USER32.dll!UnhookWindowsHookEx                                                         761E98DB 5 Bytes  JMP 00080A08 
.text  C:\Program Files\Windows Sidebar\sidebar.exe[1652] USER32.dll!SetWinEventHook                                                             761E9F3A 5 Bytes  JMP 000801F8 
.text  C:\Program Files\Windows Sidebar\sidebar.exe[1652] USER32.dll!UnhookWinEvent                                                              761EC06F 5 Bytes  JMP 000803FC 
.text  C:\Windows\system32\svchost.exe[1668] kernel32.dll!GetBinaryTypeW + 70                                                                    76C12447 1 Byte  [62]
.text  C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[1692] ntdll.dll!LdrLoadDll                                                           76F29378 5 Bytes  JMP 001501F8 
.text  C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[1692] ntdll.dll!LdrUnloadDll                                                         76F3B680 5 Bytes  JMP 001503FC 
.text  C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[1692] KERNEL32.dll!GetBinaryTypeW + 70                                               76C12447 1 Byte  [62]
.text  C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[1692] USER32.dll!SetWindowsHookExA                                                   761E6322 5 Bytes  JMP 00160600 
.text  C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[1692] USER32.dll!SetWindowsHookExW                                                   761E87AD 5 Bytes  JMP 00160804 
.text  C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[1692] USER32.dll!UnhookWindowsHookEx                                                 761E98DB 5 Bytes  JMP 00160A08 
.text  C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[1692] USER32.dll!SetWinEventHook                                                     761E9F3A 5 Bytes  JMP 001601F8 
.text  C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[1692] USER32.dll!UnhookWinEvent                                                      761EC06F 5 Bytes  JMP 001603FC 
.text  C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[1692] ADVAPI32.dll!CreateServiceW                                                    76309EB4 5 Bytes  JMP 001703FC 
.text  C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[1692] ADVAPI32.dll!DeleteService                                                     7630A07E 5 Bytes  JMP 00170600 
.text  C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[1692] ADVAPI32.dll!SetServiceObjectSecurity                                          76346CD9 5 Bytes  JMP 00171014 
.text  C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[1692] ADVAPI32.dll!ChangeServiceConfigA                                              76346DD9 5 Bytes  JMP 00170804 
.text  C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[1692] ADVAPI32.dll!ChangeServiceConfigW                                              76346F81 5 Bytes  JMP 00170A08 
.text  C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[1692] ADVAPI32.dll!ChangeServiceConfig2A                                             76347099 5 Bytes  JMP 00170C0C 
.text  C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[1692] ADVAPI32.dll!ChangeServiceConfig2W                                             763471E1 5 Bytes  JMP 00170E10 
.text  C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[1692] ADVAPI32.dll!CreateServiceA                                                    763472A1 5 Bytes  JMP 001701F8 
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[1756] kernel32.dll!GetBinaryTypeW + 70                                                  76C12447 1 Byte  [62]
.text  C:\Windows\System32\WLTRYSVC.EXE[1780] kernel32.dll!GetBinaryTypeW + 70                                                                   76C12447 1 Byte  [62]
.text  C:\Windows\System32\bcmwltry.exe[1792] KERNEL32.dll!GetBinaryTypeW + 70                                                                   76C12447 1 Byte  [62]
.text  C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1800] kernel32.dll!GetBinaryTypeW + 70                                                 76C12447 1 Byte  [62]
.text  C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe[1824] ntdll.dll!LdrLoadDll                                                76F29378 5 Bytes  JMP 001601F8 
.text  C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe[1824] ntdll.dll!LdrUnloadDll                                              76F3B680 5 Bytes  JMP 001603FC 
.text  C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe[1824] KERNEL32.dll!GetBinaryTypeW + 70                                    76C12447 1 Byte  [62]
.text  C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe[1824] ADVAPI32.dll!CreateServiceW                                         76309EB4 5 Bytes  JMP 001703FC 
.text  C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe[1824] ADVAPI32.dll!DeleteService                                          7630A07E 5 Bytes  JMP 00170600 
.text  C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe[1824] ADVAPI32.dll!SetServiceObjectSecurity                               76346CD9 5 Bytes  JMP 00171014 
.text  C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe[1824] ADVAPI32.dll!ChangeServiceConfigA                                   76346DD9 5 Bytes  JMP 00170804 
.text  C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe[1824] ADVAPI32.dll!ChangeServiceConfigW                                   76346F81 5 Bytes  JMP 00170A08 
.text  C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe[1824] ADVAPI32.dll!ChangeServiceConfig2A                                  76347099 5 Bytes  JMP 00170C0C 
.text  C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe[1824] ADVAPI32.dll!ChangeServiceConfig2W                                  763471E1 5 Bytes  JMP 00170E10 
.text  C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe[1824] ADVAPI32.dll!CreateServiceA                                         763472A1 5 Bytes  JMP 001701F8 
.text  C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe[1824] USER32.dll!SetWindowsHookExA                                        761E6322 5 Bytes  JMP 00190600 
.text  C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe[1824] USER32.dll!SetWindowsHookExW                                        761E87AD 5 Bytes  JMP 00190804 
.text  C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe[1824] USER32.dll!UnhookWindowsHookEx                                      761E98DB 5 Bytes  JMP 00190A08 
.text  C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe[1824] USER32.dll!SetWinEventHook                                          761E9F3A 5 Bytes  JMP 001901F8 
.text  C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe[1824] USER32.dll!UnhookWinEvent                                           761EC06F 5 Bytes  JMP 001903FC 
.text  C:\Program Files\WinZipper\winzipersvc.exe[1852] kernel32.dll!GetBinaryTypeW + 70                                                         76C12447 1 Byte  [62]
.text  C:\ProgramData\eSafe\eGdpSvc.exe[2000] kernel32.dll!GetBinaryTypeW + 70                                                                   76C12447 1 Byte  [62]
.text  C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE[2240] ntdll.dll!LdrLoadDll                                                       76F29378 5 Bytes  JMP 000601F8 
.text  C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE[2240] ntdll.dll!LdrUnloadDll                                                     76F3B680 5 Bytes  JMP 000603FC 
.text  C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE[2240] KERNEL32.dll!GetBinaryTypeW + 70                                           76C12447 1 Byte  [62]
.text  C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE[2240] USER32.dll!SetWindowsHookExA                                               761E6322 5 Bytes  JMP 00070600 
.text  C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE[2240] USER32.dll!SetWindowsHookExW                                               761E87AD 5 Bytes  JMP 00070804 
.text  C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE[2240] USER32.dll!UnhookWindowsHookEx                                             761E98DB 5 Bytes  JMP 00070A08 
.text  C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE[2240] USER32.dll!SetWinEventHook                                                 761E9F3A 5 Bytes  JMP 000701F8 
.text  C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE[2240] USER32.dll!UnhookWinEvent                                                  761EC06F 5 Bytes  JMP 000703FC 
.text  C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE[2240] ADVAPI32.dll!CreateServiceW                                                76309EB4 5 Bytes  JMP 000803FC 
.text  C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE[2240] ADVAPI32.dll!DeleteService                                                 7630A07E 5 Bytes  JMP 00080600 
.text  C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE[2240] ADVAPI32.dll!SetServiceObjectSecurity                                      76346CD9 5 Bytes  JMP 00081014 
.text  C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE[2240] ADVAPI32.dll!ChangeServiceConfigA                                          76346DD9 5 Bytes  JMP 00080804 
.text  C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE[2240] ADVAPI32.dll!ChangeServiceConfigW                                          76346F81 5 Bytes  JMP 00080A08 
.text  C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE[2240] ADVAPI32.dll!ChangeServiceConfig2A                                         76347099 5 Bytes  JMP 00080C0C 
.text  C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE[2240] ADVAPI32.dll!ChangeServiceConfig2W                                         763471E1 5 Bytes  JMP 00080E10 
.text  C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE[2240] ADVAPI32.dll!CreateServiceA                                                763472A1 5 Bytes  JMP 000801F8 
.text  C:\Windows\system32\wbem\wmiprvse.exe[2332] ntdll.dll!LdrLoadDll                                                                          76F29378 5 Bytes  JMP 000601F8 
.text  C:\Windows\system32\wbem\wmiprvse.exe[2332] ntdll.dll!LdrUnloadDll                                                                        76F3B680 5 Bytes  JMP 000603FC 
.text  C:\Windows\system32\wbem\wmiprvse.exe[2332] KERNEL32.dll!GetBinaryTypeW + 70                                                              76C12447 1 Byte  [62]
.text  C:\Windows\system32\wbem\wmiprvse.exe[2332] ADVAPI32.dll!CreateServiceW                                                                   76309EB4 5 Bytes  JMP 000703FC 
.text  C:\Windows\system32\wbem\wmiprvse.exe[2332] ADVAPI32.dll!DeleteService                                                                    7630A07E 5 Bytes  JMP 00070600 
.text  C:\Windows\system32\wbem\wmiprvse.exe[2332] ADVAPI32.dll!SetServiceObjectSecurity                                                         76346CD9 5 Bytes  JMP 00071014 
.text  C:\Windows\system32\wbem\wmiprvse.exe[2332] ADVAPI32.dll!ChangeServiceConfigA                                                             76346DD9 5 Bytes  JMP 00070804 
.text  C:\Windows\system32\wbem\wmiprvse.exe[2332] ADVAPI32.dll!ChangeServiceConfigW                                                             76346F81 5 Bytes  JMP 00070A08 
.text  C:\Windows\system32\wbem\wmiprvse.exe[2332] ADVAPI32.dll!ChangeServiceConfig2A                                                            76347099 5 Bytes  JMP 00070C0C 
.text  C:\Windows\system32\wbem\wmiprvse.exe[2332] ADVAPI32.dll!ChangeServiceConfig2W                                                            763471E1 5 Bytes  JMP 00070E10 
.text  C:\Windows\system32\wbem\wmiprvse.exe[2332] ADVAPI32.dll!CreateServiceA                                                                   763472A1 5 Bytes  JMP 000701F8 
.text  C:\Windows\system32\wbem\wmiprvse.exe[2332] USER32.dll!SetWindowsHookExA                                                                  761E6322 5 Bytes  JMP 00080600 
.text  C:\Windows\system32\wbem\wmiprvse.exe[2332] USER32.dll!SetWindowsHookExW                                                                  761E87AD 5 Bytes  JMP 00080804 
.text  C:\Windows\system32\wbem\wmiprvse.exe[2332] USER32.dll!UnhookWindowsHookEx                                                                761E98DB 5 Bytes  JMP 00080A08 
.text  C:\Windows\system32\wbem\wmiprvse.exe[2332] USER32.dll!SetWinEventHook                                                                    761E9F3A 5 Bytes  JMP 000801F8 
.text  C:\Windows\system32\wbem\wmiprvse.exe[2332] USER32.dll!UnhookWinEvent                                                                     761EC06F 5 Bytes  JMP 000803FC 
.text  C:\Windows\system32\taskeng.exe[2336] ntdll.dll!LdrLoadDll                                                                                76F29378 5 Bytes  JMP 000601F8 
.text  C:\Windows\system32\taskeng.exe[2336] ntdll.dll!LdrUnloadDll                                                                              76F3B680 5 Bytes  JMP 000603FC 
.text  C:\Windows\system32\taskeng.exe[2336] KERNEL32.dll!GetBinaryTypeW + 70                                                                    76C12447 1 Byte  [62]
.text  C:\Windows\system32\taskeng.exe[2336] ADVAPI32.dll!CreateServiceW                                                                         76309EB4 5 Bytes  JMP 000B03FC 
.text  C:\Windows\system32\taskeng.exe[2336] ADVAPI32.dll!DeleteService                                                                          7630A07E 5 Bytes  JMP 000B0600 
.text  C:\Windows\system32\taskeng.exe[2336] ADVAPI32.dll!SetServiceObjectSecurity                                                               76346CD9 5 Bytes  JMP 000B1014 
.text  C:\Windows\system32\taskeng.exe[2336] ADVAPI32.dll!ChangeServiceConfigA                                                                   76346DD9 5 Bytes  JMP 000B0804 
.text  C:\Windows\system32\taskeng.exe[2336] ADVAPI32.dll!ChangeServiceConfigW                                                                   76346F81 5 Bytes  JMP 000B0A08 
.text  C:\Windows\system32\taskeng.exe[2336] ADVAPI32.dll!ChangeServiceConfig2A                                                                  76347099 5 Bytes  JMP 000B0C0C 
.text  C:\Windows\system32\taskeng.exe[2336] ADVAPI32.dll!ChangeServiceConfig2W                                                                  763471E1 5 Bytes  JMP 000B0E10 
.text  C:\Windows\system32\taskeng.exe[2336] ADVAPI32.dll!CreateServiceA                                                                         763472A1 5 Bytes  JMP 000B01F8 
.text  C:\Windows\system32\taskeng.exe[2336] USER32.dll!SetWindowsHookExA                                                                        761E6322 5 Bytes  JMP 000D0600 
.text  C:\Windows\system32\taskeng.exe[2336] USER32.dll!SetWindowsHookExW                                                                        761E87AD 5 Bytes  JMP 000D0804 
.text  C:\Windows\system32\taskeng.exe[2336] USER32.dll!UnhookWindowsHookEx                                                                      761E98DB 5 Bytes  JMP 000D0A08 
.text  C:\Windows\system32\taskeng.exe[2336] USER32.dll!SetWinEventHook                                                                          761E9F3A 5 Bytes  JMP 000D01F8 
.text  C:\Windows\system32\taskeng.exe[2336] USER32.dll!UnhookWinEvent                                                                           761EC06F 5 Bytes  JMP 000D03FC 
.text  C:\Program Files\Dell Support Center\bin\sprtcmd.exe[2484] ntdll.dll!LdrLoadDll                                                           76F29378 5 Bytes  JMP 001801F8 
.text  C:\Program Files\Dell Support Center\bin\sprtcmd.exe[2484] ntdll.dll!LdrUnloadDll                                                         76F3B680 5 Bytes  JMP 001803FC 
.text  C:\Program Files\Dell Support Center\bin\sprtcmd.exe[2484] KERNEL32.dll!GetBinaryTypeW + 70                                               76C12447 1 Byte  [62]
.text  C:\Program Files\Dell Support Center\bin\sprtcmd.exe[2484] USER32.dll!SetWindowsHookExA                                                   761E6322 5 Bytes  JMP 00190600 
.text  C:\Program Files\Dell Support Center\bin\sprtcmd.exe[2484] USER32.dll!SetWindowsHookExW                                                   761E87AD 5 Bytes  JMP 00190804 
.text  C:\Program Files\Dell Support Center\bin\sprtcmd.exe[2484] USER32.dll!UnhookWindowsHookEx                                                 761E98DB 5 Bytes  JMP 00190A08 
.text  C:\Program Files\Dell Support Center\bin\sprtcmd.exe[2484] USER32.dll!SetWinEventHook                                                     761E9F3A 5 Bytes  JMP 001901F8 
.text  C:\Program Files\Dell Support Center\bin\sprtcmd.exe[2484] USER32.dll!UnhookWinEvent                                                      761EC06F 5 Bytes  JMP 001903FC 
.text  C:\Program Files\Dell Support Center\bin\sprtcmd.exe[2484] ADVAPI32.dll!CreateServiceW                                                    76309EB4 5 Bytes  JMP 001A03FC 
.text  C:\Program Files\Dell Support Center\bin\sprtcmd.exe[2484] ADVAPI32.dll!DeleteService                                                     7630A07E 5 Bytes  JMP 001A0600 
.text  C:\Program Files\Dell Support Center\bin\sprtcmd.exe[2484] ADVAPI32.dll!SetServiceObjectSecurity                                          76346CD9 5 Bytes  JMP 001A1014 
.text  C:\Program Files\Dell Support Center\bin\sprtcmd.exe[2484] ADVAPI32.dll!ChangeServiceConfigA                                              76346DD9 5 Bytes  JMP 001A0804 
.text  C:\Program Files\Dell Support Center\bin\sprtcmd.exe[2484] ADVAPI32.dll!ChangeServiceConfigW                                              76346F81 5 Bytes  JMP 001A0A08 
.text  C:\Program Files\Dell Support Center\bin\sprtcmd.exe[2484] ADVAPI32.dll!ChangeServiceConfig2A                                             76347099 5 Bytes  JMP 001A0C0C 
.text  C:\Program Files\Dell Support Center\bin\sprtcmd.exe[2484] ADVAPI32.dll!ChangeServiceConfig2W                                             763471E1 5 Bytes  JMP 001A0E10 
.text  C:\Program Files\Dell Support Center\bin\sprtcmd.exe[2484] ADVAPI32.dll!CreateServiceA                                                    763472A1 5 Bytes  JMP 001A01F8 
.text  C:\Program Files\Windows Media Player\wmpnscfg.exe[2628] ntdll.dll!LdrLoadDll                                                             76F29378 5 Bytes  JMP 000601F8 
.text  C:\Program Files\Windows Media Player\wmpnscfg.exe[2628] ntdll.dll!LdrUnloadDll                                                           76F3B680 5 Bytes  JMP 000603FC 
.text  C:\Program Files\Windows Media Player\wmpnscfg.exe[2628] KERNEL32.dll!GetBinaryTypeW + 70                                                 76C12447 1 Byte  [62]
.text  C:\Program Files\Windows Media Player\wmpnscfg.exe[2628] ADVAPI32.dll!CreateServiceW                                                      76309EB4 5 Bytes  JMP 000703FC 
.text  C:\Program Files\Windows Media Player\wmpnscfg.exe[2628] ADVAPI32.dll!DeleteService                                                       7630A07E 5 Bytes  JMP 00070600 
.text  C:\Program Files\Windows Media Player\wmpnscfg.exe[2628] ADVAPI32.dll!SetServiceObjectSecurity                                            76346CD9 5 Bytes  JMP 00071014 
.text  C:\Program Files\Windows Media Player\wmpnscfg.exe[2628] ADVAPI32.dll!ChangeServiceConfigA                                                76346DD9 5 Bytes  JMP 00070804 
.text  C:\Program Files\Windows Media Player\wmpnscfg.exe[2628] ADVAPI32.dll!ChangeServiceConfigW                                                76346F81 5 Bytes  JMP 00070A08 
.text  C:\Program Files\Windows Media Player\wmpnscfg.exe[2628] ADVAPI32.dll!ChangeServiceConfig2A                                               76347099 5 Bytes  JMP 00070C0C 
.text  C:\Program Files\Windows Media Player\wmpnscfg.exe[2628] ADVAPI32.dll!ChangeServiceConfig2W                                               763471E1 5 Bytes  JMP 00070E10 
.text  C:\Program Files\Windows Media Player\wmpnscfg.exe[2628] ADVAPI32.dll!CreateServiceA                                                      763472A1 5 Bytes  JMP 000701F8 
.text  C:\Program Files\Windows Media Player\wmpnscfg.exe[2628] USER32.dll!SetWindowsHookExA                                                     761E6322 5 Bytes  JMP 00080600 
.text  C:\Program Files\Windows Media Player\wmpnscfg.exe[2628] USER32.dll!SetWindowsHookExW                                                     761E87AD 5 Bytes  JMP 00080804 
.text  C:\Program Files\Windows Media Player\wmpnscfg.exe[2628] USER32.dll!UnhookWindowsHookEx                                                   761E98DB 5 Bytes  JMP 00080A08 
.text  C:\Program Files\Windows Media Player\wmpnscfg.exe[2628] USER32.dll!SetWinEventHook                                                       761E9F3A 5 Bytes  JMP 000801F8 
.text  C:\Program Files\Windows Media Player\wmpnscfg.exe[2628] USER32.dll!UnhookWinEvent                                                        761EC06F 5 Bytes  JMP 000803FC 
.text  C:\Windows\System32\WLTRAY.EXE[2632] ntdll.dll!LdrLoadDll                                                                                 76F29378 5 Bytes  JMP 001601F8 
.text  C:\Windows\System32\WLTRAY.EXE[2632] ntdll.dll!LdrUnloadDll                                                                               76F3B680 5 Bytes  JMP 001603FC 
.text  C:\Windows\System32\WLTRAY.EXE[2632] KERNEL32.dll!GetBinaryTypeW + 70                                                                     76C12447 1 Byte  [62]
.text  C:\Windows\System32\WLTRAY.EXE[2632] USER32.dll!SetWindowsHookExA                                                                         761E6322 5 Bytes  JMP 00170600 
.text  C:\Windows\System32\WLTRAY.EXE[2632] USER32.dll!SetWindowsHookExW                                                                         761E87AD 5 Bytes  JMP 00170804 
.text  C:\Windows\System32\WLTRAY.EXE[2632] USER32.dll!UnhookWindowsHookEx                                                                       761E98DB 5 Bytes  JMP 00170A08 
.text  C:\Windows\System32\WLTRAY.EXE[2632] USER32.dll!SetWinEventHook                                                                           761E9F3A 5 Bytes  JMP 001701F8 
.text  C:\Windows\System32\WLTRAY.EXE[2632] USER32.dll!UnhookWinEvent                                                                            761EC06F 5 Bytes  JMP 001703FC 
.text  C:\Windows\System32\WLTRAY.EXE[2632] ADVAPI32.dll!CreateServiceW                                                                          76309EB4 5 Bytes  JMP 001803FC 
.text  C:\Windows\System32\WLTRAY.EXE[2632] ADVAPI32.dll!DeleteService                                                                           7630A07E 5 Bytes  JMP 00180600 
.text  C:\Windows\System32\WLTRAY.EXE[2632] ADVAPI32.dll!SetServiceObjectSecurity                                                                76346CD9 5 Bytes  JMP 00181014 
.text  C:\Windows\System32\WLTRAY.EXE[2632] ADVAPI32.dll!ChangeServiceConfigA                                                                    76346DD9 5 Bytes  JMP 00180804 
.text  C:\Windows\System32\WLTRAY.EXE[2632] ADVAPI32.dll!ChangeServiceConfigW                                                                    76346F81 5 Bytes  JMP 00180A08 
.text  C:\Windows\System32\WLTRAY.EXE[2632] ADVAPI32.dll!ChangeServiceConfig2A                                                                   76347099 5 Bytes  JMP 00180C0C 
.text  C:\Windows\System32\WLTRAY.EXE[2632] ADVAPI32.dll!ChangeServiceConfig2W                                                                   763471E1 5 Bytes  JMP 00180E10 
.text  C:\Windows\System32\WLTRAY.EXE[2632] ADVAPI32.dll!CreateServiceA                                                                          763472A1 5 Bytes  JMP 001801F8 
.text  C:\Windows\System32\spoolsv.exe[2768] ntdll.dll!LdrLoadDll                                                                                76F29378 5 Bytes  JMP 000601F8 
.text  C:\Windows\System32\spoolsv.exe[2768] ntdll.dll!LdrUnloadDll                                                                              76F3B680 5 Bytes  JMP 000603FC 
.text  C:\Windows\System32\spoolsv.exe[2768] KERNEL32.dll!GetBinaryTypeW + 70                                                                    76C12447 1 Byte  [62]
.text  C:\Windows\System32\spoolsv.exe[2768] ADVAPI32.dll!CreateServiceW                                                                         76309EB4 5 Bytes  JMP 000703FC 
.text  C:\Windows\System32\spoolsv.exe[2768] ADVAPI32.dll!DeleteService                                                                          7630A07E 5 Bytes  JMP 00070600 
.text  C:\Windows\System32\spoolsv.exe[2768] ADVAPI32.dll!SetServiceObjectSecurity                                                               76346CD9 5 Bytes  JMP 00071014 
.text  C:\Windows\System32\spoolsv.exe[2768] ADVAPI32.dll!ChangeServiceConfigA                                                                   76346DD9 5 Bytes  JMP 00070804 
.text  C:\Windows\System32\spoolsv.exe[2768] ADVAPI32.dll!ChangeServiceConfigW                                                                   76346F81 5 Bytes  JMP 00070A08 
.text  C:\Windows\System32\spoolsv.exe[2768] ADVAPI32.dll!ChangeServiceConfig2A                                                                  76347099 5 Bytes  JMP 00070C0C 
.text  C:\Windows\System32\spoolsv.exe[2768] ADVAPI32.dll!ChangeServiceConfig2W                                                                  763471E1 5 Bytes  JMP 00070E10 
.text  C:\Windows\System32\spoolsv.exe[2768] ADVAPI32.dll!CreateServiceA                                                                         763472A1 5 Bytes  JMP 000701F8 
.text  C:\Windows\System32\spoolsv.exe[2768] USER32.dll!SetWindowsHookExA                                                                        761E6322 5 Bytes  JMP 00080600 
.text  C:\Windows\System32\spoolsv.exe[2768] USER32.dll!SetWindowsHookExW                                                                        761E87AD 5 Bytes  JMP 00080804 
.text  C:\Windows\System32\spoolsv.exe[2768] USER32.dll!UnhookWindowsHookEx                                                                      761E98DB 5 Bytes  JMP 00080A08 
.text  C:\Windows\System32\spoolsv.exe[2768] USER32.dll!SetWinEventHook                                                                          761E9F3A 5 Bytes  JMP 000801F8 
.text  C:\Windows\System32\spoolsv.exe[2768] USER32.dll!UnhookWinEvent                                                                           761EC06F 5 Bytes  JMP 000803FC 
.text  C:\Windows\system32\svchost.exe[2808] ntdll.dll!LdrLoadDll                                                                                76F29378 5 Bytes  JMP 000601F8 
.text  C:\Windows\system32\svchost.exe[2808] ntdll.dll!LdrUnloadDll                                                                              76F3B680 5 Bytes  JMP 000603FC 
.text  C:\Windows\system32\svchost.exe[2808] KERNEL32.dll!GetBinaryTypeW + 70                                                                    76C12447 1 Byte  [62]
.text  C:\Windows\system32\svchost.exe[2808] ADVAPI32.dll!CreateServiceW                                                                         76309EB4 5 Bytes  JMP 000703FC 
.text  C:\Windows\system32\svchost.exe[2808] ADVAPI32.dll!DeleteService                                                                          7630A07E 5 Bytes  JMP 00070600 
.text  C:\Windows\system32\svchost.exe[2808] ADVAPI32.dll!SetServiceObjectSecurity                                                               76346CD9 5 Bytes  JMP 00071014 
.text  C:\Windows\system32\svchost.exe[2808] ADVAPI32.dll!ChangeServiceConfigA                                                                   76346DD9 5 Bytes  JMP 00070804 
.text  C:\Windows\system32\svchost.exe[2808] ADVAPI32.dll!ChangeServiceConfigW                                                                   76346F81 5 Bytes  JMP 00070A08 
.text  C:\Windows\system32\svchost.exe[2808] ADVAPI32.dll!ChangeServiceConfig2A                                                                  76347099 5 Bytes  JMP 00070C0C 
.text  C:\Windows\system32\svchost.exe[2808] ADVAPI32.dll!ChangeServiceConfig2W                                                                  763471E1 5 Bytes  JMP 00070E10 
.text  C:\Windows\system32\svchost.exe[2808] ADVAPI32.dll!CreateServiceA                                                                         763472A1 5 Bytes  JMP 000701F8 
.text  C:\Windows\system32\svchost.exe[2808] USER32.dll!SetWindowsHookExA                                                                        761E6322 5 Bytes  JMP 00080600 
.text  C:\Windows\system32\svchost.exe[2808] USER32.dll!SetWindowsHookExW                                                                        761E87AD 5 Bytes  JMP 00080804 
.text  C:\Windows\system32\svchost.exe[2808] USER32.dll!UnhookWindowsHookEx                                                                      761E98DB 5 Bytes  JMP 00080A08 
.text  C:\Windows\system32\svchost.exe[2808] USER32.dll!SetWinEventHook                                                                          761E9F3A 5 Bytes  JMP 000801F8 
.text  C:\Windows\system32\svchost.exe[2808] USER32.dll!UnhookWinEvent                                                                           761EC06F 5 Bytes  JMP 000803FC 
.text  C:\Windows\system32\igfxsrvc.exe[3072] ntdll.dll!LdrLoadDll                                                                               76F29378 5 Bytes  JMP 001601F8 
.text  C:\Windows\system32\igfxsrvc.exe[3072] ntdll.dll!LdrUnloadDll                                                                             76F3B680 5 Bytes  JMP 001603FC 
.text  C:\Windows\system32\igfxsrvc.exe[3072] KERNEL32.dll!GetBinaryTypeW + 70                                                                   76C12447 1 Byte  [62]
.text  C:\Windows\system32\igfxsrvc.exe[3072] USER32.dll!SetWindowsHookExA                                                                       761E6322 5 Bytes  JMP 00170600 
.text  C:\Windows\system32\igfxsrvc.exe[3072] USER32.dll!SetWindowsHookExW                                                                       761E87AD 5 Bytes  JMP 00170804 
.text  C:\Windows\system32\igfxsrvc.exe[3072] USER32.dll!UnhookWindowsHookEx                                                                     761E98DB 5 Bytes  JMP 00170A08 
.text  C:\Windows\system32\igfxsrvc.exe[3072] USER32.dll!SetWinEventHook                                                                         761E9F3A 5 Bytes  JMP 001701F8 
.text  C:\Windows\system32\igfxsrvc.exe[3072] USER32.dll!UnhookWinEvent                                                                          761EC06F 5 Bytes  JMP 001703FC 
.text  C:\Windows\system32\igfxsrvc.exe[3072] ADVAPI32.dll!CreateServiceW                                                                        76309EB4 5 Bytes  JMP 001803FC 
.text  C:\Windows\system32\igfxsrvc.exe[3072] ADVAPI32.dll!DeleteService                                                                         7630A07E 5 Bytes  JMP 00180600 
.text  C:\Windows\system32\igfxsrvc.exe[3072] ADVAPI32.dll!SetServiceObjectSecurity                                                              76346CD9 5 Bytes  JMP 00181014 
.text  C:\Windows\system32\igfxsrvc.exe[3072] ADVAPI32.dll!ChangeServiceConfigA                                                                  76346DD9 5 Bytes  JMP 00180804 
.text  C:\Windows\system32\igfxsrvc.exe[3072] ADVAPI32.dll!ChangeServiceConfigW                                                                  76346F81 5 Bytes  JMP 00180A08 
.text  C:\Windows\system32\igfxsrvc.exe[3072] ADVAPI32.dll!ChangeServiceConfig2A                                                                 76347099 5 Bytes  JMP 00180C0C 
.text  C:\Windows\system32\igfxsrvc.exe[3072] ADVAPI32.dll!ChangeServiceConfig2W                                                                 763471E1 5 Bytes  JMP 00180E10 
.text  C:\Windows\system32\igfxsrvc.exe[3072] ADVAPI32.dll!CreateServiceA                                                                        763472A1 5 Bytes  JMP 001801F8 
.text  C:\Windows\System32\igfxpers.exe[3088] ntdll.dll!LdrLoadDll                                                                               76F29378 5 Bytes  JMP 001601F8 
.text  C:\Windows\System32\igfxpers.exe[3088] ntdll.dll!LdrUnloadDll                                                                             76F3B680 5 Bytes  JMP 001603FC 
.text  C:\Windows\System32\igfxpers.exe[3088] KERNEL32.dll!GetBinaryTypeW + 70                                                                   76C12447 1 Byte  [62]
.text  C:\Windows\System32\igfxpers.exe[3088] USER32.dll!SetWindowsHookExA                                                                       761E6322 5 Bytes  JMP 00170600 
.text  C:\Windows\System32\igfxpers.exe[3088] USER32.dll!SetWindowsHookExW                                                                       761E87AD 5 Bytes  JMP 00170804 
.text  C:\Windows\System32\igfxpers.exe[3088] USER32.dll!UnhookWindowsHookEx                                                                     761E98DB 5 Bytes  JMP 00170A08 
.text  C:\Windows\System32\igfxpers.exe[3088] USER32.dll!SetWinEventHook                                                                         761E9F3A 5 Bytes  JMP 001701F8 
.text  C:\Windows\System32\igfxpers.exe[3088] USER32.dll!UnhookWinEvent                                                                          761EC06F 5 Bytes  JMP 001703FC 
.text  C:\Windows\System32\igfxpers.exe[3088] ADVAPI32.dll!CreateServiceW                                                                        76309EB4 5 Bytes  JMP 001803FC 
.text  C:\Windows\System32\igfxpers.exe[3088] ADVAPI32.dll!DeleteService                                                                         7630A07E 5 Bytes  JMP 00180600 
.text  C:\Windows\System32\igfxpers.exe[3088] ADVAPI32.dll!SetServiceObjectSecurity                                                              76346CD9 5 Bytes  JMP 00181014 
.text  C:\Windows\System32\igfxpers.exe[3088] ADVAPI32.dll!ChangeServiceConfigA                                                                  76346DD9 5 Bytes  JMP 00180804 
.text  C:\Windows\System32\igfxpers.exe[3088] ADVAPI32.dll!ChangeServiceConfigW                                                                  76346F81 5 Bytes  JMP 00180A08 
.text  C:\Windows\System32\igfxpers.exe[3088] ADVAPI32.dll!ChangeServiceConfig2A                                                                 76347099 5 Bytes  JMP 00180C0C 
.text  C:\Windows\System32\igfxpers.exe[3088] ADVAPI32.dll!ChangeServiceConfig2W                                                                 763471E1 5 Bytes  JMP 00180E10 
.text  C:\Windows\System32\igfxpers.exe[3088] ADVAPI32.dll!CreateServiceA                                                                        763472A1 5 Bytes  JMP 001801F8 
.text  C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe[3152] ntdll.dll!LdrLoadDll                   76F29378 5 Bytes  JMP 001601F8 
.text  C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe[3152] ntdll.dll!LdrUnloadDll                 76F3B680 5 Bytes  JMP 001603FC 
.text  C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe[3152] KERNEL32.dll!GetBinaryTypeW + 70       76C12447 1 Byte  [62]
.text  C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe[3152] USER32.dll!SetWindowsHookExA           761E6322 5 Bytes  JMP 00270600 
.text  C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe[3152] USER32.dll!SetWindowsHookExW           761E87AD 5 Bytes  JMP 00270804 
.text  C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe[3152] USER32.dll!UnhookWindowsHookEx         761E98DB 5 Bytes  JMP 00270A08 
.text  C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe[3152] USER32.dll!SetWinEventHook             761E9F3A 5 Bytes  JMP 002701F8 
.text  C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe[3152] USER32.dll!UnhookWinEvent              761EC06F 5 Bytes  JMP 002703FC 
.text  C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe[3152] ADVAPI32.dll!CreateServiceW            76309EB4 5 Bytes  JMP 002803FC 
.text  C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe[3152] ADVAPI32.dll!DeleteService             7630A07E 5 Bytes  JMP 00280600 
.text  C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe[3152] ADVAPI32.dll!SetServiceObjectSecurity  76346CD9 5 Bytes  JMP 00281014 
.text  C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe[3152] ADVAPI32.dll!ChangeServiceConfigA      76346DD9 5 Bytes  JMP 00280804 
.text  C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe[3152] ADVAPI32.dll!ChangeServiceConfigW      76346F81 5 Bytes  JMP 00280A08 
.text  C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe[3152] ADVAPI32.dll!ChangeServiceConfig2A     76347099 5 Bytes  JMP 00280C0C 
.text  C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe[3152] ADVAPI32.dll!ChangeServiceConfig2W     763471E1 5 Bytes  JMP 00280E10 
.text  C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe[3152] ADVAPI32.dll!CreateServiceA            763472A1 5 Bytes  JMP 002801F8 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[3164] ntdll.dll!LdrLoadDll                                                         76F29378 5 Bytes  JMP 000701F8 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[3164] ntdll.dll!LdrUnloadDll                                                       76F3B680 5 Bytes  JMP 000703FC 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[3164] KERNEL32.dll!GetBinaryTypeW + 70                                             76C12447 1 Byte  [62]
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[3164] USER32.dll!SetWindowsHookExA                                                 761E6322 5 Bytes  JMP 00080600 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[3164] USER32.dll!SetWindowsHookExW                                                 761E87AD 5 Bytes  JMP 00080804 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[3164] USER32.dll!UnhookWindowsHookEx                                               761E98DB 5 Bytes  JMP 00080A08 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[3164] USER32.dll!SetWinEventHook                                                   761E9F3A 5 Bytes  JMP 000801F8 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[3164] USER32.dll!UnhookWinEvent                                                    761EC06F 5 Bytes  JMP 000803FC 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[3164] ADVAPI32.dll!CreateServiceW                                                  76309EB4 5 Bytes  JMP 000903FC 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[3164] ADVAPI32.dll!DeleteService                                                   7630A07E 5 Bytes  JMP 00090600 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[3164] ADVAPI32.dll!SetServiceObjectSecurity                                        76346CD9 5 Bytes  JMP 00091014 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[3164] ADVAPI32.dll!ChangeServiceConfigA                                            76346DD9 5 Bytes  JMP 00090804 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[3164] ADVAPI32.dll!ChangeServiceConfigW                                            76346F81 5 Bytes  JMP 00090A08 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[3164] ADVAPI32.dll!ChangeServiceConfig2A                                           76347099 5 Bytes  JMP 00090C0C 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[3164] ADVAPI32.dll!ChangeServiceConfig2W                                           763471E1 5 Bytes  JMP 00090E10 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[3164] ADVAPI32.dll!CreateServiceA                                                  763472A1 5 Bytes  JMP 000901F8 
.text  C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe[3208] ntdll.dll!LdrLoadDll                                  76F29378 5 Bytes  JMP 001601F8 
.text  C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe[3208] ntdll.dll!LdrUnloadDll                                76F3B680 5 Bytes  JMP 001603FC 
.text  C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe[3208] KERNEL32.dll!GetBinaryTypeW + 70                      76C12447 1 Byte  [62]
.text  C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe[3208] ADVAPI32.dll!CreateServiceW                           76309EB4 5 Bytes  JMP 001703FC 
.text  C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe[3208] ADVAPI32.dll!DeleteService                            7630A07E 5 Bytes  JMP 00170600 
.text  C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe[3208] ADVAPI32.dll!SetServiceObjectSecurity                 76346CD9 5 Bytes  JMP 00171014 
.text  C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe[3208] ADVAPI32.dll!ChangeServiceConfigA                     76346DD9 5 Bytes  JMP 00170804 
.text  C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe[3208] ADVAPI32.dll!ChangeServiceConfigW                     76346F81 5 Bytes  JMP 00170A08 
.text  C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe[3208] ADVAPI32.dll!ChangeServiceConfig2A                    76347099 5 Bytes  JMP 00170C0C 
.text  C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe[3208] ADVAPI32.dll!ChangeServiceConfig2W                    763471E1 5 Bytes  JMP 00170E10 
.text  C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe[3208] ADVAPI32.dll!CreateServiceA                           763472A1 5 Bytes  JMP 001701F8 
.text  C:\Windows\system32\svchost.exe[3220] ntdll.dll!LdrLoadDll                                                                                76F29378 5 Bytes  JMP 000601F8 
.text  C:\Windows\system32\svchost.exe[3220] ntdll.dll!LdrUnloadDll                                                                              76F3B680 5 Bytes  JMP 000603FC 
.text  C:\Windows\system32\svchost.exe[3220] KERNEL32.dll!GetBinaryTypeW + 70                                                                    76C12447 1 Byte  [62]
.text  C:\Windows\system32\svchost.exe[3220] ADVAPI32.dll!CreateServiceW                                                                         76309EB4 5 Bytes  JMP 000703FC 
.text  C:\Windows\system32\svchost.exe[3220] ADVAPI32.dll!DeleteService                                                                          7630A07E 5 Bytes  JMP 00070600 
.text  C:\Windows\system32\svchost.exe[3220] ADVAPI32.dll!SetServiceObjectSecurity                                                               76346CD9 5 Bytes  JMP 00071014 
.text  C:\Windows\system32\svchost.exe[3220] ADVAPI32.dll!ChangeServiceConfigA                                                                   76346DD9 5 Bytes  JMP 00070804 
.text  C:\Windows\system32\svchost.exe[3220] ADVAPI32.dll!ChangeServiceConfigW                                                                   76346F81 5 Bytes  JMP 00070A08 
.text  C:\Windows\system32\svchost.exe[3220] ADVAPI32.dll!ChangeServiceConfig2A                                                                  76347099 5 Bytes  JMP 00070C0C 
.text  C:\Windows\system32\svchost.exe[3220] ADVAPI32.dll!ChangeServiceConfig2W                                                                  763471E1 5 Bytes  JMP 00070E10 
.text  C:\Windows\system32\svchost.exe[3220] ADVAPI32.dll!CreateServiceA                                                                         763472A1 5 Bytes  JMP 000701F8 
.text  C:\Windows\system32\svchost.exe[3220] USER32.dll!SetWindowsHookExA                                                                        761E6322 5 Bytes  JMP 00080600 
.text  C:\Windows\system32\svchost.exe[3220] USER32.dll!SetWindowsHookExW                                                                        761E87AD 5 Bytes  JMP 00080804 
.text  C:\Windows\system32\svchost.exe[3220] USER32.dll!UnhookWindowsHookEx                                                                      761E98DB 5 Bytes  JMP 00080A08 
.text  C:\Windows\system32\svchost.exe[3220] USER32.dll!SetWinEventHook                                                                          761E9F3A 5 Bytes  JMP 000801F8 
.text  C:\Windows\system32\svchost.exe[3220] USER32.dll!UnhookWinEvent                                                                           761EC06F 5 Bytes  JMP 000803FC 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[3284] ntdll.dll!LdrLoadDll                                                    76F29378 5 Bytes  JMP 001601F8 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[3284] ntdll.dll!LdrUnloadDll                                                  76F3B680 5 Bytes  JMP 001603FC 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[3284] KERNEL32.dll!GetBinaryTypeW + 70                                        76C12447 1 Byte  [62]
.text  C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[3284] ADVAPI32.dll!CreateServiceW                                             76309EB4 5 Bytes  JMP 001703FC 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[3284] ADVAPI32.dll!DeleteService                                              7630A07E 5 Bytes  JMP 00170600 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[3284] ADVAPI32.dll!SetServiceObjectSecurity                                   76346CD9 5 Bytes  JMP 00171014 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[3284] ADVAPI32.dll!ChangeServiceConfigA                                       76346DD9 5 Bytes  JMP 00170804 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[3284] ADVAPI32.dll!ChangeServiceConfigW                                       76346F81 5 Bytes  JMP 00170A08 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[3284] ADVAPI32.dll!ChangeServiceConfig2A                                      76347099 5 Bytes  JMP 00170C0C 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[3284] ADVAPI32.dll!ChangeServiceConfig2W                                      763471E1 5 Bytes  JMP 00170E10 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[3284] ADVAPI32.dll!CreateServiceA                                             763472A1 5 Bytes  JMP 001701F8 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[3284] USER32.dll!SetWindowsHookExA                                            761E6322 5 Bytes  JMP 00180600 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[3284] USER32.dll!SetWindowsHookExW                                            761E87AD 5 Bytes  JMP 00180804 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[3284] USER32.dll!UnhookWindowsHookEx                                          761E98DB 5 Bytes  JMP 00180A08 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[3284] USER32.dll!SetWinEventHook                                              761E9F3A 5 Bytes  JMP 001801F8 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[3284] USER32.dll!UnhookWinEvent                                               761EC06F 5 Bytes  JMP 001803FC 
.text  C:\Program Files\Windows Defender\MSASCui.exe[3296] ntdll.dll!LdrLoadDll                                                                  76F29378 5 Bytes  JMP 000601F8 
.text  C:\Program Files\Windows Defender\MSASCui.exe[3296] ntdll.dll!LdrUnloadDll                                                                76F3B680 5 Bytes  JMP 000603FC 
.text  C:\Program Files\Windows Defender\MSASCui.exe[3296] KERNEL32.dll!GetBinaryTypeW + 70                                                      76C12447 1 Byte  [62]
.text  C:\Program Files\Windows Defender\MSASCui.exe[3296] ADVAPI32.dll!CreateServiceW                                                           76309EB4 5 Bytes  JMP 000703FC 
.text  C:\Program Files\Windows Defender\MSASCui.exe[3296] ADVAPI32.dll!DeleteService                                                            7630A07E 5 Bytes  JMP 00070600 
.text  C:\Program Files\Windows Defender\MSASCui.exe[3296] ADVAPI32.dll!SetServiceObjectSecurity                                                 76346CD9 5 Bytes  JMP 00071014 
.text  C:\Program Files\Windows Defender\MSASCui.exe[3296] ADVAPI32.dll!ChangeServiceConfigA                                                     76346DD9 5 Bytes  JMP 00070804 
.text  C:\Program Files\Windows Defender\MSASCui.exe[3296] ADVAPI32.dll!ChangeServiceConfigW                                                     76346F81 5 Bytes  JMP 00070A08 
.text  C:\Program Files\Windows Defender\MSASCui.exe[3296] ADVAPI32.dll!ChangeServiceConfig2A                                                    76347099 5 Bytes  JMP 00070C0C 
.text  C:\Program Files\Windows Defender\MSASCui.exe[3296] ADVAPI32.dll!ChangeServiceConfig2W                                                    763471E1 5 Bytes  JMP 00070E10 
.text  C:\Program Files\Windows Defender\MSASCui.exe[3296] ADVAPI32.dll!CreateServiceA                                                           763472A1 5 Bytes  JMP 000701F8 
.text  C:\Program Files\Windows Defender\MSASCui.exe[3296] USER32.dll!SetWindowsHookExA                                                          761E6322 5 Bytes  JMP 00080600 
.text  C:\Program Files\Windows Defender\MSASCui.exe[3296] USER32.dll!SetWindowsHookExW                                                          761E87AD 5 Bytes  JMP 00080804 
.text  C:\Program Files\Windows Defender\MSASCui.exe[3296] USER32.dll!UnhookWindowsHookEx                                                        761E98DB 5 Bytes  JMP 00080A08 
.text  C:\Program Files\Windows Defender\MSASCui.exe[3296] USER32.dll!SetWinEventHook                                                            761E9F3A 5 Bytes  JMP 000801F8 
.text  C:\Program Files\Windows Defender\MSASCui.exe[3296] USER32.dll!UnhookWinEvent                                                             761EC06F 5 Bytes  JMP 000803FC 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3308] ntdll.dll!LdrLoadDll                                                       76F29378 5 Bytes  JMP 000601F8 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3308] ntdll.dll!LdrUnloadDll                                                     76F3B680 5 Bytes  JMP 000603FC 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3308] KERNEL32.dll!GetBinaryTypeW + 70                                           76C12447 1 Byte  [62]
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3308] ADVAPI32.dll!CreateServiceW                                                76309EB4 5 Bytes  JMP 000703FC 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3308] ADVAPI32.dll!DeleteService                                                 7630A07E 5 Bytes  JMP 00070600 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3308] ADVAPI32.dll!SetServiceObjectSecurity                                      76346CD9 5 Bytes  JMP 00071014 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3308] ADVAPI32.dll!ChangeServiceConfigA                                          76346DD9 5 Bytes  JMP 00070804 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3308] ADVAPI32.dll!ChangeServiceConfigW                                          76346F81 5 Bytes  JMP 00070A08 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3308] ADVAPI32.dll!ChangeServiceConfig2A                                         76347099 5 Bytes  JMP 00070C0C 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3308] ADVAPI32.dll!ChangeServiceConfig2W                                         763471E1 5 Bytes  JMP 00070E10 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3308] ADVAPI32.dll!CreateServiceA                                                763472A1 5 Bytes  JMP 000701F8 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3308] USER32.dll!SetWindowsHookExA                                               761E6322 5 Bytes  JMP 00190600 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3308] USER32.dll!SetWindowsHookExW                                               761E87AD 5 Bytes  JMP 00190804 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3308] USER32.dll!UnhookWindowsHookEx                                             761E98DB 5 Bytes  JMP 00190A08 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3308] USER32.dll!SetWinEventHook                                                 761E9F3A 5 Bytes  JMP 001901F8 
.text  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3308] USER32.dll!UnhookWinEvent                                                  761EC06F 5 Bytes  JMP 001903FC 
.text  C:\Windows\system32\EscSvc.exe[3404] ntdll.dll!LdrLoadDll                                                                                 76F29378 5 Bytes  JMP 001601F8 
.text  C:\Windows\system32\EscSvc.exe[3404] ntdll.dll!LdrUnloadDll                                                                               76F3B680 5 Bytes  JMP 001603FC 
.text  C:\Windows\system32\EscSvc.exe[3404] KERNEL32.dll!GetBinaryTypeW + 70                                                                     76C12447 1 Byte  [62]
.text  C:\Windows\system32\EscSvc.exe[3404] USER32.dll!SetWindowsHookExA                                                                         761E6322 5 Bytes  JMP 00170600 
.text  C:\Windows\system32\EscSvc.exe[3404] USER32.dll!SetWindowsHookExW                                                                         761E87AD 5 Bytes  JMP 00170804 
.text  C:\Windows\system32\EscSvc.exe[3404] USER32.dll!UnhookWindowsHookEx                                                                       761E98DB 5 Bytes  JMP 00170A08 
.text  C:\Windows\system32\EscSvc.exe[3404] USER32.dll!SetWinEventHook                                                                           761E9F3A 5 Bytes  JMP 001701F8 
.text  C:\Windows\system32\EscSvc.exe[3404] USER32.dll!UnhookWinEvent                                                                            761EC06F 5 Bytes  JMP 001703FC 
.text  C:\Windows\system32\EscSvc.exe[3404] ADVAPI32.dll!CreateServiceW                                                                          76309EB4 5 Bytes  JMP 001803FC 
.text  C:\Windows\system32\EscSvc.exe[3404] ADVAPI32.dll!DeleteService                                                                           7630A07E 5 Bytes  JMP 00180600 
.text  C:\Windows\system32\EscSvc.exe[3404] ADVAPI32.dll!SetServiceObjectSecurity                                                                76346CD9 5 Bytes  JMP 00181014 
.text  C:\Windows\system32\EscSvc.exe[3404] ADVAPI32.dll!ChangeServiceConfigA                                                                    76346DD9 5 Bytes  JMP 00180804 
.text  C:\Windows\system32\EscSvc.exe[3404] ADVAPI32.dll!ChangeServiceConfigW                                                                    76346F81 5 Bytes  JMP 00180A08 
.text  C:\Windows\system32\EscSvc.exe[3404] ADVAPI32.dll!ChangeServiceConfig2A                                                                   76347099 5 Bytes  JMP 00180C0C 
.text  C:\Windows\system32\EscSvc.exe[3404] ADVAPI32.dll!ChangeServiceConfig2W                                                                   763471E1 5 Bytes  JMP 00180E10 
.text  C:\Windows\system32\EscSvc.exe[3404] ADVAPI32.dll!CreateServiceA                                                                          763472A1 5 Bytes  JMP 001801F8 
.text  C:\Program Files\DellTPad\Apoint.exe[3416] ntdll.dll!LdrLoadDll                                                                           76F29378 5 Bytes  JMP 001501F8 
.text  C:\Program Files\DellTPad\Apoint.exe[3416] ntdll.dll!LdrUnloadDll                                                                         76F3B680 5 Bytes  JMP 001503FC 
.text  C:\Program Files\DellTPad\Apoint.exe[3416] KERNEL32.dll!GetBinaryTypeW + 70                                                               76C12447 1 Byte  [62]
.text  C:\Program Files\DellTPad\Apoint.exe[3416] USER32.dll!SetWindowsHookExA                                                                   761E6322 5 Bytes  JMP 00160600 
.text  C:\Program Files\DellTPad\Apoint.exe[3416] USER32.dll!SetWindowsHookExW                                                                   761E87AD 5 Bytes  JMP 00160804 
.text  C:\Program Files\DellTPad\Apoint.exe[3416] USER32.dll!UnhookWindowsHookEx                                                                 761E98DB 5 Bytes  JMP 00160A08 
.text  C:\Program Files\DellTPad\Apoint.exe[3416] USER32.dll!SetWinEventHook                                                                     761E9F3A 5 Bytes  JMP 001601F8 
.text  C:\Program Files\DellTPad\Apoint.exe[3416] USER32.dll!UnhookWinEvent                                                                      761EC06F 5 Bytes  JMP 001603FC 
.text  C:\Program Files\DellTPad\Apoint.exe[3416] ADVAPI32.dll!CreateServiceW                                                                    76309EB4 5 Bytes  JMP 001703FC 
.text  C:\Program Files\DellTPad\Apoint.exe[3416] ADVAPI32.dll!DeleteService                                                                     7630A07E 5 Bytes  JMP 00170600 
.text  C:\Program Files\DellTPad\Apoint.exe[3416] ADVAPI32.dll!SetServiceObjectSecurity                                                          76346CD9 5 Bytes  JMP 00171014 
.text  C:\Program Files\DellTPad\Apoint.exe[3416] ADVAPI32.dll!ChangeServiceConfigA                                                              76346DD9 5 Bytes  JMP 00170804 
.text  C:\Program Files\DellTPad\Apoint.exe[3416] ADVAPI32.dll!ChangeServiceConfigW                                                              76346F81 5 Bytes  JMP 00170A08 
.text  C:\Program Files\DellTPad\Apoint.exe[3416] ADVAPI32.dll!ChangeServiceConfig2A                                                             76347099 5 Bytes  JMP 00170C0C 
.text  C:\Program Files\DellTPad\Apoint.exe[3416] ADVAPI32.dll!ChangeServiceConfig2W                                                             763471E1 5 Bytes  JMP 00170E10 
.text  C:\Program Files\DellTPad\Apoint.exe[3416] ADVAPI32.dll!CreateServiceA                                                                    763472A1 5 Bytes  JMP 001701F8 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3432] ntdll.dll!LdrLoadDll                                               76F29378 5 Bytes  JMP 001501F8 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3432] ntdll.dll!LdrUnloadDll                                             76F3B680 5 Bytes  JMP 001503FC 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3432] KERNEL32.dll!GetBinaryTypeW + 70                                   76C12447 1 Byte  [62]
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3432] USER32.dll!SetWindowsHookExA                                       761E6322 5 Bytes  JMP 00160600 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3432] USER32.dll!SetWindowsHookExW                                       761E87AD 5 Bytes  JMP 00160804 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3432] USER32.dll!UnhookWindowsHookEx                                     761E98DB 5 Bytes  JMP 00160A08 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3432] USER32.dll!SetWinEventHook                                         761E9F3A 5 Bytes  JMP 001601F8 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3432] USER32.dll!UnhookWinEvent                                          761EC06F 5 Bytes  JMP 001603FC 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3432] ADVAPI32.dll!CreateServiceW                                        76309EB4 5 Bytes  JMP 001703FC 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3432] ADVAPI32.dll!DeleteService                                         7630A07E 5 Bytes  JMP 00170600 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3432] ADVAPI32.dll!SetServiceObjectSecurity                              76346CD9 5 Bytes  JMP 00171014 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3432] ADVAPI32.dll!ChangeServiceConfigA                                  76346DD9 5 Bytes  JMP 00170804 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3432] ADVAPI32.dll!ChangeServiceConfigW                                  76346F81 5 Bytes  JMP 00170A08 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3432] ADVAPI32.dll!ChangeServiceConfig2A                                 76347099 5 Bytes  JMP 00170C0C 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3432] ADVAPI32.dll!ChangeServiceConfig2W                                 763471E1 5 Bytes  JMP 00170E10 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3432] ADVAPI32.dll!CreateServiceA                                        763472A1 5 Bytes  JMP 001701F8 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3516] ntdll.dll!LdrLoadDll                                               76F29378 5 Bytes  JMP 001501F8 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3516] ntdll.dll!LdrUnloadDll                                             76F3B680 5 Bytes  JMP 001503FC 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3516] KERNEL32.dll!GetBinaryTypeW + 70                                   76C12447 1 Byte  [62]
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3516] USER32.dll!SetWindowsHookExA                                       761E6322 5 Bytes  JMP 00160600 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3516] USER32.dll!SetWindowsHookExW                                       761E87AD 5 Bytes  JMP 00160804 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3516] USER32.dll!UnhookWindowsHookEx                                     761E98DB 5 Bytes  JMP 00160A08 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3516] USER32.dll!SetWinEventHook                                         761E9F3A 5 Bytes  JMP 001601F8 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3516] USER32.dll!UnhookWinEvent                                          761EC06F 5 Bytes  JMP 001603FC 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3516] ADVAPI32.dll!CreateServiceW                                        76309EB4 5 Bytes  JMP 001703FC 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3516] ADVAPI32.dll!DeleteService                                         7630A07E 5 Bytes  JMP 00170600 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3516] ADVAPI32.dll!SetServiceObjectSecurity                              76346CD9 5 Bytes  JMP 00171014 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3516] ADVAPI32.dll!ChangeServiceConfigA                                  76346DD9 5 Bytes  JMP 00170804 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3516] ADVAPI32.dll!ChangeServiceConfigW                                  76346F81 5 Bytes  JMP 00170A08 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3516] ADVAPI32.dll!ChangeServiceConfig2A                                 76347099 5 Bytes  JMP 00170C0C 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3516] ADVAPI32.dll!ChangeServiceConfig2W                                 763471E1 5 Bytes  JMP 00170E10 
.text  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3516] ADVAPI32.dll!CreateServiceA                                        763472A1 5 Bytes  JMP 001701F8 
.text  C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe[3544] ntdll.dll!LdrLoadDll                                                     76F29378 5 Bytes  JMP 000501F8 
.text  C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe[3544] ntdll.dll!LdrUnloadDll                                                   76F3B680 5 Bytes  JMP 000503FC 
.text  C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe[3544] KERNEL32.dll!GetBinaryTypeW + 70                                         76C12447 1 Byte  [62]
.text  C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe[3544] ADVAPI32.dll!CreateServiceW                                              76309EB4 5 Bytes  JMP 000603FC 
.text  C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe[3544] ADVAPI32.dll!DeleteService                                               7630A07E 5 Bytes  JMP 00060600 
.text  C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe[3544] ADVAPI32.dll!SetServiceObjectSecurity                                    76346CD9 5 Bytes  JMP 00061014 
.text  C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe[3544] ADVAPI32.dll!ChangeServiceConfigA                                        76346DD9 5 Bytes  JMP 00060804 
.text  C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe[3544] ADVAPI32.dll!ChangeServiceConfigW                                        76346F81 5 Bytes  JMP 00060A08 
.text  C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe[3544] ADVAPI32.dll!ChangeServiceConfig2A                                       76347099 5 Bytes  JMP 00060C0C 
.text  C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe[3544] ADVAPI32.dll!ChangeServiceConfig2W                                       763471E1 5 Bytes  JMP 00060E10 
.text  C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe[3544] ADVAPI32.dll!CreateServiceA                                              763472A1 5 Bytes  JMP 000601F8 
.text  C:\Windows\ehome\ehtray.exe[3556] ntdll.dll!LdrLoadDll                                                                                    76F29378 5 Bytes  JMP 000601F8 
.text  C:\Windows\ehome\ehtray.exe[3556] ntdll.dll!LdrUnloadDll                                                                                  76F3B680 5 Bytes  JMP 000603FC 
.text  C:\Windows\ehome\ehtray.exe[3556] KERNEL32.dll!GetBinaryTypeW + 70                                                                        76C12447 1 Byte  [62]
.text  C:\Windows\ehome\ehtray.exe[3556] ADVAPI32.dll!CreateServiceW                                                                             76309EB4 5 Bytes  JMP 000703FC 
.text  C:\Windows\ehome\ehtray.exe[3556] ADVAPI32.dll!DeleteService                                                                              7630A07E 5 Bytes  JMP 00070600 
.text  C:\Windows\ehome\ehtray.exe[3556] ADVAPI32.dll!SetServiceObjectSecurity                                                                   76346CD9 5 Bytes  JMP 00071014 
.text  C:\Windows\ehome\ehtray.exe[3556] ADVAPI32.dll!ChangeServiceConfigA                                                                       76346DD9 5 Bytes  JMP 00070804 
.text  C:\Windows\ehome\ehtray.exe[3556] ADVAPI32.dll!ChangeServiceConfigW                                                                       76346F81 5 Bytes  JMP 00070A08 
.text  C:\Windows\ehome\ehtray.exe[3556] ADVAPI32.dll!ChangeServiceConfig2A                                                                      76347099 5 Bytes  JMP 00070C0C 
.text  C:\Windows\ehome\ehtray.exe[3556] ADVAPI32.dll!ChangeServiceConfig2W                                                                      763471E1 5 Bytes  JMP 00070E10 
.text  C:\Windows\ehome\ehtray.exe[3556] ADVAPI32.dll!CreateServiceA                                                                             763472A1 5 Bytes  JMP 000701F8 
.text  C:\Windows\ehome\ehtray.exe[3556] USER32.dll!SetWindowsHookExA                                                                            761E6322 5 Bytes  JMP 00080600 
.text  C:\Windows\ehome\ehtray.exe[3556] USER32.dll!SetWindowsHookExW                                                                            761E87AD 5 Bytes  JMP 00080804 
.text  C:\Windows\ehome\ehtray.exe[3556] USER32.dll!UnhookWindowsHookEx                                                                          761E98DB 5 Bytes  JMP 00080A08 
.text  C:\Windows\ehome\ehtray.exe[3556] USER32.dll!SetWinEventHook                                                                              761E9F3A 5 Bytes  JMP 000801F8 
.text  C:\Windows\ehome\ehtray.exe[3556] USER32.dll!UnhookWinEvent                                                                               761EC06F 5 Bytes  JMP 000803FC 
.text  C:\Windows\system32\svchost.exe[3572] ntdll.dll!LdrLoadDll                                                                                76F29378 5 Bytes  JMP 000601F8 
.text  C:\Windows\system32\svchost.exe[3572] ntdll.dll!LdrUnloadDll                                                                              76F3B680 5 Bytes  JMP 000603FC 
.text  C:\Windows\system32\svchost.exe[3572] KERNEL32.dll!GetBinaryTypeW + 70                                                                    76C12447 1 Byte  [62]
.text  C:\Windows\system32\svchost.exe[3572] ADVAPI32.dll!CreateServiceW                                                                         76309EB4 5 Bytes  JMP 000703FC 
.text  C:\Windows\system32\svchost.exe[3572] ADVAPI32.dll!DeleteService                                                                          7630A07E 5 Bytes  JMP 00070600 
.text  C:\Windows\system32\svchost.exe[3572] ADVAPI32.dll!SetServiceObjectSecurity                                                               76346CD9 5 Bytes  JMP 00071014 
.text  C:\Windows\system32\svchost.exe[3572] ADVAPI32.dll!ChangeServiceConfigA                                                                   76346DD9 5 Bytes  JMP 00070804 
.text  C:\Windows\system32\svchost.exe[3572] ADVAPI32.dll!ChangeServiceConfigW                                                                   76346F81 5 Bytes  JMP 00070A08 
.text  C:\Windows\system32\svchost.exe[3572] ADVAPI32.dll!ChangeServiceConfig2A                                                                  76347099 5 Bytes  JMP 00070C0C 
.text  C:\Windows\system32\svchost.exe[3572] ADVAPI32.dll!ChangeServiceConfig2W                                                                  763471E1 5 Bytes  JMP 00070E10 
.text  C:\Windows\system32\svchost.exe[3572] ADVAPI32.dll!CreateServiceA                                                                         763472A1 5 Bytes  JMP 000701F8 
.text  C:\Windows\system32\svchost.exe[3572] USER32.dll!SetWindowsHookExA                                                                        761E6322 5 Bytes  JMP 00080600 
.text  C:\Windows\system32\svchost.exe[3572] USER32.dll!SetWindowsHookExW                                                                        761E87AD 5 Bytes  JMP 00080804 
.text  C:\Windows\system32\svchost.exe[3572] USER32.dll!UnhookWindowsHookEx                                                                      761E98DB 5 Bytes  JMP 00080A08 
.text  C:\Windows\system32\svchost.exe[3572] USER32.dll!SetWinEventHook                                                                          761E9F3A 5 Bytes  JMP 000801F8 
.text  C:\Windows\system32\svchost.exe[3572] USER32.dll!UnhookWinEvent                                                                           761EC06F 5 Bytes  JMP 000803FC 
.text  C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3584] ntdll.dll!LdrLoadDll                                         76F29378 5 Bytes  JMP 000601F8 
.text  C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3584] ntdll.dll!LdrUnloadDll                                       76F3B680 5 Bytes  JMP 000603FC 
.text  C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3584] KERNEL32.dll!GetBinaryTypeW + 70                             76C12447 1 Byte  [62]
.text  C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3584] ADVAPI32.dll!CreateServiceW                                  76309EB4 5 Bytes  JMP 000703FC 
.text  C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3584] ADVAPI32.dll!DeleteService                                   7630A07E 5 Bytes  JMP 00070600 
.text  C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3584] ADVAPI32.dll!SetServiceObjectSecurity                        76346CD9 5 Bytes  JMP 00071014 
.text  C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3584] ADVAPI32.dll!ChangeServiceConfigA                            76346DD9 5 Bytes  JMP 00070804 
.text  C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3584] ADVAPI32.dll!ChangeServiceConfigW                            76346F81 5 Bytes  JMP 00070A08 
.text  C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3584] ADVAPI32.dll!ChangeServiceConfig2A                           76347099 5 Bytes  JMP 00070C0C 
.text  C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3584] ADVAPI32.dll!ChangeServiceConfig2W                           763471E1 5 Bytes  JMP 00070E10 
.text  C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3584] ADVAPI32.dll!CreateServiceA                                  763472A1 5 Bytes  JMP 000701F8 
.text  C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3584] USER32.dll!SetWindowsHookExA                                 761E6322 5 Bytes  JMP 00080600 
.text  C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3584] USER32.dll!SetWindowsHookExW                                 761E87AD 5 Bytes  JMP 00080804 
.text  C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3584] USER32.dll!UnhookWindowsHookEx                               761E98DB 5 Bytes  JMP 00080A08 
.text  C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3584] USER32.dll!SetWinEventHook                                   761E9F3A 5 Bytes  JMP 000801F8 
.text  C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3584] USER32.dll!UnhookWinEvent                                    761EC06F 5 Bytes  JMP 000803FC 
.text  C:\Windows\System32\hkcmd.exe[3628] ntdll.dll!LdrLoadDll                                                                                  76F29378 5 Bytes  JMP 001601F8 
.text  C:\Windows\System32\hkcmd.exe[3628] ntdll.dll!LdrUnloadDll                                                                                76F3B680 5 Bytes  JMP 001603FC 
.text  C:\Windows\System32\hkcmd.exe[3628] KERNEL32.dll!GetBinaryTypeW + 70                                                                      76C12447 1 Byte  [62]
.text  C:\Windows\System32\hkcmd.exe[3628] USER32.dll!SetWindowsHookExA                                                                          761E6322 5 Bytes  JMP 00180600 
.text  C:\Windows\System32\hkcmd.exe[3628] USER32.dll!SetWindowsHookExW                                                                          761E87AD 5 Bytes  JMP 00180804 
.text  C:\Windows\System32\hkcmd.exe[3628] USER32.dll!UnhookWindowsHookEx                                                                        761E98DB 5 Bytes  JMP 00180A08 
.text  C:\Windows\System32\hkcmd.exe[3628] USER32.dll!SetWinEventHook                                                                            761E9F3A 5 Bytes  JMP 001801F8 
.text  C:\Windows\System32\hkcmd.exe[3628] USER32.dll!UnhookWinEvent                                                                             761EC06F 5 Bytes  JMP 001803FC 
.text  C:\Windows\System32\hkcmd.exe[3628] ADVAPI32.dll!CreateServiceW                                                                           76309EB4 5 Bytes  JMP 001903FC 
.text  C:\Windows\System32\hkcmd.exe[3628] ADVAPI32.dll!DeleteService                                                                            7630A07E 5 Bytes  JMP 00190600 
.text  C:\Windows\System32\hkcmd.exe[3628] ADVAPI32.dll!SetServiceObjectSecurity                                                                 76346CD9 5 Bytes  JMP 00191014 
.text  C:\Windows\System32\hkcmd.exe[3628] ADVAPI32.dll!ChangeServiceConfigA                                                                     76346DD9 5 Bytes  JMP 00190804 
.text  C:\Windows\System32\hkcmd.exe[3628] ADVAPI32.dll!ChangeServiceConfigW                                                                     76346F81 5 Bytes  JMP 00190A08 
.text  C:\Windows\System32\hkcmd.exe[3628] ADVAPI32.dll!ChangeServiceConfig2A                                                                    76347099 5 Bytes  JMP 00190C0C 
.text  C:\Windows\System32\hkcmd.exe[3628] ADVAPI32.dll!ChangeServiceConfig2W                                                                    763471E1 5 Bytes  JMP 00190E10 
.text  C:\Windows\System32\hkcmd.exe[3628] ADVAPI32.dll!CreateServiceA                                                                           763472A1 5 Bytes  JMP 001901F8 
.text  C:\Program Files\EPSON Software\Event Manager\EEventManager.exe[3648] ntdll.dll!LdrLoadDll                                                76F29378 5 Bytes  JMP 000601F8 
.text  C:\Program Files\EPSON Software\Event Manager\EEventManager.exe[3648] ntdll.dll!LdrUnloadDll                                              76F3B680 5 Bytes  JMP 000603FC 
.text  C:\Program Files\EPSON Software\Event Manager\EEventManager.exe[3648] KERNEL32.dll!GetBinaryTypeW + 70                                    76C12447 1 Byte  [62]
.text  C:\Program Files\EPSON Software\Event Manager\EEventManager.exe[3648] ADVAPI32.dll!CreateServiceW                                         76309EB4 5 Bytes  JMP 000703FC 
.text  C:\Program Files\EPSON Software\Event Manager\EEventManager.exe[3648] ADVAPI32.dll!DeleteService                                          7630A07E 5 Bytes  JMP 00070600 
.text  C:\Program Files\EPSON Software\Event Manager\EEventManager.exe[3648] ADVAPI32.dll!SetServiceObjectSecurity                               76346CD9 5 Bytes  JMP 00071014 
.text  C:\Program Files\EPSON Software\Event Manager\EEventManager.exe[3648] ADVAPI32.dll!ChangeServiceConfigA                                   76346DD9 5 Bytes  JMP 00070804 
.text  C:\Program Files\EPSON Software\Event Manager\EEventManager.exe[3648] ADVAPI32.dll!ChangeServiceConfigW                                   76346F81 5 Bytes  JMP 00070A08 
.text  C:\Program Files\EPSON Software\Event Manager\EEventManager.exe[3648] ADVAPI32.dll!ChangeServiceConfig2A                                  76347099 5 Bytes  JMP 00070C0C 
.text  C:\Program Files\EPSON Software\Event Manager\EEventManager.exe[3648] ADVAPI32.dll!ChangeServiceConfig2W                                  763471E1 5 Bytes  JMP 00070E10 
.text  C:\Program Files\EPSON Software\Event Manager\EEventManager.exe[3648] ADVAPI32.dll!CreateServiceA                                         763472A1 5 Bytes  JMP 000701F8 
.text  C:\Program Files\EPSON Software\Event Manager\EEventManager.exe[3648] USER32.dll!SetWindowsHookExA                                        761E6322 5 Bytes  JMP 00080600 
.text  C:\Program Files\EPSON Software\Event Manager\EEventManager.exe[3648] USER32.dll!SetWindowsHookExW                                        761E87AD 5 Bytes  JMP 00080804 
.text  C:\Program Files\EPSON Software\Event Manager\EEventManager.exe[3648] USER32.dll!UnhookWindowsHookEx                                      761E98DB 5 Bytes  JMP 00080A08 
.text  C:\Program Files\EPSON Software\Event Manager\EEventManager.exe[3648] USER32.dll!SetWinEventHook                                          761E9F3A 5 Bytes  JMP 000801F8 
.text  C:\Program Files\EPSON Software\Event Manager\EEventManager.exe[3648] USER32.dll!UnhookWinEvent                                           761EC06F 5 Bytes  JMP 000803FC 
.text  C:\Windows\system32\svchost.exe[3652] ntdll.dll!LdrLoadDll                                                                                76F29378 5 Bytes  JMP 000601F8 
.text  C:\Windows\system32\svchost.exe[3652] ntdll.dll!LdrUnloadDll                                                                              76F3B680 5 Bytes  JMP 000603FC 
.text  C:\Windows\system32\svchost.exe[3652] KERNEL32.dll!GetBinaryTypeW + 70                                                                    76C12447 1 Byte  [62]
.text  C:\Windows\system32\svchost.exe[3652] ADVAPI32.dll!CreateServiceW                                                                         76309EB4 5 Bytes  JMP 000703FC 
.text  C:\Windows\system32\svchost.exe[3652] ADVAPI32.dll!DeleteService                                                                          7630A07E 5 Bytes  JMP 00070600 
.text  C:\Windows\system32\svchost.exe[3652] ADVAPI32.dll!SetServiceObjectSecurity                                                               76346CD9 5 Bytes  JMP 00071014 
.text  C:\Windows\system32\svchost.exe[3652] ADVAPI32.dll!ChangeServiceConfigA                                                                   76346DD9 5 Bytes  JMP 00070804 
.text  C:\Windows\system32\svchost.exe[3652] ADVAPI32.dll!ChangeServiceConfigW                                                                   76346F81 5 Bytes  JMP 00070A08 
.text  C:\Windows\system32\svchost.exe[3652] ADVAPI32.dll!ChangeServiceConfig2A                                                                  76347099 5 Bytes  JMP 00070C0C 
.text  C:\Windows\system32\svchost.exe[3652] ADVAPI32.dll!ChangeServiceConfig2W                                                                  763471E1 5 Bytes  JMP 00070E10 
.text  C:\Windows\system32\svchost.exe[3652] ADVAPI32.dll!CreateServiceA                                                                         763472A1 5 Bytes  JMP 000701F8 
.text  C:\Windows\system32\svchost.exe[3652] USER32.dll!SetWindowsHookExA                                                                        761E6322 5 Bytes  JMP 00080600 
.text  C:\Windows\system32\svchost.exe[3652] USER32.dll!SetWindowsHookExW                                                                        761E87AD 5 Bytes  JMP 00080804 
.text  C:\Windows\system32\svchost.exe[3652] USER32.dll!UnhookWindowsHookEx                                                                      761E98DB 5 Bytes  JMP 00080A08 
.text  C:\Windows\system32\svchost.exe[3652] USER32.dll!SetWinEventHook                                                                          761E9F3A 5 Bytes  JMP 000801F8 
.text  C:\Windows\system32\svchost.exe[3652] USER32.dll!UnhookWinEvent                                                                           761EC06F 5 Bytes  JMP 000803FC 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[3688] ntdll.dll!LdrLoadDll                                                  76F29378 5 Bytes  JMP 001601F8 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[3688] ntdll.dll!LdrUnloadDll                                                76F3B680 5 Bytes  JMP 001603FC 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[3688] KERNEL32.dll!GetBinaryTypeW + 70                                      76C12447 1 Byte  [62]
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[3688] ADVAPI32.dll!CreateServiceW                                           76309EB4 5 Bytes  JMP 001803FC 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[3688] ADVAPI32.dll!DeleteService                                            7630A07E 5 Bytes  JMP 00180600 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[3688] ADVAPI32.dll!SetServiceObjectSecurity                                 76346CD9 5 Bytes  JMP 00181014 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[3688] ADVAPI32.dll!ChangeServiceConfigA                                     76346DD9 5 Bytes  JMP 00180804 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[3688] ADVAPI32.dll!ChangeServiceConfigW                                     76346F81 5 Bytes  JMP 00180A08 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[3688] ADVAPI32.dll!ChangeServiceConfig2A                                    76347099 5 Bytes  JMP 00180C0C 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[3688] ADVAPI32.dll!ChangeServiceConfig2W                                    763471E1 5 Bytes  JMP 00180E10 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[3688] ADVAPI32.dll!CreateServiceA                                           763472A1 5 Bytes  JMP 001801F8 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[3688] USER32.dll!SetWindowsHookExA                                          761E6322 5 Bytes  JMP 00190600 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[3688] USER32.dll!SetWindowsHookExW                                          761E87AD 5 Bytes  JMP 00190804 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[3688] USER32.dll!UnhookWindowsHookEx                                        761E98DB 5 Bytes  JMP 00190A08 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[3688] USER32.dll!SetWinEventHook                                            761E9F3A 5 Bytes  JMP 001901F8 
.text  C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[3688] USER32.dll!UnhookWinEvent                                             761EC06F 5 Bytes  JMP 001903FC 
.text  C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe[3744] ntdll.dll!LdrLoadDll                                                  76F29378 5 Bytes  JMP 000701F8 
.text  C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe[3744] ntdll.dll!LdrUnloadDll                                                76F3B680 5 Bytes  JMP 000703FC 
.text  C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe[3744] KERNEL32.dll!GetBinaryTypeW + 70                                      76C12447 1 Byte  [62]
.text  C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe[3744] USER32.dll!SetWindowsHookExA                                          761E6322 5 Bytes  JMP 00080600 
.text  C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe[3744] USER32.dll!SetWindowsHookExW                                          761E87AD 5 Bytes  JMP 00080804 
.text  C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe[3744] USER32.dll!UnhookWindowsHookEx                                        761E98DB 5 Bytes  JMP 00080A08 
.text  C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe[3744] USER32.dll!SetWinEventHook                                            761E9F3A 5 Bytes  JMP 000801F8 
.text  C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe[3744] USER32.dll!UnhookWinEvent                                             761EC06F 5 Bytes  JMP 000803FC 
.text  C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe[3744] ADVAPI32.dll!CreateServiceW                                           76309EB4 5 Bytes  JMP 000903FC 
.text  C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe[3744] ADVAPI32.dll!DeleteService                                            7630A07E 5 Bytes  JMP 00090600 
.text  C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe[3744] ADVAPI32.dll!SetServiceObjectSecurity                                 76346CD9 5 Bytes  JMP 00091014 
.text  C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe[3744] ADVAPI32.dll!ChangeServiceConfigA                                     76346DD9 5 Bytes  JMP 00090804 
.text  C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe[3744] ADVAPI32.dll!ChangeServiceConfigW                                     76346F81 5 Bytes  JMP 00090A08 
.text  C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe[3744] ADVAPI32.dll!ChangeServiceConfig2A                                    76347099 5 Bytes  JMP 00090C0C 
.text  C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe[3744] ADVAPI32.dll!ChangeServiceConfig2W                                    763471E1 5 Bytes  JMP 00090E10 
.text  C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe[3744] ADVAPI32.dll!CreateServiceA                                           763472A1 5 Bytes  JMP 000901F8 
.text  C:\Windows\System32\svchost.exe[3764] ntdll.dll!LdrLoadDll                                                                                76F29378 5 Bytes  JMP 000601F8 
.text  C:\Windows\System32\svchost.exe[3764] ntdll.dll!LdrUnloadDll                                                                              76F3B680 5 Bytes  JMP 000603FC 
.text  C:\Windows\System32\svchost.exe[3764] KERNEL32.dll!GetBinaryTypeW + 70                                                                    76C12447 1 Byte  [62]
.text  C:\Windows\System32\svchost.exe[3764] ADVAPI32.dll!CreateServiceW                                                                         76309EB4 5 Bytes  JMP 000703FC 
.text  C:\Windows\System32\svchost.exe[3764] ADVAPI32.dll!DeleteService                                                                          7630A07E 5 Bytes  JMP 00070600 
.text  C:\Windows\System32\svchost.exe[3764] ADVAPI32.dll!SetServiceObjectSecurity                                                               76346CD9 5 Bytes  JMP 00071014 
.text  C:\Windows\System32\svchost.exe[3764] ADVAPI32.dll!ChangeServiceConfigA                                                                   76346DD9 5 Bytes  JMP 00070804 
.text  C:\Windows\System32\svchost.exe[3764] ADVAPI32.dll!ChangeServiceConfigW                                                                   76346F81 5 Bytes  JMP 00070A08 
.text  C:\Windows\System32\svchost.exe[3764] ADVAPI32.dll!ChangeServiceConfig2A                                                                  76347099 5 Bytes  JMP 00070C0C 
.text  C:\Windows\System32\svchost.exe[3764] ADVAPI32.dll!ChangeServiceConfig2W                                                                  763471E1 5 Bytes  JMP 00070E10 
.text  C:\Windows\System32\svchost.exe[3764] ADVAPI32.dll!CreateServiceA                                                                         763472A1 5 Bytes  JMP 000701F8 
.text  C:\Windows\system32\SearchIndexer.exe[3784] ntdll.dll!LdrLoadDll                                                                          76F29378 5 Bytes  JMP 000601F8 
.text  C:\Windows\system32\SearchIndexer.exe[3784] ntdll.dll!LdrUnloadDll                                                                        76F3B680 5 Bytes  JMP 000603FC 
.text  C:\Windows\system32\SearchIndexer.exe[3784] KERNEL32.dll!GetBinaryTypeW + 70                                                              76C12447 1 Byte  [62]
.text  C:\Windows\system32\SearchIndexer.exe[3784] ADVAPI32.dll!CreateServiceW                                                                   76309EB4 5 Bytes  JMP 000703FC 
.text  C:\Windows\system32\SearchIndexer.exe[3784] ADVAPI32.dll!DeleteService                                                                    7630A07E 5 Bytes  JMP 00070600 
.text  C:\Windows\system32\SearchIndexer.exe[3784] ADVAPI32.dll!SetServiceObjectSecurity                                                         76346CD9 5 Bytes  JMP 00071014 
.text  C:\Windows\system32\SearchIndexer.exe[3784] ADVAPI32.dll!ChangeServiceConfigA                                                             76346DD9 5 Bytes  JMP 00070804 
.text  C:\Windows\system32\SearchIndexer.exe[3784] ADVAPI32.dll!ChangeServiceConfigW                                                             76346F81 5 Bytes  JMP 00070A08 
.text  C:\Windows\system32\SearchIndexer.exe[3784] ADVAPI32.dll!ChangeServiceConfig2A                                                            76347099 5 Bytes  JMP 00070C0C 
.text  C:\Windows\system32\SearchIndexer.exe[3784] ADVAPI32.dll!ChangeServiceConfig2W                                                            763471E1 5 Bytes  JMP 00070E10 
.text  C:\Windows\system32\SearchIndexer.exe[3784] ADVAPI32.dll!CreateServiceA                                                                   763472A1 5 Bytes  JMP 000701F8 
.text  C:\Windows\system32\SearchIndexer.exe[3784] USER32.dll!SetWindowsHookExA                                                                  761E6322 5 Bytes  JMP 00080600 
.text  C:\Windows\system32\SearchIndexer.exe[3784] USER32.dll!SetWindowsHookExW                                                                  761E87AD 5 Bytes  JMP 00080804 
.text  C:\Windows\system32\SearchIndexer.exe[3784] USER32.dll!UnhookWindowsHookEx                                                                761E98DB 5 Bytes  JMP 00080A08 
.text  C:\Windows\system32\SearchIndexer.exe[3784] USER32.dll!SetWinEventHook                                                                    761E9F3A 5 Bytes  JMP 000801F8 
.text  C:\Windows\system32\SearchIndexer.exe[3784] USER32.dll!UnhookWinEvent                                                                     761EC06F 5 Bytes  JMP 000803FC 
.text  C:\Windows\system32\RUNDLL32.EXE[3844] ntdll.dll!LdrLoadDll                                                                               76F29378 5 Bytes  JMP 000701F8
__________________
Alt 03.09.2013, 20:25   #4
Ju_Vo
 
VAF Player lässt sich nicht deinstallieren! - Standard

VAF Player lässt sich nicht deinstallieren!


Teil 2 GMER

Code:
ATTFilter
.text  C:\Windows\system32\RUNDLL32.EXE[3844] ntdll.dll!LdrUnloadDll                                                                             76F3B680 5 Bytes  JMP 000703FC 
.text  C:\Windows\system32\RUNDLL32.EXE[3844] KERNEL32.dll!GetBinaryTypeW + 70                                                                   76C12447 1 Byte  [62]
.text  C:\Windows\system32\RUNDLL32.EXE[3844] USER32.dll!SetWindowsHookExA                                                                       761E6322 5 Bytes  JMP 00080600 
.text  C:\Windows\system32\RUNDLL32.EXE[3844] USER32.dll!SetWindowsHookExW                                                                       761E87AD 5 Bytes  JMP 00080804 
.text  C:\Windows\system32\RUNDLL32.EXE[3844] USER32.dll!UnhookWindowsHookEx                                                                     761E98DB 5 Bytes  JMP 00080A08 
.text  C:\Windows\system32\RUNDLL32.EXE[3844] USER32.dll!SetWinEventHook                                                                         761E9F3A 5 Bytes  JMP 000801F8 
.text  C:\Windows\system32\RUNDLL32.EXE[3844] USER32.dll!UnhookWinEvent                                                                          761EC06F 5 Bytes  JMP 000803FC 
.text  C:\Windows\system32\RUNDLL32.EXE[3844] ADVAPI32.dll!CreateServiceW                                                                        76309EB4 5 Bytes  JMP 000903FC 
.text  C:\Windows\system32\RUNDLL32.EXE[3844] ADVAPI32.dll!DeleteService                                                                         7630A07E 5 Bytes  JMP 00090600 
.text  C:\Windows\system32\RUNDLL32.EXE[3844] ADVAPI32.dll!SetServiceObjectSecurity                                                              76346CD9 5 Bytes  JMP 00091014 
.text  C:\Windows\system32\RUNDLL32.EXE[3844] ADVAPI32.dll!ChangeServiceConfigA                                                                  76346DD9 5 Bytes  JMP 00090804 
.text  C:\Windows\system32\RUNDLL32.EXE[3844] ADVAPI32.dll!ChangeServiceConfigW                                                                  76346F81 5 Bytes  JMP 00090A08 
.text  C:\Windows\system32\RUNDLL32.EXE[3844] ADVAPI32.dll!ChangeServiceConfig2A                                                                 76347099 5 Bytes  JMP 00090C0C 
.text  C:\Windows\system32\RUNDLL32.EXE[3844] ADVAPI32.dll!ChangeServiceConfig2W                                                                 763471E1 5 Bytes  JMP 00090E10 
.text  C:\Windows\system32\RUNDLL32.EXE[3844] ADVAPI32.dll!CreateServiceA                                                                        763472A1 5 Bytes  JMP 000901F8 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!LdrLoadDll                                               76F29378 5 Bytes  JMP 002401F8 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[3948] ntdll.dll!LdrUnloadDll                                             76F3B680 5 Bytes  JMP 002403FC 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[3948] KERNEL32.dll!GetBinaryTypeW + 70                                   76C12447 1 Byte  [62]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[3948] USER32.dll!SetWindowsHookExA                                       761E6322 5 Bytes  JMP 00250600 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[3948] USER32.dll!SetWindowsHookExW                                       761E87AD 5 Bytes  JMP 00250804 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[3948] USER32.dll!UnhookWindowsHookEx                                     761E98DB 5 Bytes  JMP 00250A08 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[3948] USER32.dll!SetWinEventHook                                         761E9F3A 5 Bytes  JMP 002501F8 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[3948] USER32.dll!UnhookWinEvent                                          761EC06F 5 Bytes  JMP 002503FC 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[3948] ADVAPI32.dll!CreateServiceW                                        76309EB4 5 Bytes  JMP 002603FC 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[3948] ADVAPI32.dll!DeleteService                                         7630A07E 5 Bytes  JMP 00260600 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[3948] ADVAPI32.dll!SetServiceObjectSecurity                              76346CD9 5 Bytes  JMP 00261014 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[3948] ADVAPI32.dll!ChangeServiceConfigA                                  76346DD9 5 Bytes  JMP 00260804 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[3948] ADVAPI32.dll!ChangeServiceConfigW                                  76346F81 5 Bytes  JMP 00260A08 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[3948] ADVAPI32.dll!ChangeServiceConfig2A                                 76347099 5 Bytes  JMP 00260C0C 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[3948] ADVAPI32.dll!ChangeServiceConfig2W                                 763471E1 5 Bytes  JMP 00260E10 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[3948] ADVAPI32.dll!CreateServiceA                                        763472A1 5 Bytes  JMP 002601F8 
.text  C:\Program Files\IDT\WDM\sttray.exe[3964] ntdll.dll!LdrLoadDll                                                                            76F29378 5 Bytes  JMP 001601F8 
.text  C:\Program Files\IDT\WDM\sttray.exe[3964] ntdll.dll!LdrUnloadDll                                                                          76F3B680 5 Bytes  JMP 001603FC 
.text  C:\Program Files\IDT\WDM\sttray.exe[3964] KERNEL32.dll!GetBinaryTypeW + 70                                                                76C12447 1 Byte  [62]
.text  C:\Program Files\IDT\WDM\sttray.exe[3964] USER32.dll!SetWindowsHookExA                                                                    761E6322 5 Bytes  JMP 00170600 
.text  C:\Program Files\IDT\WDM\sttray.exe[3964] USER32.dll!SetWindowsHookExW                                                                    761E87AD 5 Bytes  JMP 00170804 
.text  C:\Program Files\IDT\WDM\sttray.exe[3964] USER32.dll!UnhookWindowsHookEx                                                                  761E98DB 5 Bytes  JMP 00170A08 
.text  C:\Program Files\IDT\WDM\sttray.exe[3964] USER32.dll!SetWinEventHook                                                                      761E9F3A 5 Bytes  JMP 001701F8 
.text  C:\Program Files\IDT\WDM\sttray.exe[3964] USER32.dll!UnhookWinEvent                                                                       761EC06F 5 Bytes  JMP 001703FC 
.text  C:\Program Files\IDT\WDM\sttray.exe[3964] ADVAPI32.dll!CreateServiceW                                                                     76309EB4 5 Bytes  JMP 001803FC 
.text  C:\Program Files\IDT\WDM\sttray.exe[3964] ADVAPI32.dll!DeleteService                                                                      7630A07E 5 Bytes  JMP 00180600 
.text  C:\Program Files\IDT\WDM\sttray.exe[3964] ADVAPI32.dll!SetServiceObjectSecurity                                                           76346CD9 5 Bytes  JMP 00181014 
.text  C:\Program Files\IDT\WDM\sttray.exe[3964] ADVAPI32.dll!ChangeServiceConfigA                                                               76346DD9 5 Bytes  JMP 00180804 
.text  C:\Program Files\IDT\WDM\sttray.exe[3964] ADVAPI32.dll!ChangeServiceConfigW                                                               76346F81 5 Bytes  JMP 00180A08 
.text  C:\Program Files\IDT\WDM\sttray.exe[3964] ADVAPI32.dll!ChangeServiceConfig2A                                                              76347099 5 Bytes  JMP 00180C0C 
.text  C:\Program Files\IDT\WDM\sttray.exe[3964] ADVAPI32.dll!ChangeServiceConfig2W                                                              763471E1 5 Bytes  JMP 00180E10 
.text  C:\Program Files\IDT\WDM\sttray.exe[3964] ADVAPI32.dll!CreateServiceA                                                                     763472A1 5 Bytes  JMP 001801F8 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!LdrLoadDll                                               76F29378 5 Bytes  JMP 00BA01F8 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!LdrUnloadDll                                             76F3B680 5 Bytes  JMP 00BA03FC 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtCreateFile + 6                                         76F6426A 4 Bytes  [28, 94, B0, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtCreateFile + B                                         76F6426F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtMapViewOfSection + 6                                   76F649BA 4 Bytes  [28, 97, B0, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtMapViewOfSection + B                                   76F649BF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtOpenFile + 6                                           76F64A4A 4 Bytes  [68, 94, B0, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtOpenFile + B                                           76F64A4F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtOpenProcess + 6                                        76F64ACA 4 Bytes  [A8, 95, B0, 00] {TEST AL, 0x95; MOV AL, 0x0}
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtOpenProcess + B                                        76F64ACF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtOpenProcessToken + 6                                   76F64ADA 4 Bytes  CALL 75F6FB74 C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtOpenProcessToken + B                                   76F64ADF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtOpenProcessTokenEx + 6                                 76F64AEA 4 Bytes  [A8, 96, B0, 00] {TEST AL, 0x96; MOV AL, 0x0}
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtOpenProcessTokenEx + B                                 76F64AEF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtOpenThread + 6                                         76F64B3A 4 Bytes  [68, 95, B0, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtOpenThread + B                                         76F64B3F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtOpenThreadToken + 6                                    76F64B4A 4 Bytes  [68, 96, B0, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtOpenThreadToken + B                                    76F64B4F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtOpenThreadTokenEx + 6                                  76F64B5A 4 Bytes  CALL 75F6FBF5 C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtOpenThreadTokenEx + B                                  76F64B5F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtQueryAttributesFile + 6                                76F64BEA 4 Bytes  [A8, 94, B0, 00] {TEST AL, 0x94; MOV AL, 0x0}
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtQueryAttributesFile + B                                76F64BEF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtQueryFullAttributesFile + 6                            76F64C9A 4 Bytes  CALL 75F6FD33 C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtQueryFullAttributesFile + B                            76F64C9F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtSetInformationFile + 6                                 76F6517A 4 Bytes  [28, 95, B0, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtSetInformationFile + B                                 76F6517F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtSetInformationThread + 6                               76F651CA 4 Bytes  [28, 96, B0, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtSetInformationThread + B                               76F651CF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtUnmapViewOfSection + 6                                 76F6546A 4 Bytes  [68, 97, B0, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ntdll.dll!NtUnmapViewOfSection + B                                 76F6546F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] KERNEL32.dll!GetBinaryTypeW + 70                                   76C12447 1 Byte  [62]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] USER32.dll!SetWindowsHookExA                                       761E6322 5 Bytes  JMP 00BB0600 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] USER32.dll!SetWindowsHookExW                                       761E87AD 5 Bytes  JMP 00BB0804 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] USER32.dll!UnhookWindowsHookEx                                     761E98DB 5 Bytes  JMP 00BB0A08 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] USER32.dll!SetWinEventHook                                         761E9F3A 5 Bytes  JMP 00BB01F8 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] USER32.dll!UnhookWinEvent                                          761EC06F 5 Bytes  JMP 00BB03FC 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ADVAPI32.dll!CreateServiceW                                        76309EB4 5 Bytes  JMP 00BC03FC 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ADVAPI32.dll!DeleteService                                         7630A07E 5 Bytes  JMP 00BC0600 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ADVAPI32.dll!SetServiceObjectSecurity                              76346CD9 5 Bytes  JMP 00BC1014 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ADVAPI32.dll!ChangeServiceConfigA                                  76346DD9 5 Bytes  JMP 00BC0804 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ADVAPI32.dll!ChangeServiceConfigW                                  76346F81 5 Bytes  JMP 00BC0A08 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ADVAPI32.dll!ChangeServiceConfig2A                                 76347099 5 Bytes  JMP 00BC0C0C 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ADVAPI32.dll!ChangeServiceConfig2W                                 763471E1 5 Bytes  JMP 00BC0E10 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4400] ADVAPI32.dll!CreateServiceA                                        763472A1 5 Bytes  JMP 00BC01F8 
.text  C:\Program Files\DellTPad\ApMsgFwd.exe[4588] ntdll.dll!LdrLoadDll                                                                         76F29378 5 Bytes  JMP 001601F8 
.text  C:\Program Files\DellTPad\ApMsgFwd.exe[4588] ntdll.dll!LdrUnloadDll                                                                       76F3B680 5 Bytes  JMP 001603FC 
.text  C:\Program Files\DellTPad\ApMsgFwd.exe[4588] KERNEL32.dll!GetBinaryTypeW + 70                                                             76C12447 1 Byte  [62]
.text  C:\Program Files\DellTPad\ApMsgFwd.exe[4588] USER32.dll!SetWindowsHookExA                                                                 761E6322 5 Bytes  JMP 00170600 
.text  C:\Program Files\DellTPad\ApMsgFwd.exe[4588] USER32.dll!SetWindowsHookExW                                                                 761E87AD 5 Bytes  JMP 00170804 
.text  C:\Program Files\DellTPad\ApMsgFwd.exe[4588] USER32.dll!UnhookWindowsHookEx                                                               761E98DB 5 Bytes  JMP 00170A08 
.text  C:\Program Files\DellTPad\ApMsgFwd.exe[4588] USER32.dll!SetWinEventHook                                                                   761E9F3A 5 Bytes  JMP 001701F8 
.text  C:\Program Files\DellTPad\ApMsgFwd.exe[4588] USER32.dll!UnhookWinEvent                                                                    761EC06F 5 Bytes  JMP 001703FC 
.text  C:\Program Files\DellTPad\ApMsgFwd.exe[4588] ADVAPI32.dll!CreateServiceW                                                                  76309EB4 5 Bytes  JMP 001803FC 
.text  C:\Program Files\DellTPad\ApMsgFwd.exe[4588] ADVAPI32.dll!DeleteService                                                                   7630A07E 5 Bytes  JMP 00180600 
.text  C:\Program Files\DellTPad\ApMsgFwd.exe[4588] ADVAPI32.dll!SetServiceObjectSecurity                                                        76346CD9 5 Bytes  JMP 00181014 
.text  C:\Program Files\DellTPad\ApMsgFwd.exe[4588] ADVAPI32.dll!ChangeServiceConfigA                                                            76346DD9 5 Bytes  JMP 00180804 
.text  C:\Program Files\DellTPad\ApMsgFwd.exe[4588] ADVAPI32.dll!ChangeServiceConfigW                                                            76346F81 5 Bytes  JMP 00180A08 
.text  C:\Program Files\DellTPad\ApMsgFwd.exe[4588] ADVAPI32.dll!ChangeServiceConfig2A                                                           76347099 5 Bytes  JMP 00180C0C 
.text  C:\Program Files\DellTPad\ApMsgFwd.exe[4588] ADVAPI32.dll!ChangeServiceConfig2W                                                           763471E1 5 Bytes  JMP 00180E10 
.text  C:\Program Files\DellTPad\ApMsgFwd.exe[4588] ADVAPI32.dll!CreateServiceA                                                                  763472A1 5 Bytes  JMP 001801F8 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!LdrLoadDll                                               76F29378 5 Bytes  JMP 007001F8 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!LdrUnloadDll                                             76F3B680 5 Bytes  JMP 007003FC 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtCreateFile + 6                                         76F6426A 4 Bytes  [28, EC, 6B, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtCreateFile + B                                         76F6426F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtMapViewOfSection + 6                                   76F649BA 4 Bytes  [28, EF, 6B, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtMapViewOfSection + B                                   76F649BF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtOpenFile + 6                                           76F64A4A 4 Bytes  [68, EC, 6B, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtOpenFile + B                                           76F64A4F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtOpenProcess + 6                                        76F64ACA 4 Bytes  [A8, ED, 6B, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtOpenProcess + B                                        76F64ACF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtOpenProcessToken + 6                                   76F64ADA 4 Bytes  CALL 75F6B6CC C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtOpenProcessToken + B                                   76F64ADF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtOpenProcessTokenEx + 6                                 76F64AEA 4 Bytes  [A8, EE, 6B, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtOpenProcessTokenEx + B                                 76F64AEF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtOpenThread + 6                                         76F64B3A 4 Bytes  [68, ED, 6B, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtOpenThread + B                                         76F64B3F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtOpenThreadToken + 6                                    76F64B4A 4 Bytes  [68, EE, 6B, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtOpenThreadToken + B                                    76F64B4F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtOpenThreadTokenEx + 6                                  76F64B5A 4 Bytes  CALL 75F6B74D C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtOpenThreadTokenEx + B                                  76F64B5F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtQueryAttributesFile + 6                                76F64BEA 4 Bytes  [A8, EC, 6B, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtQueryAttributesFile + B                                76F64BEF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtQueryFullAttributesFile + 6                            76F64C9A 4 Bytes  CALL 75F6B88B C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtQueryFullAttributesFile + B                            76F64C9F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtSetInformationFile + 6                                 76F6517A 4 Bytes  [28, ED, 6B, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtSetInformationFile + B                                 76F6517F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtSetInformationThread + 6                               76F651CA 4 Bytes  [28, EE, 6B, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtSetInformationThread + B                               76F651CF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtUnmapViewOfSection + 6                                 76F6546A 4 Bytes  [68, EF, 6B, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ntdll.dll!NtUnmapViewOfSection + B                                 76F6546F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] KERNEL32.dll!GetBinaryTypeW + 70                                   76C12447 1 Byte  [62]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] USER32.dll!SetWindowsHookExA                                       761E6322 5 Bytes  JMP 00710600 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] USER32.dll!SetWindowsHookExW                                       761E87AD 5 Bytes  JMP 00710804 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] USER32.dll!UnhookWindowsHookEx                                     761E98DB 5 Bytes  JMP 00710A08 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] USER32.dll!SetWinEventHook                                         761E9F3A 5 Bytes  JMP 007101F8 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] USER32.dll!UnhookWinEvent                                          761EC06F 5 Bytes  JMP 007103FC 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ADVAPI32.dll!CreateServiceW                                        76309EB4 5 Bytes  JMP 007703FC 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ADVAPI32.dll!DeleteService                                         7630A07E 5 Bytes  JMP 00770600 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ADVAPI32.dll!SetServiceObjectSecurity                              76346CD9 5 Bytes  JMP 00771014 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ADVAPI32.dll!ChangeServiceConfigA                                  76346DD9 5 Bytes  JMP 00770804 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ADVAPI32.dll!ChangeServiceConfigW                                  76346F81 5 Bytes  JMP 00770A08 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ADVAPI32.dll!ChangeServiceConfig2A                                 76347099 5 Bytes  JMP 00770C0C 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ADVAPI32.dll!ChangeServiceConfig2W                                 763471E1 5 Bytes  JMP 00770E10 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[4596] ADVAPI32.dll!CreateServiceA                                        763472A1 5 Bytes  JMP 007701F8 
.text  C:\Windows\ehome\ehmsas.exe[4720] ntdll.dll!LdrLoadDll                                                                                    76F29378 5 Bytes  JMP 000501F8 
.text  C:\Windows\ehome\ehmsas.exe[4720] ntdll.dll!LdrUnloadDll                                                                                  76F3B680 5 Bytes  JMP 000503FC 
.text  C:\Windows\ehome\ehmsas.exe[4720] KERNEL32.dll!GetBinaryTypeW + 70                                                                        76C12447 1 Byte  [62]
.text  C:\Windows\ehome\ehmsas.exe[4720] ADVAPI32.dll!CreateServiceW                                                                             76309EB4 5 Bytes  JMP 000603FC 
.text  C:\Windows\ehome\ehmsas.exe[4720] ADVAPI32.dll!DeleteService                                                                              7630A07E 5 Bytes  JMP 00060600 
.text  C:\Windows\ehome\ehmsas.exe[4720] ADVAPI32.dll!SetServiceObjectSecurity                                                                   76346CD9 5 Bytes  JMP 00061014 
.text  C:\Windows\ehome\ehmsas.exe[4720] ADVAPI32.dll!ChangeServiceConfigA                                                                       76346DD9 5 Bytes  JMP 00060804 
.text  C:\Windows\ehome\ehmsas.exe[4720] ADVAPI32.dll!ChangeServiceConfigW                                                                       76346F81 5 Bytes  JMP 00060A08 
.text  C:\Windows\ehome\ehmsas.exe[4720] ADVAPI32.dll!ChangeServiceConfig2A                                                                      76347099 5 Bytes  JMP 00060C0C 
.text  C:\Windows\ehome\ehmsas.exe[4720] ADVAPI32.dll!ChangeServiceConfig2W                                                                      763471E1 5 Bytes  JMP 00060E10 
.text  C:\Windows\ehome\ehmsas.exe[4720] ADVAPI32.dll!CreateServiceA                                                                             763472A1 5 Bytes  JMP 000601F8 
.text  C:\Windows\ehome\ehmsas.exe[4720] USER32.dll!SetWindowsHookExA                                                                            761E6322 5 Bytes  JMP 00070600 
.text  C:\Windows\ehome\ehmsas.exe[4720] USER32.dll!SetWindowsHookExW                                                                            761E87AD 5 Bytes  JMP 00070804 
.text  C:\Windows\ehome\ehmsas.exe[4720] USER32.dll!UnhookWindowsHookEx                                                                          761E98DB 5 Bytes  JMP 00070A08 
.text  C:\Windows\ehome\ehmsas.exe[4720] USER32.dll!SetWinEventHook                                                                              761E9F3A 5 Bytes  JMP 000701F8 
.text  C:\Windows\ehome\ehmsas.exe[4720] USER32.dll!UnhookWinEvent                                                                               761EC06F 5 Bytes  JMP 000703FC 
.text  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[4736] ntdll.dll!LdrLoadDll                                                     76F29378 5 Bytes  JMP 001501F8 
.text  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[4736] ntdll.dll!LdrUnloadDll                                                   76F3B680 5 Bytes  JMP 001503FC 
.text  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[4736] KERNEL32.dll!GetBinaryTypeW + 70                                         76C12447 1 Byte  [62]
.text  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[4736] ADVAPI32.dll!CreateServiceW                                              76309EB4 5 Bytes  JMP 001603FC 
.text  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[4736] ADVAPI32.dll!DeleteService                                               7630A07E 5 Bytes  JMP 00160600 
.text  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[4736] ADVAPI32.dll!SetServiceObjectSecurity                                    76346CD9 5 Bytes  JMP 00161014 
.text  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[4736] ADVAPI32.dll!ChangeServiceConfigA                                        76346DD9 5 Bytes  JMP 00160804 
.text  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[4736] ADVAPI32.dll!ChangeServiceConfigW                                        76346F81 5 Bytes  JMP 00160A08 
.text  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[4736] ADVAPI32.dll!ChangeServiceConfig2A                                       76347099 5 Bytes  JMP 00160C0C 
.text  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[4736] ADVAPI32.dll!ChangeServiceConfig2W                                       763471E1 5 Bytes  JMP 00160E10 
.text  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[4736] ADVAPI32.dll!CreateServiceA                                              763472A1 5 Bytes  JMP 001601F8 
.text  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[4736] USER32.dll!SetWindowsHookExA                                             761E6322 5 Bytes  JMP 00170600 
.text  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[4736] USER32.dll!SetWindowsHookExW                                             761E87AD 5 Bytes  JMP 00170804 
.text  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[4736] USER32.dll!UnhookWindowsHookEx                                           761E98DB 5 Bytes  JMP 00170A08 
.text  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[4736] USER32.dll!SetWinEventHook                                               761E9F3A 5 Bytes  JMP 001701F8 
.text  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[4736] USER32.dll!UnhookWinEvent                                                761EC06F 5 Bytes  JMP 001703FC 
.text  C:\Program Files\Windows Media Player\wmpnetwk.exe[4828] ntdll.dll!LdrLoadDll                                                             76F29378 5 Bytes  JMP 000501F8 
.text  C:\Program Files\Windows Media Player\wmpnetwk.exe[4828] ntdll.dll!LdrUnloadDll                                                           76F3B680 5 Bytes  JMP 000503FC 
.text  C:\Program Files\Windows Media Player\wmpnetwk.exe[4828] KERNEL32.dll!GetBinaryTypeW + 70                                                 76C12447 1 Byte  [62]
.text  C:\Program Files\Windows Media Player\wmpnetwk.exe[4828] ADVAPI32.dll!CreateServiceW                                                      76309EB4 5 Bytes  JMP 000603FC 
.text  C:\Program Files\Windows Media Player\wmpnetwk.exe[4828] ADVAPI32.dll!DeleteService                                                       7630A07E 5 Bytes  JMP 00060600 
.text  C:\Program Files\Windows Media Player\wmpnetwk.exe[4828] ADVAPI32.dll!SetServiceObjectSecurity                                            76346CD9 5 Bytes  JMP 00061014 
.text  C:\Program Files\Windows Media Player\wmpnetwk.exe[4828] ADVAPI32.dll!ChangeServiceConfigA                                                76346DD9 5 Bytes  JMP 00060804 
.text  C:\Program Files\Windows Media Player\wmpnetwk.exe[4828] ADVAPI32.dll!ChangeServiceConfigW                                                76346F81 5 Bytes  JMP 00060A08 
.text  C:\Program Files\Windows Media Player\wmpnetwk.exe[4828] ADVAPI32.dll!ChangeServiceConfig2A                                               76347099 5 Bytes  JMP 00060C0C 
.text  C:\Program Files\Windows Media Player\wmpnetwk.exe[4828] ADVAPI32.dll!ChangeServiceConfig2W                                               763471E1 5 Bytes  JMP 00060E10 
.text  C:\Program Files\Windows Media Player\wmpnetwk.exe[4828] ADVAPI32.dll!CreateServiceA                                                      763472A1 5 Bytes  JMP 000601F8 
.text  C:\Program Files\Windows Media Player\wmpnetwk.exe[4828] USER32.dll!SetWindowsHookExA                                                     761E6322 5 Bytes  JMP 00070600 
.text  C:\Program Files\Windows Media Player\wmpnetwk.exe[4828] USER32.dll!SetWindowsHookExW                                                     761E87AD 5 Bytes  JMP 00070804 
.text  C:\Program Files\Windows Media Player\wmpnetwk.exe[4828] USER32.dll!UnhookWindowsHookEx                                                   761E98DB 5 Bytes  JMP 00070A08 
.text  C:\Program Files\Windows Media Player\wmpnetwk.exe[4828] USER32.dll!SetWinEventHook                                                       761E9F3A 5 Bytes  JMP 000701F8 
.text  C:\Program Files\Windows Media Player\wmpnetwk.exe[4828] USER32.dll!UnhookWinEvent                                                        761EC06F 5 Bytes  JMP 000703FC 
.text  C:\Program Files\DellTPad\HidFind.exe[5028] ntdll.dll!LdrLoadDll                                                                          76F29378 5 Bytes  JMP 001501F8 
.text  C:\Program Files\DellTPad\HidFind.exe[5028] ntdll.dll!LdrUnloadDll                                                                        76F3B680 5 Bytes  JMP 001503FC 
.text  C:\Program Files\DellTPad\HidFind.exe[5028] KERNEL32.dll!GetBinaryTypeW + 70                                                              76C12447 1 Byte  [62]
.text  C:\Program Files\DellTPad\HidFind.exe[5028] USER32.dll!SetWindowsHookExA                                                                  761E6322 5 Bytes  JMP 00160600 
.text  C:\Program Files\DellTPad\HidFind.exe[5028] USER32.dll!SetWindowsHookExW                                                                  761E87AD 5 Bytes  JMP 00160804 
.text  C:\Program Files\DellTPad\HidFind.exe[5028] USER32.dll!UnhookWindowsHookEx                                                                761E98DB 5 Bytes  JMP 00160A08 
.text  C:\Program Files\DellTPad\HidFind.exe[5028] USER32.dll!SetWinEventHook                                                                    761E9F3A 5 Bytes  JMP 001601F8 
.text  C:\Program Files\DellTPad\HidFind.exe[5028] USER32.dll!UnhookWinEvent                                                                     761EC06F 5 Bytes  JMP 001603FC 
.text  C:\Program Files\DellTPad\HidFind.exe[5028] ADVAPI32.dll!CreateServiceW                                                                   76309EB4 5 Bytes  JMP 001703FC 
.text  C:\Program Files\DellTPad\HidFind.exe[5028] ADVAPI32.dll!DeleteService                                                                    7630A07E 5 Bytes  JMP 00170600 
.text  C:\Program Files\DellTPad\HidFind.exe[5028] ADVAPI32.dll!SetServiceObjectSecurity                                                         76346CD9 5 Bytes  JMP 00171014 
.text  C:\Program Files\DellTPad\HidFind.exe[5028] ADVAPI32.dll!ChangeServiceConfigA                                                             76346DD9 5 Bytes  JMP 00170804 
.text  C:\Program Files\DellTPad\HidFind.exe[5028] ADVAPI32.dll!ChangeServiceConfigW                                                             76346F81 5 Bytes  JMP 00170A08 
.text  C:\Program Files\DellTPad\HidFind.exe[5028] ADVAPI32.dll!ChangeServiceConfig2A                                                            76347099 5 Bytes  JMP 00170C0C 
.text  C:\Program Files\DellTPad\HidFind.exe[5028] ADVAPI32.dll!ChangeServiceConfig2W                                                            763471E1 5 Bytes  JMP 00170E10 
.text  C:\Program Files\DellTPad\HidFind.exe[5028] ADVAPI32.dll!CreateServiceA                                                                   763472A1 5 Bytes  JMP 001701F8 
.text  C:\Windows\system32\svchost.exe[5040] ntdll.dll!LdrLoadDll                                                                                76F29378 5 Bytes  JMP 000601F8 
.text  C:\Windows\system32\svchost.exe[5040] ntdll.dll!LdrUnloadDll                                                                              76F3B680 5 Bytes  JMP 000603FC 
.text  C:\Windows\system32\svchost.exe[5040] KERNEL32.dll!GetBinaryTypeW + 70                                                                    76C12447 1 Byte  [62]
.text  C:\Windows\system32\svchost.exe[5040] ADVAPI32.dll!CreateServiceW                                                                         76309EB4 5 Bytes  JMP 000703FC 
.text  C:\Windows\system32\svchost.exe[5040] ADVAPI32.dll!DeleteService                                                                          7630A07E 5 Bytes  JMP 00070600 
.text  C:\Windows\system32\svchost.exe[5040] ADVAPI32.dll!SetServiceObjectSecurity                                                               76346CD9 5 Bytes  JMP 00071014 
.text  C:\Windows\system32\svchost.exe[5040] ADVAPI32.dll!ChangeServiceConfigA                                                                   76346DD9 5 Bytes  JMP 00070804 
.text  C:\Windows\system32\svchost.exe[5040] ADVAPI32.dll!ChangeServiceConfigW                                                                   76346F81 5 Bytes  JMP 00070A08 
.text  C:\Windows\system32\svchost.exe[5040] ADVAPI32.dll!ChangeServiceConfig2A                                                                  76347099 5 Bytes  JMP 00070C0C 
.text  C:\Windows\system32\svchost.exe[5040] ADVAPI32.dll!ChangeServiceConfig2W                                                                  763471E1 5 Bytes  JMP 00070E10 
.text  C:\Windows\system32\svchost.exe[5040] ADVAPI32.dll!CreateServiceA                                                                         763472A1 5 Bytes  JMP 000701F8 
.text  C:\Windows\system32\svchost.exe[5040] USER32.dll!SetWindowsHookExA                                                                        761E6322 5 Bytes  JMP 00080600 
.text  C:\Windows\system32\svchost.exe[5040] USER32.dll!SetWindowsHookExW                                                                        761E87AD 5 Bytes  JMP 00080804 
.text  C:\Windows\system32\svchost.exe[5040] USER32.dll!UnhookWindowsHookEx                                                                      761E98DB 5 Bytes  JMP 00080A08 
.text  C:\Windows\system32\svchost.exe[5040] USER32.dll!SetWinEventHook                                                                          761E9F3A 5 Bytes  JMP 000801F8 
.text  C:\Windows\system32\svchost.exe[5040] USER32.dll!UnhookWinEvent                                                                           761EC06F 5 Bytes  JMP 000803FC 
.text  C:\Program Files\DellTPad\Apntex.exe[5056] ntdll.dll!LdrLoadDll                                                                           76F29378 5 Bytes  JMP 001501F8 
.text  C:\Program Files\DellTPad\Apntex.exe[5056] ntdll.dll!LdrUnloadDll                                                                         76F3B680 5 Bytes  JMP 001503FC 
.text  C:\Program Files\DellTPad\Apntex.exe[5056] KERNEL32.dll!GetBinaryTypeW + 70                                                               76C12447 1 Byte  [62]
.text  C:\Program Files\DellTPad\Apntex.exe[5056] USER32.dll!SetWindowsHookExA                                                                   761E6322 5 Bytes  JMP 00160600 
.text  C:\Program Files\DellTPad\Apntex.exe[5056] USER32.dll!SetWindowsHookExW                                                                   761E87AD 5 Bytes  JMP 00160804 
.text  C:\Program Files\DellTPad\Apntex.exe[5056] USER32.dll!UnhookWindowsHookEx                                                                 761E98DB 5 Bytes  JMP 00160A08 
.text  C:\Program Files\DellTPad\Apntex.exe[5056] USER32.dll!SetWinEventHook                                                                     761E9F3A 5 Bytes  JMP 001601F8 
.text  C:\Program Files\DellTPad\Apntex.exe[5056] USER32.dll!UnhookWinEvent                                                                      761EC06F 5 Bytes  JMP 001603FC 
.text  C:\Program Files\DellTPad\Apntex.exe[5056] ADVAPI32.dll!CreateServiceW                                                                    76309EB4 5 Bytes  JMP 001703FC 
.text  C:\Program Files\DellTPad\Apntex.exe[5056] ADVAPI32.dll!DeleteService                                                                     7630A07E 5 Bytes  JMP 00170600 
.text  C:\Program Files\DellTPad\Apntex.exe[5056] ADVAPI32.dll!SetServiceObjectSecurity                                                          76346CD9 5 Bytes  JMP 00171014 
.text  C:\Program Files\DellTPad\Apntex.exe[5056] ADVAPI32.dll!ChangeServiceConfigA                                                              76346DD9 5 Bytes  JMP 00170804 
.text  C:\Program Files\DellTPad\Apntex.exe[5056] ADVAPI32.dll!ChangeServiceConfigW                                                              76346F81 5 Bytes  JMP 00170A08 
.text  C:\Program Files\DellTPad\Apntex.exe[5056] ADVAPI32.dll!ChangeServiceConfig2A                                                             76347099 5 Bytes  JMP 00170C0C 
.text  C:\Program Files\DellTPad\Apntex.exe[5056] ADVAPI32.dll!ChangeServiceConfig2W                                                             763471E1 5 Bytes  JMP 00170E10 
.text  C:\Program Files\DellTPad\Apntex.exe[5056] ADVAPI32.dll!CreateServiceA                                                                    763472A1 5 Bytes  JMP 001701F8 
.text  C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe[5464] ntdll.dll!LdrLoadDll                                                                 76F29378 5 Bytes  JMP 001601F8 
.text  C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe[5464] ntdll.dll!LdrUnloadDll                                                               76F3B680 5 Bytes  JMP 001603FC 
.text  C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe[5464] KERNEL32.dll!GetBinaryTypeW + 70                                                     76C12447 1 Byte  [62]
.text  C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe[5464] ADVAPI32.dll!CreateServiceW                                                          76309EB4 5 Bytes  JMP 001703FC 
.text  C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe[5464] ADVAPI32.dll!DeleteService                                                           7630A07E 5 Bytes  JMP 00170600 
.text  C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe[5464] ADVAPI32.dll!SetServiceObjectSecurity                                                76346CD9 5 Bytes  JMP 00171014 
.text  C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe[5464] ADVAPI32.dll!ChangeServiceConfigA                                                    76346DD9 5 Bytes  JMP 00170804 
.text  C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe[5464] ADVAPI32.dll!ChangeServiceConfigW                                                    76346F81 5 Bytes  JMP 00170A08 
.text  C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe[5464] ADVAPI32.dll!ChangeServiceConfig2A                                                   76347099 5 Bytes  JMP 00170C0C 
.text  C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe[5464] ADVAPI32.dll!ChangeServiceConfig2W                                                   763471E1 5 Bytes  JMP 00170E10 
.text  C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe[5464] ADVAPI32.dll!CreateServiceA                                                          763472A1 5 Bytes  JMP 001701F8 
.text  C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe[5464] USER32.dll!SetWindowsHookExA                                                         761E6322 5 Bytes  JMP 00180600 
.text  C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe[5464] USER32.dll!SetWindowsHookExW                                                         761E87AD 5 Bytes  JMP 00180804 
.text  C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe[5464] USER32.dll!UnhookWindowsHookEx                                                       761E98DB 5 Bytes  JMP 00180A08 
.text  C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe[5464] USER32.dll!SetWinEventHook                                                           761E9F3A 5 Bytes  JMP 001801F8 
.text  C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe[5464] USER32.dll!UnhookWinEvent                                                            761EC06F 5 Bytes  JMP 001803FC 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!LdrLoadDll                                               76F29378 5 Bytes  JMP 009701F8 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!LdrUnloadDll                                             76F3B680 5 Bytes  JMP 009703FC 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtCreateFile + 6                                         76F6426A 4 Bytes  [28, 38, 81, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtCreateFile + B                                         76F6426F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtMapViewOfSection + 6                                   76F649BA 4 Bytes  [28, 3B, 81, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtMapViewOfSection + B                                   76F649BF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtOpenFile + 6                                           76F64A4A 4 Bytes  [68, 38, 81, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtOpenFile + B                                           76F64A4F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtOpenProcess + 6                                        76F64ACA 4 Bytes  [A8, 39, 81, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtOpenProcess + B                                        76F64ACF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtOpenProcessToken + 6                                   76F64ADA 4 Bytes  CALL 75F6CC18 C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtOpenProcessToken + B                                   76F64ADF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtOpenProcessTokenEx + 6                                 76F64AEA 4 Bytes  [A8, 3A, 81, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtOpenProcessTokenEx + B                                 76F64AEF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtOpenThread + 6                                         76F64B3A 4 Bytes  [68, 39, 81, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtOpenThread + B                                         76F64B3F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtOpenThreadToken + 6                                    76F64B4A 4 Bytes  [68, 3A, 81, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtOpenThreadToken + B                                    76F64B4F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtOpenThreadTokenEx + 6                                  76F64B5A 4 Bytes  CALL 75F6CC99 C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtOpenThreadTokenEx + B                                  76F64B5F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtQueryAttributesFile + 6                                76F64BEA 4 Bytes  [A8, 38, 81, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtQueryAttributesFile + B                                76F64BEF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtQueryFullAttributesFile + 6                            76F64C9A 4 Bytes  CALL 75F6CDD7 C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtQueryFullAttributesFile + B                            76F64C9F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtSetInformationFile + 6                                 76F6517A 4 Bytes  [28, 39, 81, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtSetInformationFile + B                                 76F6517F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtSetInformationThread + 6                               76F651CA 4 Bytes  [28, 3A, 81, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtSetInformationThread + B                               76F651CF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtUnmapViewOfSection + 6                                 76F6546A 4 Bytes  [68, 3B, 81, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ntdll.dll!NtUnmapViewOfSection + B                                 76F6546F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] KERNEL32.dll!GetBinaryTypeW + 70                                   76C12447 1 Byte  [62]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] USER32.dll!SetWindowsHookExA                                       761E6322 5 Bytes  JMP 00980600 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] USER32.dll!SetWindowsHookExW                                       761E87AD 5 Bytes  JMP 00980804 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] USER32.dll!UnhookWindowsHookEx                                     761E98DB 5 Bytes  JMP 00980A08 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] USER32.dll!SetWinEventHook                                         761E9F3A 5 Bytes  JMP 009801F8 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] USER32.dll!UnhookWinEvent                                          761EC06F 5 Bytes  JMP 009803FC 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ADVAPI32.dll!CreateServiceW                                        76309EB4 5 Bytes  JMP 009A03FC 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ADVAPI32.dll!DeleteService                                         7630A07E 5 Bytes  JMP 009A0600 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ADVAPI32.dll!SetServiceObjectSecurity                              76346CD9 5 Bytes  JMP 009A1014 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ADVAPI32.dll!ChangeServiceConfigA                                  76346DD9 5 Bytes  JMP 009A0804 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ADVAPI32.dll!ChangeServiceConfigW                                  76346F81 5 Bytes  JMP 009A0A08 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ADVAPI32.dll!ChangeServiceConfig2A                                 76347099 5 Bytes  JMP 009A0C0C 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ADVAPI32.dll!ChangeServiceConfig2W                                 763471E1 5 Bytes  JMP 009A0E10 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5492] ADVAPI32.dll!CreateServiceA                                        763472A1 5 Bytes  JMP 009A01F8 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!LdrLoadDll                                               76F29378 5 Bytes  JMP 009801F8 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!LdrUnloadDll                                             76F3B680 5 Bytes  JMP 009803FC 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtCreateFile + 6                                         76F6426A 4 Bytes  [28, C4, 92, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtCreateFile + B                                         76F6426F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtMapViewOfSection + 6                                   76F649BA 4 Bytes  [28, C7, 92, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtMapViewOfSection + B                                   76F649BF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtOpenFile + 6                                           76F64A4A 4 Bytes  [68, C4, 92, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtOpenFile + B                                           76F64A4F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtOpenProcess + 6                                        76F64ACA 4 Bytes  [A8, C5, 92, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtOpenProcess + B                                        76F64ACF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtOpenProcessToken + 6                                   76F64ADA 4 Bytes  CALL 75F6DDA4 C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtOpenProcessToken + B                                   76F64ADF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtOpenProcessTokenEx + 6                                 76F64AEA 4 Bytes  [A8, C6, 92, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtOpenProcessTokenEx + B                                 76F64AEF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtOpenThread + 6                                         76F64B3A 4 Bytes  [68, C5, 92, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtOpenThread + B                                         76F64B3F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtOpenThreadToken + 6                                    76F64B4A 4 Bytes  [68, C6, 92, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtOpenThreadToken + B                                    76F64B4F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtOpenThreadTokenEx + 6                                  76F64B5A 4 Bytes  CALL 75F6DE25 C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtOpenThreadTokenEx + B                                  76F64B5F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtQueryAttributesFile + 6                                76F64BEA 4 Bytes  [A8, C4, 92, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtQueryAttributesFile + B                                76F64BEF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtQueryFullAttributesFile + 6                            76F64C9A 4 Bytes  CALL 75F6DF63 C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtQueryFullAttributesFile + B                            76F64C9F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtSetInformationFile + 6                                 76F6517A 4 Bytes  [28, C5, 92, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtSetInformationFile + B                                 76F6517F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtSetInformationThread + 6                               76F651CA 4 Bytes  [28, C6, 92, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtSetInformationThread + B                               76F651CF 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtUnmapViewOfSection + 6                                 76F6546A 4 Bytes  [68, C7, 92, 00]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ntdll.dll!NtUnmapViewOfSection + B                                 76F6546F 1 Byte  [E2]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] KERNEL32.dll!GetBinaryTypeW + 70                                   76C12447 1 Byte  [62]
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] USER32.dll!SetWindowsHookExA                                       761E6322 5 Bytes  JMP 00990600 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] USER32.dll!SetWindowsHookExW                                       761E87AD 5 Bytes  JMP 00990804 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] USER32.dll!UnhookWindowsHookEx                                     761E98DB 5 Bytes  JMP 00990A08 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] USER32.dll!SetWinEventHook                                         761E9F3A 5 Bytes  JMP 009901F8 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] USER32.dll!UnhookWinEvent                                          761EC06F 5 Bytes  JMP 009903FC 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ADVAPI32.dll!CreateServiceW                                        76309EB4 5 Bytes  JMP 009A03FC 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ADVAPI32.dll!DeleteService                                         7630A07E 5 Bytes  JMP 009A0600 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ADVAPI32.dll!SetServiceObjectSecurity                              76346CD9 5 Bytes  JMP 009A1014 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ADVAPI32.dll!ChangeServiceConfigA                                  76346DD9 5 Bytes  JMP 009A0804 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ADVAPI32.dll!ChangeServiceConfigW                                  76346F81 5 Bytes  JMP 009A0A08 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ADVAPI32.dll!ChangeServiceConfig2A                                 76347099 5 Bytes  JMP 009A0C0C 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ADVAPI32.dll!ChangeServiceConfig2W                                 763471E1 5 Bytes  JMP 009A0E10 
.text  C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe[5512] ADVAPI32.dll!CreateServiceA                                        763472A1 5 Bytes  JMP 009A01F8 
.text  C:\Program Files\Dell Support Center\bin\sprtsvc.exe[6116] ntdll.dll!LdrLoadDll                                                           76F29378 5 Bytes  JMP 001601F8 
.text  C:\Program Files\Dell Support Center\bin\sprtsvc.exe[6116] ntdll.dll!LdrUnloadDll                                                         76F3B680 5 Bytes  JMP 001603FC 
.text  C:\Program Files\Dell Support Center\bin\sprtsvc.exe[6116] KERNEL32.dll!GetBinaryTypeW + 70                                               76C12447 1 Byte  [62]
.text  C:\Program Files\Dell Support Center\bin\sprtsvc.exe[6116] USER32.dll!SetWindowsHookExA                                                   761E6322 5 Bytes  JMP 00170600 
.text  C:\Program Files\Dell Support Center\bin\sprtsvc.exe[6116] USER32.dll!SetWindowsHookExW                                                   761E87AD 5 Bytes  JMP 00170804 
.text  C:\Program Files\Dell Support Center\bin\sprtsvc.exe[6116] USER32.dll!UnhookWindowsHookEx                                                 761E98DB 5 Bytes  JMP 00170A08 
.text  C:\Program Files\Dell Support Center\bin\sprtsvc.exe[6116] USER32.dll!SetWinEventHook                                                     761E9F3A 5 Bytes  JMP 001701F8 
.text  C:\Program Files\Dell Support Center\bin\sprtsvc.exe[6116] USER32.dll!UnhookWinEvent                                                      761EC06F 5 Bytes  JMP 001703FC 
.text  C:\Program Files\Dell Support Center\bin\sprtsvc.exe[6116] ADVAPI32.dll!CreateServiceW                                                    76309EB4 5 Bytes  JMP 001803FC 
.text  C:\Program Files\Dell Support Center\bin\sprtsvc.exe[6116] ADVAPI32.dll!DeleteService                                                     7630A07E 5 Bytes  JMP 00180600 
.text  C:\Program Files\Dell Support Center\bin\sprtsvc.exe[6116] ADVAPI32.dll!SetServiceObjectSecurity                                          76346CD9 5 Bytes  JMP 00181014 
.text  C:\Program Files\Dell Support Center\bin\sprtsvc.exe[6116] ADVAPI32.dll!ChangeServiceConfigA                                              76346DD9 5 Bytes  JMP 00180804 
.text  C:\Program Files\Dell Support Center\bin\sprtsvc.exe[6116] ADVAPI32.dll!ChangeServiceConfigW                                              76346F81 5 Bytes  JMP 00180A08 
.text  C:\Program Files\Dell Support Center\bin\sprtsvc.exe[6116] ADVAPI32.dll!ChangeServiceConfig2A                                             76347099 5 Bytes  JMP 00180C0C 
.text  C:\Program Files\Dell Support Center\bin\sprtsvc.exe[6116] ADVAPI32.dll!ChangeServiceConfig2W                                             763471E1 5 Bytes  JMP 00180E10 
.text  C:\Program Files\Dell Support Center\bin\sprtsvc.exe[6116] ADVAPI32.dll!CreateServiceA                                                    763472A1 5 Bytes  JMP 001801F8 

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\Services\BthPort\Parameters\Keys\00234ed22bbd                                                               
Reg    HKLM\SYSTEM\CurrentControlSet\Services\BthPort\Parameters\Keys\00234ed22bbd@00219e24dbd0                                                  0x9B 0xC7 0xA8 0xFE ...
Reg    HKLM\SYSTEM\CurrentControlSet\Services\BthPort\Parameters\Keys\00234ed22bbd@001247cee1a8                                                  0x9A 0x35 0x20 0x8B ...
Reg    HKLM\SYSTEM\CurrentControlSet\Services\BthPort\Parameters\Keys\00234ed22bbd@001b59908007                                                  0xB0 0x0A 0x1D 0x46 ...
Reg    HKLM\SYSTEM\CurrentControlSet\Services\BthPort\Parameters\Keys\00234ed22bbd@bcb1f34628bc                                                  0x00 0x1D 0x92 0xAB ...
Reg    HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch                                                                           3295
Reg    HKLM\SYSTEM\ControlSet002\Services\BthPort\Parameters\Keys\00234ed22bbd (not active ControlSet)                                           
Reg    HKLM\SYSTEM\ControlSet002\Services\BthPort\Parameters\Keys\00234ed22bbd@00219e24dbd0                                                      0x9B 0xC7 0xA8 0xFE ...
Reg    HKLM\SYSTEM\ControlSet002\Services\BthPort\Parameters\Keys\00234ed22bbd@001247cee1a8                                                      0x9A 0x35 0x20 0x8B ...
Reg    HKLM\SYSTEM\ControlSet002\Services\BthPort\Parameters\Keys\00234ed22bbd@001b59908007                                                      0xB0 0x0A 0x1D 0x46 ...
Reg    HKLM\SYSTEM\ControlSet002\Services\BthPort\Parameters\Keys\00234ed22bbd@bcb1f34628bc                                                      0x00 0x1D 0x92 0xAB ...

---- EOF - GMER 2.1 ----

Alt 03.09.2013, 20:28   #5
Ju_Vo
 
VAF Player lässt sich nicht deinstallieren! - Standard

VAF Player lässt sich nicht deinstallieren!


Teil 1 Setup AVAST

Code:
ATTFilter
15:49:21 min/gen  Started: 02.09.2013, 15:49:21
15:49:21 vrb/gen  Operation set to INST_OP_UNKNOWN
15:49:21 vrb/reg  Set registry: AvastPersistentStorage\GUID=a8995f92-5bed-40b0-9d6e-842d808da8dc
15:49:22 min/gen  Old version: ffffffff (-1)
15:49:22 min/gen  Cmdline: /sfx /sfxstorage "C:\Users\Juls\AppData\Local\Temp\_av_sfx.tm~1a3a94ef-49b5-4094-ba58-219a1359c4e9" /GetEdition:free /edition "1" /brandcode "A"  /srcpath "C:\Users\Juls\DOWNLO~1" /sfxname "avast_free_antivirus_setup" 
15:49:22 nrm/int  SYNCER: Agent=Syncer/5.00 (ais-1489;p)
15:49:22 min/gen  Running SETUP_AIS-5d1 (1489)
15:49:22 nrm/sys  Operating system: Windows Vista ver 6.0, build 6002, sp 2.0 [Service Pack 2]
15:49:22 nrm/sys  Memory: 66% load. Phys:691640/2057864K free, Page:2336864/4194303K free, Virt:2008168/2097024K free
15:49:22 vrb/sys  Computer WinName: JULS-PC
15:49:22 min/sys  Windows Net User: Juls-PC\Juls
15:49:22 vrb/gen  DldSrc set to sfx
15:49:22 min/gen  Old version: ffffffff (-1)
15:49:23 vrb/gen  Install check: SetupVersion does NOT exist
15:49:23 nrm/gen  SGW32AIS::CheckIfInstalled set m_bAlreadyInstalled and m_bIsOldVersionDetected to 0
15:49:23 nrm/int  SYNCER: Agent=Syncer/5.00 (ais-1489;p)
15:49:23 nrm/int  SYNCER: Type: use IE settings
15:49:23 nrm/int  SYNCER: Auth: another authentication, use WinInet
15:49:23 nrm/int  Used server: 
15:49:24 vrb/gen  Ignoring cmdline switch: /GetEdition:free
15:49:24 vrb/reg  Get registry: Software\Microsoft\Internet Explorer\Version=9.0.8112.16421
15:49:24 vrb/gen  Operation set to INST_OP_INSTALL
15:49:24 min/gen  GUID: a8995f92-5bed-40b0-9d6e-842d808da8dc
15:49:24 nrm/gen  SelectCurrent: selected server 'tmp sfx storage' from 'sfx'
15:49:24 nrm/int  SYNCER: Type: use IE settings
15:49:24 nrm/int  SYNCER: Auth: another authentication, use WinInet
15:49:24 vrb/gen  Changed Edition=1
15:49:24 vrb/sys  Debug: Windows Server registry key not retrieved.
15:49:24 nrm/int  SYNCER: Agent=Syncer/5.00 (ais-1489;p)
15:49:24 nrm/int  SYNCER: Type: use IE settings
15:49:24 nrm/int  SYNCER: Auth: another authentication, use WinInet
15:49:24 nrm/int  Used server: C:\Users\Juls\AppData\Local\Temp\_av_sfx.tm~1a3a94ef-49b5-4094-ba58-219a1359c4e9
15:50:32 nrm/int  SYNCER: Agent=Syncer/5.00 (ais-1489;p)
15:50:32 nrm/int  SYNCER: Type: use IE settings
15:50:32 nrm/int  SYNCER: Auth: another authentication, use WinInet
15:50:32 nrm/int  Used server: C:\Users\Juls\AppData\Local\Temp\_av_sfx.tm~1a3a94ef-49b5-4094-ba58-219a1359c4e9
15:50:33 vrb/pkg  LoadPartInfo: jrog = jrog-a7 returned 00000000
15:50:33 vrb/pkg  LoadPartInfo: jrog2 = jrog2-7a5 returned 00000000
15:50:33 vrb/pkg  LoadPartInfo: program = prg_ais-5d1 returned 00000000
15:50:33 vrb/pkg  LoadPartInfo: setup = setup_ais-5d1 returned 00000000
15:50:33 vrb/pkg  LoadPartInfo: vps = vps_win32-13050900 returned 00000000
15:50:33 vrb/pkg  Part prg_ais-5d1 was set to be installed
15:50:33 vrb/pkg  Part vps_win32-13050900 was set to be installed
15:50:33 vrb/pkg  Part setup_ais-5d1 was set to be installed
15:50:33 vrb/pkg  Part jrog-a7 was set to be installed
15:50:33 vrb/pkg  Part jrog2-7a5 was set to be installed
15:50:33 nrm/int  SYNCER: Agent=Syncer/5.00 (ais-1489;p)
15:50:33 nrm/int  SYNCER: Type: use IE settings
15:50:33 nrm/int  SYNCER: Auth: another authentication, use WinInet
15:50:33 nrm/int  Used server: C:\Users\Juls\AppData\Local\Temp\_av_sfx.tm~1a3a94ef-49b5-4094-ba58-219a1359c4e9
15:50:57 nrm/int  SYNCER: Agent=Syncer/5.00 (ais-1489;p)
15:50:57 nrm/int  SYNCER: Type: use IE settings
15:50:57 nrm/int  SYNCER: Auth: another authentication, use WinInet
15:50:58 nrm/int  Used server: C:\Users\Juls\AppData\Local\Temp\_av_sfx.tm~1a3a94ef-49b5-4094-ba58-219a1359c4e9
15:50:58 nrm/int  SYNCER: Agent=Syncer/5.00 (ais-1489;p)
15:50:58 nrm/int  SYNCER: Type: use IE settings
15:50:58 nrm/int  SYNCER: Auth: another authentication, use WinInet
15:50:58 nrm/int  Used server: C:\Users\Juls\AppData\Local\Temp\_av_sfx.tm~1a3a94ef-49b5-4094-ba58-219a1359c4e9
15:51:54 nrm/int  SYNCER: Agent=Syncer/5.00 (ais-1489;p)
15:51:54 vrb/pkg  LoadPartInfo: jrog = jrog-a7 returned 00000000
15:51:54 vrb/pkg  LoadPartInfo: jrog2 = jrog2-7a5 returned 00000000
15:51:54 vrb/pkg  LoadPartInfo: program = prg_ais-5d1 returned 00000000
15:51:54 vrb/pkg  LoadPartInfo: setup = setup_ais-5d1 returned 00000000
15:51:54 vrb/pkg  LoadPartInfo: vps = vps_win32-13050900 returned 00000000
15:51:54 vrb/pkg  Part prg_ais-5d1 was set to be installed
15:51:54 vrb/pkg  Part vps_win32-13050900 was set to be installed
15:51:54 vrb/pkg  Part setup_ais-5d1 was set to be installed
15:51:54 vrb/pkg  Part jrog-a7 was set to be installed
15:51:54 vrb/pkg  Part jrog2-7a5 was set to be installed
15:51:56 vrb/pkg  FilterOutExistingFiles: 613 & 0 = 613
15:51:56 vrb/pkg  FilterOutExistingFiles: 613 & 0 = 613
15:51:57 vrb/pkg  IsFullOkay: ais_core-4d3.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: ais_core-4d3.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: ais_dll_ger-4fd.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: ais_dll_ger-4fd.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: ais_res-41a.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: ais_res-41a.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: winsys-8.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: winsys-8.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: vps_32-ac0.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: vps_32-ac0.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: vps_win32-ad3.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: vps_win32-ad3.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: jrog-a7.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: jrog-a7.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: jrog2-7a5.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: jrog2-7a5.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  FilterOutExistingFiles: 613 & 0 = 613
15:51:57 vrb/pkg  IsFullOkay: ais_core-4d3.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: ais_core-4d3.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: ais_dll_ger-4fd.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: ais_dll_ger-4fd.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: ais_res-41a.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: ais_res-41a.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: winsys-8.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: winsys-8.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: vps_32-ac0.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: vps_32-ac0.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: vps_win32-ad3.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: vps_win32-ad3.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: jrog-a7.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: jrog-a7.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: jrog2-7a5.vpx - not okay (doesn't exist)
15:51:57 vrb/pkg  IsFullOkay: jrog2-7a5.vpx - not okay (doesn't exist)
15:51:58 nrm/int  Used server: C:\Users\Juls\AppData\Local\Temp\_av_sfx.tm~1a3a94ef-49b5-4094-ba58-219a1359c4e9
15:51:58 min/fil  GetFileWithRetry: ais_core-4d3.vpx downloaded  and verified
15:51:58 nrm/pkg  DldPackage: C:\Program Files\AVAST Software\Avast\Setup\ais_core-4d3.vpx, returned 0x00000000
15:52:07 nrm/int  Used server: C:\Users\Juls\AppData\Local\Temp\_av_sfx.tm~1a3a94ef-49b5-4094-ba58-219a1359c4e9
15:52:08 min/fil  GetFileWithRetry: ais_dll_ger-4fd.vpx downloaded  and verified
15:52:08 nrm/pkg  DldPackage: C:\Program Files\AVAST Software\Avast\Setup\ais_dll_ger-4fd.vpx, returned 0x00000000
15:52:08 nrm/int  Used server: C:\Users\Juls\AppData\Local\Temp\_av_sfx.tm~1a3a94ef-49b5-4094-ba58-219a1359c4e9
15:52:08 min/fil  GetFileWithRetry: ais_res-41a.vpx downloaded  and verified
15:52:08 nrm/pkg  DldPackage: C:\Program Files\AVAST Software\Avast\Setup\ais_res-41a.vpx, returned 0x00000000
15:52:11 nrm/int  Used server: C:\Users\Juls\AppData\Local\Temp\_av_sfx.tm~1a3a94ef-49b5-4094-ba58-219a1359c4e9
15:52:11 min/fil  GetFileWithRetry: winsys-8.vpx downloaded  and verified
15:52:11 nrm/pkg  DldPackage: C:\Program Files\AVAST Software\Avast\Setup\winsys-8.vpx, returned 0x00000000
15:52:17 nrm/int  Used server: C:\Users\Juls\AppData\Local\Temp\_av_sfx.tm~1a3a94ef-49b5-4094-ba58-219a1359c4e9
15:52:35 min/fil  GetFileWithRetry: vps_32-ac0.vpx downloaded  and verified
15:52:35 nrm/pkg  DldPackage: C:\Program Files\AVAST Software\Avast\Setup\vps_32-ac0.vpx, returned 0x00000000
15:52:53 nrm/int  Used server: C:\Users\Juls\AppData\Local\Temp\_av_sfx.tm~1a3a94ef-49b5-4094-ba58-219a1359c4e9
15:52:53 min/fil  GetFileWithRetry: vps_win32-ad3.vpx downloaded  and verified
15:52:53 nrm/pkg  DldPackage: C:\Program Files\AVAST Software\Avast\Setup\vps_win32-ad3.vpx, returned 0x00000000
15:52:55 nrm/int  Used server: C:\Users\Juls\AppData\Local\Temp\_av_sfx.tm~1a3a94ef-49b5-4094-ba58-219a1359c4e9
15:52:55 min/fil  GetFileWithRetry: jrog-a7.vpx downloaded  and verified
15:52:55 nrm/pkg  DldPackage: C:\Program Files\AVAST Software\Avast\Setup\jrog-a7.vpx, returned 0x00000000
15:52:55 nrm/int  Used server: C:\Users\Juls\AppData\Local\Temp\_av_sfx.tm~1a3a94ef-49b5-4094-ba58-219a1359c4e9
15:52:55 min/fil  GetFileWithRetry: jrog2-7a5.vpx downloaded  and verified
15:52:55 nrm/pkg  DldPackage: C:\Program Files\AVAST Software\Avast\Setup\jrog2-7a5.vpx, returned 0x00000000
15:52:57 min/gen  setup: updated
15:52:57 min/gen  setif: updated
15:52:57 vrb/pkg  FilterOutExistingFiles: 613 & 0 = 613
15:52:57 vrb/pkg  Extracting from ais_core-4d3.vpx
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win2k\addtap.bat
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win2k\addtap.bat
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win32\addtap.bat
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win32\addtap.bat
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win64\addtap.bat
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win64\addtap.bat
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win2k\deltapall.bat
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win2k\deltapall.bat
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win32\deltapall.bat
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win32\deltapall.bat
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win64\deltapall.bat
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win64\deltapall.bat
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\v5\aswnet.cat
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\v5\aswnet.cat
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\v6\aswnet.cat
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\v6\aswnet.cat
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win32\tap0901.cat
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win32\tap0901.cat
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win64\tap0901.cat
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win64\tap0901.cat
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win2k\tapoas.cat
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win2k\tapoas.cat
15:52:58 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\SecureLine\secureline.cfg
15:52:58 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\SecureLine\secureline.cfg
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\avast.der
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\avast.der
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Aavm4h.dll
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Aavm4h.dll
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AavmRpch.dll
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AavmRpch.dll
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\ashBase.dll
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\ashBase.dll
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\ashServ.dll
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\ashServ.dll
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\ashShell.dll
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\ashShell.dll
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\ashTask.dll
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\ashTask.dll
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
15:52:58 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswAra.dll
15:52:58 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswAra.dll
15:52:59 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswAux.dll
15:52:59 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswAux.dll
15:52:59 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
15:52:59 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
15:52:59 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
15:52:59 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
15:52:59 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
15:52:59 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
15:52:59 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswData.dll
15:52:59 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswData.dll
15:52:59 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswDld.dll
15:52:59 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswDld.dll
15:52:59 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
15:52:59 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
15:52:59 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswIdle.dll
15:52:59 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswIdle.dll
15:52:59 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswLog.dll
15:52:59 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswLog.dll
15:52:59 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswLSRun.dll
15:52:59 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswLSRun.dll
15:52:59 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll
15:52:59 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll
15:52:59 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswProperty.dll
15:52:59 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswProperty.dll
15:52:59 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswRvrt.dll
15:52:59 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswRvrt.dll
15:52:59 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswSqLt.dll
15:52:59 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswSqLt.dll
15:53:00 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswStrm.dll
15:53:00 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswStrm.dll
15:53:00 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswUtil.dll
15:53:00 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswUtil.dll
15:53:00 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswVmm.dll
15:53:00 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswVmm.dll
15:53:00 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswW8ntf.dll
15:53:00 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswW8ntf.dll
15:53:00 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\avastIP.dll
15:53:00 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\avastIP.dll
15:53:00 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\avastSS.dll
15:53:00 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\avastSS.dll
15:53:00 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AvSSHook.dll
15:53:00 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AvSSHook.dll
15:53:00 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\CommonRes.dll
15:53:00 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\CommonRes.dll
15:53:01 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\dbghelp.dll
15:53:01 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\dbghelp.dll
15:53:01 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\libeay32.dll
15:53:01 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\libeay32.dll
15:53:01 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\libeay32.dll
15:53:01 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\libeay32.dll
15:53:01 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\libpkcs11-helper-1.dll
15:53:01 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\libpkcs11-helper-1.dll
15:53:01 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\lzo2.dll
15:53:01 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\lzo2.dll
15:53:01 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\screenhooks32.dll
15:53:01 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\screenhooks32.dll
15:53:01 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\ssleay32.dll
15:53:01 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\ssleay32.dll
15:53:01 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\ssleay32.dll
15:53:01 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\ssleay32.dll
15:53:01 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\ashQuick.exe
15:53:01 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\ashQuick.exe
15:53:01 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\ashUpd.exe
15:53:01 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\ashUpd.exe
15:53:01 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\asulaunch.exe
15:53:01 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\asulaunch.exe
15:53:01 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswAraSr.exe
15:53:01 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswAraSr.exe
15:53:01 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\aswBoot.exe
15:53:01 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\aswBoot.exe
15:53:01 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswChLic.exe
15:53:01 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswChLic.exe
15:53:01 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswRegSvr.exe
15:53:01 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswRegSvr.exe
15:53:01 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswRunDll.exe
15:53:01 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswRunDll.exe
15:53:02 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AvastBCL-Sfx.exe
15:53:02 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AvastBCL-Sfx.exe
15:53:02 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
15:53:02 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
15:53:02 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:53:02 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:53:03 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AvastUI.exe
15:53:03 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AvastUI.exe
15:53:03 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\avBugReport.exe
15:53:03 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\avBugReport.exe
15:53:03 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\openvpn.exe
15:53:03 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\openvpn.exe
15:53:03 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\sched.exe
15:53:03 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\sched.exe
15:53:03 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win2k\tapinstall.exe
15:53:03 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win2k\tapinstall.exe
15:53:03 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win32\tapinstall.exe
15:53:03 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win32\tapinstall.exe
15:53:03 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win64\tapinstall.exe
15:53:03 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win64\tapinstall.exe
15:53:03 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\VisthAux.exe
15:53:03 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\VisthAux.exe
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\v5\aswnet.inf
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\v5\aswnet.inf
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\v6\aswnet.inf
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\v6\aswnet.inf
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win2k\OemWin2k.inf
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win2k\OemWin2k.inf
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win32\OemWin2k.inf
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win32\OemWin2k.inf
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win64\OemWin2k.inf
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win64\OemWin2k.inf
15:53:04 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\avast5.ini
15:53:04 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\avast5.ini
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AdBlocker\IE\avast-adblocker-ie.msi
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AdBlocker\IE\avast-adblocker-ie.msi
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\settings.ori
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\settings.ori
15:53:04 nrm/fil  Direct move of file: C:\Windows\avastSS.scr
15:53:04 vrb/fil  Installed file:C:\Windows\avastSS.scr
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\flash\amline.swf
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\flash\amline.swf
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\flash\ammap\ammap.swf
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\flash\ammap\ammap.swf
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\flash\ammap\icons\arrow.swf
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\flash\ammap\icons\arrow.swf
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\flash\ammap\icons\bubble.swf
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\flash\ammap\icons\bubble.swf
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\flash\ammap\icons\cross.swf
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\flash\ammap\icons\cross.swf
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\flash\ammap\icons\flag.swf
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\flash\ammap\icons\flag.swf
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\flash\ammap\icons\pin.swf
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\flash\ammap\icons\pin.swf
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\flash\ammap\maps\world.swf
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\flash\ammap\maps\world.swf
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\flash\ammap\icons\zoom_out.swf
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\flash\ammap\icons\zoom_out.swf
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\v5\aswnet.sys
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\v5\aswnet.sys
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\v6\aswnet.sys
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\v6\aswnet.sys
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win32\tap0901.sys
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win32\tap0901.sys
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win64\tap0901.sys
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win64\tap0901.sys
15:53:04 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win2k\tapoas.sys
15:53:04 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\OpenVPN\driver\win2k\tapoas.sys
15:53:04 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-Bold.ttf
15:53:04 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-Bold.ttf
15:53:05 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-BoldItalic.ttf
15:53:05 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-BoldItalic.ttf
15:53:05 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-CondBold.ttf
15:53:05 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-CondBold.ttf
15:53:05 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-CondLight.ttf
15:53:05 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-CondLight.ttf
15:53:05 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-CondLightItalic.ttf
15:53:05 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-CondLightItalic.ttf
15:53:05 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-ExtraBold.ttf
15:53:05 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-ExtraBold.ttf
15:53:05 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-ExtraBoldItalic.ttf
15:53:05 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-ExtraBoldItalic.ttf
15:53:05 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-Italic.ttf
15:53:05 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-Italic.ttf
15:53:05 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-Light.ttf
15:53:05 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-Light.ttf
15:53:05 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-LightItalic.ttf
15:53:05 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-LightItalic.ttf
15:53:05 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-Regular.ttf
15:53:05 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-Regular.ttf
15:53:06 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-Semibold.ttf
15:53:06 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-Semibold.ttf
15:53:06 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-SemiboldItalic.ttf
15:53:06 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-SemiboldItalic.ttf
15:53:06 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\flash\amcharts_key.txt
15:53:06 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\flash\amcharts_key.txt
15:53:06 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\flash\ammap\ammap_key.txt
15:53:06 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\flash\ammap\ammap_key.txt
15:53:06 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\Fonts\Apache License Version 2.txt
15:53:06 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\Fonts\Apache License Version 2.txt
15:53:06 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.ver
15:53:06 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.ver
15:53:06 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\sounds\fw_question.wav
15:53:06 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\sounds\fw_question.wav
15:53:06 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\sounds\scan_completed.wav
15:53:06 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\sounds\scan_completed.wav
15:53:06 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\sounds\threat_detected.wav
15:53:06 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\sounds\threat_detected.wav
15:53:06 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\sounds\virus_db_updated.wav
15:53:06 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\sounds\virus_db_updated.wav
15:53:06 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\flash\ammap\ammap_settings_summary.xml
15:53:06 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\flash\ammap\ammap_settings_summary.xml
15:53:06 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\flash\ammap\ammap_settings_tracert.xml
15:53:06 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\flash\ammap\ammap_settings_tracert.xml
15:53:06 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\flash\ammap\empty_map.xml
15:53:06 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\flash\ammap\empty_map.xml
15:53:06 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AdBlocker\FF\adblocker@avast.com.xpi
15:53:06 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AdBlocker\FF\adblocker@avast.com.xpi
15:53:06 vrb/pkg  Extracting from ais_dll_ger-4fd.vpx
15:53:06 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\1031\Avast5_1031.chm
15:53:06 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\1031\Avast5_1031.chm
15:53:06 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\1031\Base.dll
15:53:06 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\1031\Base.dll
15:53:06 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\1031\Boot.dll
15:53:06 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\1031\Boot.dll
15:53:06 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\1031\uiLangRes.dll
15:53:06 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\1031\uiLangRes.dll
15:53:06 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\1031\aswClnTg.htm
15:53:06 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\1031\aswClnTg.htm
15:53:06 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\1031\aswInfTg.htm
15:53:06 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\1031\aswInfTg.htm
15:53:06 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\1031\aswClnTg.txt
15:53:06 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\1031\aswClnTg.txt
15:53:06 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\1031\aswInfTg.txt
15:53:06 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\1031\aswInfTg.txt
15:53:06 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\sounds\1031\pup_detected.wav
15:53:06 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\sounds\1031\pup_detected.wav
15:53:06 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\sounds\1031\scan_completed.wav
15:53:06 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\sounds\1031\scan_completed.wav
15:53:06 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\sounds\1031\suspicious_detected.wav
15:53:06 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\sounds\1031\suspicious_detected.wav
15:53:06 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\sounds\1031\threat_detected.wav
15:53:06 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\sounds\1031\threat_detected.wav
15:53:06 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\sounds\1031\virus_db_updated.wav
15:53:06 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\sounds\1031\virus_db_updated.wav
15:53:06 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\sounds\1031\welcome.wav
15:53:06 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\sounds\1031\welcome.wav
15:53:06 vrb/pkg  Extracting from ais_res-41a.vpx
15:53:06 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswSidebar.gadget
15:53:06 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswSidebar.gadget
15:53:07 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\avast.jquery.js
15:53:07 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\avast.jquery.js
15:53:07 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\avast.script.js
15:53:07 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\avast.script.js
15:53:07 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\avast.tpl.html
15:53:07 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\avast.tpl.html
15:53:09 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\avastProxy.js
15:53:09 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\avastProxy.js
15:53:09 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\libs\avastwrc.js
15:53:09 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\libs\avastwrc.js
15:53:09 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\check-priority.jp
15:53:09 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\check-priority.jp
15:53:09 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\chrome.manifest
15:53:09 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\chrome.manifest
15:53:09 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\consts.js
15:53:09 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\consts.js
15:53:09 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\dateFormat.js
15:53:09 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\dateFormat.js
15:53:09 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\libs\dateFormat.js
15:53:09 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\libs\dateFormat.js
15:53:09 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\hoverContent.html
15:53:09 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\hoverContent.html
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\IE7.js
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\IE7.js
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\IE8.js
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\IE8.js
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\IE9.js
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\IE9.js
15:53:10 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\index.html
15:53:10 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\index.html
15:53:10 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\index.js
15:53:10 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\index.js
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\libs\jquery-1.5.2.js
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\libs\jquery-1.5.2.js
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\libs\jquery.1.8.js
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\libs\jquery.1.8.js
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\libs\jquery.js
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\libs\jquery.js
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\jquery.js
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\jquery.js
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\log.js
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\log.js
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\ar\messages.json
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\ar\messages.json
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\be\messages.json
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\be\messages.json
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\bg\messages.json
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\bg\messages.json
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\bn\messages.json
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\bn\messages.json
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\ca\messages.json
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\ca\messages.json
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\cs\messages.json
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\cs\messages.json
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\da\messages.json
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\da\messages.json
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\de\messages.json
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\de\messages.json
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\el\messages.json
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\el\messages.json
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\en\messages.json
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\en\messages.json
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\en_GB\messages.json
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\en_GB\messages.json
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\es\messages.json
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\es\messages.json
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\et\messages.json
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\et\messages.json
15:53:10 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\fa\messages.json
15:53:10 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\fa\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\fi\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\fi\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\fr\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\fr\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\he\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\he\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\hi\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\hi\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\hr\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\hr\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\hu\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\hu\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\id\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\id\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\it\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\it\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\ja\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\ja\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\ko\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\ko\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\lv\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\lv\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\ms\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\ms\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\nb\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\nb\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\nl\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\nl\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\pl\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\pl\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\pt_BR\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\pt_BR\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\pt_PT\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\pt_PT\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\ro\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\ro\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\ru\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\ru\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\sk\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\sk\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\sl\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\sl\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\sr\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\sr\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\sv\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\sv\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\th\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\th\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\tr\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\tr\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\uk\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\uk\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\ur\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\ur\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\vi\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\vi\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\zh_CN\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\zh_CN\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\zh_TW\messages.json
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\_locales\zh_TW\messages.json
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\overlay.js
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\overlay.js
15:53:11 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\libs\pbj.js
15:53:11 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\libs\pbj.js
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\phishingContent.html
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\phishingContent.html
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\popup.html
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\popup.html
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\popup.js
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\popup.js
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\defaults\preferences\pref.js
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\defaults\preferences\pref.js
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\libs\protobuf.js
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\libs\protobuf.js
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\libs\query.js
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\libs\query.js
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\ratings.js
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\ratings.js
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\rules.js
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\rules.js
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\shop-icon-big.jp
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\shop-icon-big.jp
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\shop-icon-small.jp
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\shop-icon-small.jp
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\siteCorrectBarContent.html
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\siteCorrectBarContent.html
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\siteCorrectContent.html
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\siteCorrectContent.html
15:53:12 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\utils.js
15:53:12 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\utils.js
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ar-SA\wrc.properties
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ar-SA\wrc.properties
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\be-BY\wrc.properties
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\be-BY\wrc.properties
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\bg-BG\wrc.properties
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\bg-BG\wrc.properties
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ca-ES\wrc.properties
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ca-ES\wrc.properties
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\cs-CZ\wrc.properties
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\cs-CZ\wrc.properties
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\da-DK\wrc.properties
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\da-DK\wrc.properties
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\de-DE\wrc.properties
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\de-DE\wrc.properties
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\el-GR\wrc.properties
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\el-GR\wrc.properties
15:53:12 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\en-GB\wrc.properties
15:53:12 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\en-GB\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\en-US\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\en-US\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\es-ES\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\es-ES\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\et-EE\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\et-EE\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\fi-FI\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\fi-FI\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\fr-FR\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\fr-FR\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\he-IL\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\he-IL\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\hr-HR\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\hr-HR\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\hu-HU\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\hu-HU\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\id-ID\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\id-ID\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\it-IT\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\it-IT\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ja-JP\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ja-JP\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ko-KR\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ko-KR\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\nb-NO\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\nb-NO\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\nl-NL\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\nl-NL\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\pl-PL\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\pl-PL\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\pt-BR\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\pt-BR\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\pt-PT\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\pt-PT\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ro-RO\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ro-RO\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ru-RU\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ru-RU\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\sk-SK\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\sk-SK\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\sl-SI\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\sl-SI\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\sv-SE\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\sv-SE\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\th-TH\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\th-TH\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\tr-TR\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\tr-TR\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\uk-UA\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\uk-UA\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ur-PK\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ur-PK\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\vi-VN\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\vi-VN\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\zh-CN\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\zh-CN\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\zh-TW\wrc.properties
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\zh-TW\wrc.properties
15:53:13 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\Safari\wrc.safariextz
15:53:13 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\Safari\wrc.safariextz
15:53:14 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\libs\wrc_gpb.js
15:53:14 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\libs\wrc_gpb.js
15:53:14 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\whql_x86\AswRdr2.cat
15:53:14 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\whql_x86\AswRdr2.cat
15:53:14 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\avast.tpl.css
15:53:14 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\avast.tpl.css
15:53:14 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\hover.css
15:53:14 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\hover.css
15:53:14 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\index.css
15:53:14 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\index.css
15:53:14 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\middle.css
15:53:14 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\middle.css
15:53:14 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\overlay.css
15:53:14 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\overlay.css
15:53:14 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\popup.css
15:53:14 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\popup.css
15:53:14 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\popup.new.css
15:53:14 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\popup.new.css
15:53:14 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AhAScr.dll
15:53:14 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AhAScr.dll
15:53:14 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AhResBhv.dll
15:53:14 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AhResBhv.dll
15:53:14 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AhResJs.dll
15:53:14 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AhResJs.dll
15:53:14 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AhResMai.dll
15:53:14 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AhResMai.dll
15:53:14 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AhResMes.dll
15:53:14 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AhResMes.dll
15:53:14 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AhResNS.dll
15:53:14 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AhResNS.dll
15:53:15 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AhResP2P.dll
15:53:15 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AhResP2P.dll
15:53:15 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AhResStd.dll
15:53:15 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AhResStd.dll
15:53:15 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AhResWS.dll
15:53:15 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AhResWS.dll
15:53:15 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
15:53:15 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
15:53:15 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\ashWebSv.dll
15:53:15 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\ashWebSv.dll
15:53:15 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
15:53:15 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
15:53:15 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\asOutExt.dll
15:53:15 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\asOutExt.dll
15:53:15 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\asOutExt64.dll
15:53:15 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\asOutExt64.dll
15:53:15 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
15:53:15 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
15:53:15 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswJsFlt64.dll
15:53:15 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswJsFlt64.dll
15:53:15 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswMonVD.dll
15:53:15 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswMonVD.dll
15:53:15 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswnseng.dll
15:53:15 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswnseng.dll
15:53:15 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswnsf.dll
15:53:15 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswnsf.dll
15:53:15 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
15:53:15 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
15:53:15 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AvastGUIProxy.dll
15:53:15 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AvastGUIProxy.dll
15:53:15 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\AvastGUIProxy64.dll
15:53:15 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\AvastGUIProxy64.dll
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\snxhk.dll
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\snxhk.dll
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ar-SA\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ar-SA\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\be-BY\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\be-BY\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\bg-BG\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\bg-BG\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ca-ES\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ca-ES\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\cs-CZ\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\cs-CZ\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\da-DK\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\da-DK\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\de-DE\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\de-DE\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\el-GR\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\el-GR\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\en-GB\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\en-GB\wrc.dtd


Alt 03.09.2013, 20:30   #6
Ju_Vo
 
VAF Player lässt sich nicht deinstallieren! - Standard

VAF Player lässt sich nicht deinstallieren!


Setup AVAST 2

Code:
ATTFilter
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\en-US\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\en-US\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\es-ES\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\es-ES\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\et-EE\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\et-EE\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\fi-FI\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\fi-FI\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\fr-FR\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\fr-FR\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\he-IL\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\he-IL\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\hr-HR\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\hr-HR\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\hu-HU\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\hu-HU\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\id-ID\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\id-ID\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\it-IT\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\it-IT\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ja-JP\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ja-JP\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ko-KR\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ko-KR\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\nb-NO\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\nb-NO\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\nl-NL\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\nl-NL\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\pl-PL\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\pl-PL\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\pt-BR\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\pt-BR\wrc.dtd
15:53:16 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\pt-PT\wrc.dtd
15:53:16 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\pt-PT\wrc.dtd
15:53:17 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ro-RO\wrc.dtd
15:53:17 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ro-RO\wrc.dtd
15:53:17 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ru-RU\wrc.dtd
15:53:17 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ru-RU\wrc.dtd
15:53:17 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\sk-SK\wrc.dtd
15:53:17 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\sk-SK\wrc.dtd
15:53:17 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\sl-SI\wrc.dtd
15:53:17 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\sl-SI\wrc.dtd
15:53:17 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\sv-SE\wrc.dtd
15:53:17 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\sv-SE\wrc.dtd
15:53:17 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\th-TH\wrc.dtd
15:53:17 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\th-TH\wrc.dtd
15:53:17 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\tr-TR\wrc.dtd
15:53:17 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\tr-TR\wrc.dtd
15:53:17 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\uk-UA\wrc.dtd
15:53:17 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\uk-UA\wrc.dtd
15:53:17 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ur-PK\wrc.dtd
15:53:17 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ur-PK\wrc.dtd
15:53:17 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\vi-VN\wrc.dtd
15:53:17 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\vi-VN\wrc.dtd
15:53:17 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\zh-CN\wrc.dtd
15:53:17 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\zh-CN\wrc.dtd
15:53:17 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\zh-TW\wrc.dtd
15:53:17 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\zh-TW\wrc.dtd
15:53:17 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\1.gif
15:53:17 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\1.gif
15:53:17 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\10.gif
15:53:17 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\10.gif
15:53:17 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\11.gif
15:53:17 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\11.gif
15:53:17 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\12.gif
15:53:17 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\12.gif
15:53:17 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\13.gif
15:53:17 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\13.gif
15:53:17 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\14.gif
15:53:17 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\14.gif
15:53:17 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\15.gif
15:53:17 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\15.gif
15:53:17 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\16.gif
15:53:17 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\16.gif
15:53:17 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\17.gif
15:53:17 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\17.gif
15:53:17 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\18.gif
15:53:17 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\18.gif
15:53:17 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\2.gif
15:53:17 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\2.gif
15:53:17 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\3.gif
15:53:17 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\3.gif
15:53:17 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\4.gif
15:53:17 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\4.gif
15:53:17 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\5.gif
15:53:17 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\5.gif
15:53:17 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\6.gif
15:53:17 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\6.gif
15:53:17 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\7.gif
15:53:17 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\7.gif
15:53:17 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\8.gif
15:53:17 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\8.gif
15:53:17 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\9.gif
15:53:17 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba\9.gif
15:53:17 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\blank.gif
15:53:17 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\blank.gif
15:53:17 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\HtmlData\Blocked.htm
15:53:17 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\HtmlData\Blocked.htm
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\whql_x86\AswRdr2.inf
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\whql_x86\AswRdr2.inf
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\background-body.jpg
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\background-body.jpg
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\background-body.jpg
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\background-body.jpg
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\background-header.jpg
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\background-header.jpg
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\check-priority.jpg
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\check-priority.jpg
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\horizontal-line.jpg
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\horizontal-line.jpg
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\horizontal-line-white.jpg
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\horizontal-line-white.jpg
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\logo.jpg
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\logo.jpg
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\shop-icon-big.jpg
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\shop-icon-big.jpg
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\shop-icon-small.jpg
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\shop-icon-small.jpg
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\vertical-line.jpg
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\vertical-line.jpg
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\Opera\wrc.oex
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\Opera\wrc.oex
15:53:18 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba.png
15:53:18 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\ameba.png
15:53:18 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\attention.png
15:53:18 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\attention.png
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\avast_logo.png
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\avast_logo.png
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\background-body.png
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\background-body.png
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\background-right.png
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\background-right.png
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\background-right-bottom.png
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\background-right-bottom.png
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\background-right-top.png
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\background-right-top.png
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\background-sitecorrect.png
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\background-sitecorrect.png
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\bg-window.png
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\bg-window.png
15:53:18 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button.png
15:53:18 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button.png
15:53:18 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\Button-1.png
15:53:18 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\Button-1.png
15:53:18 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-hig.png
15:53:18 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-hig.png
15:53:18 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-left.png
15:53:18 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-left.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-left-hig.png
15:53:19 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-left-hig.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-left-press.png
15:53:19 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-left-press.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\button-middle.png
15:53:19 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\button-middle.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-middle.png
15:53:19 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-middle.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-middle-hig.png
15:53:19 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-middle-hig.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-middle-press.png
15:53:19 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-middle-press.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-press.png
15:53:19 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-press.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-right.png
15:53:19 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-right.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-right-hig.png
15:53:19 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-right-hig.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-right-press.png
15:53:19 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\button-right-press.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\close.png
15:53:19 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\close.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\close.png
15:53:19 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\close.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\close.png
15:53:19 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\close.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\close.png
15:53:19 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\close.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\close-hover.png
15:53:19 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\close-hover.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\corner-left-bottom.png
15:53:19 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\corner-left-bottom.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\corner-left-top.png
15:53:19 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\corner-left-top.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\corner-right-bottom.png
15:53:19 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\corner-right-bottom.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\corner-right-top.png
15:53:19 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\corner-right-top.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\corporate.png
15:53:19 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\corporate.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\corporate-small-disable.png
15:53:19 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\corporate-small-disable.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\corporate-small-selected.png
15:53:19 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\corporate-small-selected.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\drugs.png
15:53:19 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\drugs.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\drugs-small-disable.png
15:53:19 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\drugs-small-disable.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\drugs-small-selected.png
15:53:19 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\drugs-small-selected.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\gadget_bg_horizontal.png
15:53:19 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\gadget_bg_horizontal.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\gadget_bg_vertical.png
15:53:19 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\gadget_bg_vertical.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\gambling.png
15:53:19 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\gambling.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\gambling-small-disable.png
15:53:19 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\gambling-small-disable.png
15:53:19 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\gambling-small-selected.png
15:53:19 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\gambling-small-selected.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green-1.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green-1.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green-2.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green-2.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green-3.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green-3.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green-hover.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green-hover.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green-selected.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green-selected.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\green1.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\green1.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\green1-16.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\green1-16.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green1-16.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green1-16.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\green1-16.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\green1-16.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\green1-24.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\green1-24.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green1-24.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green1-24.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green1-small.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green1-small.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\green2.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\green2.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\green2-16.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\green2-16.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green2-16.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green2-16.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\green2-16.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\green2-16.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\green2-24.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\green2-24.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green2-24.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green2-24.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green2-small.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green2-small.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\green3.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\green3.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\green3-16.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\green3-16.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green3-16.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green3-16.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\green3-16.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\green3-16.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\green3-24.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\green3-24.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green3-24.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green3-24.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green3-small.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\green3-small.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\grey.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\grey.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\grey-0.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\grey-0.png
15:53:20 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\grey-3.png
15:53:20 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\grey-3.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\grey-small.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\grey-small.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\grey0-16.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\grey0-16.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\grey0-16.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\grey0-16.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\grey0-16.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\grey0-16.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\grey0-24.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\grey0-24.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\grey0-24.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\grey0-24.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\grey3-16.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\grey3-16.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\grey3-16.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\grey3-16.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\grey3-24.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\grey3-24.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\grey3-24.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\grey3-24.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-16.png
15:53:21 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-16.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-32.png
15:53:21 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-32.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-64.png
15:53:21 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-64.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-corporate.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-corporate.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-drugs.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-drugs.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-gambling.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-gambling.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-illegal.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-illegal.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-it.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-it.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-news.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-news.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-open.png
15:53:21 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-open.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-open-hig.png
15:53:21 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-open-hig.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-pornography.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-pornography.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-safezone.png
15:53:21 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-safezone.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-safezone-hig.png
15:53:21 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-safezone-hig.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-scan.png
15:53:21 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-scan.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-scan-hig.png
15:53:21 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-scan-hig.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-shopping.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-shopping.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-social.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-social.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-update.png
15:53:21 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-update.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-update-hig.png
15:53:21 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon-update-hig.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-violence.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon-violence.png
15:53:21 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon128.png
15:53:21 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\icon128.png
15:53:22 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_blog.png
15:53:22 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_blog.png
15:53:22 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_blog_hover.png
15:53:22 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_blog_hover.png
15:53:22 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_facebook.png
15:53:22 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_facebook.png
15:53:22 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_facebook_hover.png
15:53:22 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_facebook_hover.png
15:53:22 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\icon_incorrect.png
15:53:22 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\icon_incorrect.png
15:53:22 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_open.png
15:53:22 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_open.png
15:53:22 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_open_hover.png
15:53:22 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_open_hover.png
15:53:23 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_safezone.png
15:53:23 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_safezone.png
15:53:24 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_safezone_hover.png
15:53:24 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_safezone_hover.png
15:53:24 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_twitter.png
15:53:24 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_twitter.png
15:53:24 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_twitter_hover.png
15:53:24 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_twitter_hover.png
15:53:24 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_update.png
15:53:24 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_update.png
15:53:24 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_update_hover.png
15:53:24 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_update_hover.png
15:53:24 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\illegal.png
15:53:24 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\illegal.png
15:53:24 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\illegal-small-disable.png
15:53:24 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\illegal-small-disable.png
15:53:24 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\illegal-small-selected.png
15:53:24 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\illegal-small-selected.png
15:53:24 nrm/fil  Direct move of file: C:\ProgramData\AVAST Software\Avast\HtmlData\image001.png
15:53:24 vrb/fil  Installed file:C:\ProgramData\AVAST Software\Avast\HtmlData\image001.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\it.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\it.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\it-small-disable.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\it-small-disable.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\it-small-selected.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\it-small-selected.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\kenny.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\kenny.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\limet.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\limet.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\limet-hover.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\limet-hover.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\limet-selected.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\limet-selected.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\line-dark-horizontal.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\line-dark-horizontal.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\line-light-horizontal.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\line-light-horizontal.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\logo.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\logo.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\logo.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\logo.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\news.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\news.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\news-small-disable.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\news-small-disable.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\news-small-selected.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\news-small-selected.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\none.png
15:53:25 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\none.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\orange.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\orange.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\orange-hover.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\orange-hover.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\orange-selected.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\orange-selected.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\orange1.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\orange1.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\orange1-16.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\orange1-16.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\orange1-24.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\orange1-24.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\orange2.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\orange2.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\orange2-16.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\orange2-16.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\orange2-24.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\orange2-24.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\orange3.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\orange3.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\orange3-16.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\orange3-16.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\orange3-24.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\orange3-24.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\pornography.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\pornography.png
15:53:25 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\pornography-small-disable.png
15:53:25 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\pornography-small-disable.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\pornography-small-selected.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\pornography-small-selected.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.average.h.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.average.h.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.average.l.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.average.l.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.average.m.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.average.m.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.good.h.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.good.h.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.good.l.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.good.l.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.good.m.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.good.m.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.low.h.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.low.h.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.low.l.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.low.l.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.low.m.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.low.m.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.none.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\rating.none.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red-1.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red-1.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red-1-108.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red-1-108.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red-2.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red-2.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red-3.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red-3.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red-hover.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red-hover.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red-selected.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red-selected.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\red1.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\red1.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\red1-16.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\red1-16.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red1-16.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red1-16.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\red1-16.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\red1-16.png
15:53:26 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\red1-24.png
15:53:26 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\red1-24.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red1-24.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red1-24.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red1-small.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red1-small.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\red2.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\red2.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\red2-16.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\red2-16.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red2-16.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red2-16.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\red2-16.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\red2-16.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\red2-24.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\red2-24.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red2-24.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red2-24.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red2-small.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red2-small.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\red3.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons\red3.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\red3-16.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\red3-16.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red3-16.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red3-16.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\red3-16.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\IE\imgs\red3-16.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\red3-24.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\red3-24.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red3-24.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red3-24.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red3-small.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\red3-small.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\secured.png
15:53:27 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\secured.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\shopping.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\shopping.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\shopping-small-disable.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\shopping-small-disable.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\shopping-small-selected.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\shopping-small-selected.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\social.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\social.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\social-small-disable.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\social-small-disable.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\social-small-selected.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\social-small-selected.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\unsecured.png
15:53:27 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\unsecured.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\violence.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\violence.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\violence-small-disable.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\violence-small-disable.png
15:53:27 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\violence-small-selected.png
15:53:27 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\violence-small-selected.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\Warning.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\Warning.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\window-bottom.png
15:53:28 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\window-bottom.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\window-green.png
15:53:28 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\window-green.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\window-grey1.png
15:53:28 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\window-grey1.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\window-grey2.png
15:53:28 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\window-grey2.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\window-red.png
15:53:28 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\window-red.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\window-top.png
15:53:28 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\window-top.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\window-top-small.png
15:53:28 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\window-top-small.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\window-wrc.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\window-wrc.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\window-yellow.png
15:53:28 vrb/fil  Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\window-yellow.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-1.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-1.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-2.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-2.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-3.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-3.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-hover.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-hover.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-selected.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-selected.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\yellow1-16.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\yellow1-16.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow1-16.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow1-16.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\yellow1-24.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\yellow1-24.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow1-24.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow1-24.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow1-small.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow1-small.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\yellow2-16.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\yellow2-16.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow2-16.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow2-16.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\yellow2-24.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\yellow2-24.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow2-24.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow2-24.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow2-small.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow2-small.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\yellow3-16.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\yellow3-16.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow3-16.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow3-16.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\yellow3-24.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\yellow3-24.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow3-24.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow3-24.png
15:53:28 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow3-small.png
15:53:28 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png\yellow3-small.png
15:53:29 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\install.rdf
15:53:29 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\install.rdf
15:53:29 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\Aavmker4.sys
15:53:29 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\Aavmker4.sys
15:53:29 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\aswFsBlk.sys
15:53:29 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\aswFsBlk.sys
15:53:29 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\aswKbd.sys
15:53:29 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\aswKbd.sys
15:53:29 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\aswMon.sys
15:53:29 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\aswMon.sys
15:53:29 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\aswMon2.sys
15:53:29 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\aswMon2.sys
15:53:29 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\aswMonDS.sys
15:53:29 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\aswMonDS.sys
15:53:29 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\aswMonFlt.sys
15:53:29 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\aswMonFlt.sys
15:53:29 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\AswRdr.sys
15:53:29 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\AswRdr.sys
15:53:29 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\whql_x86\x86\AswRdr2.sys
15:53:29 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\whql_x86\x86\AswRdr2.sys
15:53:29 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\aswRvrt.sys
15:53:29 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\aswRvrt.sys
15:53:29 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\aswSnx.sys
15:53:29 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\aswSnx.sys
15:53:29 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\aswSP.sys
15:53:29 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\aswSP.sys
15:53:29 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\AswTdi.sys
15:53:29 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\AswTdi.sys
15:53:29 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\Setup\INF\aswVmm.sys
15:53:29 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\Setup\INF\aswVmm.sys
15:53:29 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\License\EULA_Avast_Business.txt
15:53:29 vrb/fil  Installed file:C:\Program Files\AVAST Software\Avast\License\EULA_Avast_Business.txt
15:53:29 nrm/fil  Direct move of file: C:\Program Files\AVAST Software\Avast\License\EULA_Avast_Free.txt

Alt 03.09.2013, 20:35   #7
Ju_Vo
 
VAF Player lässt sich nicht deinstallieren! - Standard

VAF Player lässt sich nicht deinstallieren!


Teil 3 SETUP AVAST

So, das wars... war leider alles zu lang...

15:53:29 vrb/fil Installed file:C:\Program Files\AVAST Software\Avast\License\EULA_Avast_Business.txt
15:53:29 nrm/fil Direct move of file: C:\Program Files\AVAST Software\Avast\License\EULA_Avast_Free.txt
15:53:29 vrb/fil Installed file:C:\Program Files\AVAST Software\Avast\License\EULA_Avast_Free.txt
15:53:29 nrm/fil Direct move of file: C:\Program Files\AVAST Software\Avast\License\EULA_Avast_Pro_IS.txt
15:53:29 vrb/fil Installed file:C:\Program Files\AVAST Software\Avast\License\EULA_Avast_Pro_IS.txt
15:53:29 nrm/fil Direct move of file: C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\gadget.xml
15:53:29 vrb/fil Installed file:C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\gadget.xml
15:53:29 nrm/fil Direct move of file: C:\ProgramData\AVAST Software\Avast\snx_gconfig.xml
15:53:29 vrb/fil Installed file:C:\ProgramData\AVAST Software\Avast\snx_gconfig.xml
15:53:29 nrm/fil Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\about.xul
15:53:29 vrb/fil Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\about.xul
15:53:29 nrm/fil Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\overlay.xul
15:53:29 vrb/fil Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\overlay.xul
15:53:29 nrm/fil Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\content\overlay.old.xul
15:53:29 vrb/fil Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\content\overlay.old.xul
15:53:29 nrm/fil Direct move of file: C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\wrc ico 16x16px a 24x24px.zip
15:53:29 vrb/fil Installed file:C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\wrc ico 16x16px a 24x24px.zip
15:53:29 vrb/pkg Extracting from winsys-8.vpx
15:53:29 nrm/fil Direct move of file: C:\Program Files\AVAST Software\Avast\vcrcheck.dll
15:53:29 vrb/fil Installed file:C:\Program Files\AVAST Software\Avast\vcrcheck.dll
15:53:30 nrm/fil Direct move of file: C:\Program Files\AVAST Software\Avast\vcredist_x86_sp1.exe
15:53:30 vrb/fil Installed file:C:\Program Files\AVAST Software\Avast\vcredist_x86_sp1.exe
15:53:30 min/pkg program: installed 613 files (50204675 bytes), removed 0 files
15:53:30 vrb/sys Executing:C:\Program Files\AVAST Software\Avast\vcredist_x86_SP1.exe /q
15:55:59 vrb/sys Executed:C:\Program Files\AVAST Software\Avast\vcredist_x86_SP1.exe /q
15:55:59 min/sys VC redistributable installed successfully
15:55:59 min/pkg vps version 13050900
15:55:59 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\Sf.bin (4)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\Sf.bin
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\Sf1.bin (4)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\Sf1.bin
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\dllcc.dat (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\dllcc.dat
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\ArPot.dll (4)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\ArPot.dll
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\aswAR.dll (4)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\aswAR.dll
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\aswBoot.dll (4)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\aswBoot.dll
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\aswCleanerDLL.dll (4)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\aswCleanerDLL.dll
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\aswCmnBS.dll (4)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\aswCmnBS.dll
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\aswCmnIS.dll (4)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\aswCmnIS.dll
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\aswCmnOS.dll (4)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\aswCmnOS.dll
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\aswEngin.dll (4)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\aswEngin.dll
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\aswFiDb.dll (4)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\aswFiDb.dll
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\aswRawFS.dll (4)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\aswRawFS.dll
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\aswRep.dll (4)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\aswRep.dll
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\aswScan.dll (4)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\aswScan.dll
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\exts.dll (4)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\exts.dll
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\fwAux.dll (4)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\fwAux.dll
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\swhealthex.dll (4)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\swhealthex.dll
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\uiext.dll (4)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\uiext.dll
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\list_d.txt (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\list_d.txt
15:56:00 min/pkg vps: ExtractFilesFromPackage(vps_win32-ad3.vpx) returned 0x00000000
15:56:00 min/pkg vps: OpenPackage(C:\Program Files\AVAST Software\Avast\Setup\vps_32-ac0.vpx) returned 0x00000000, files: 53
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\spm.db (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\spm.db
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\whitelist.db (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\whitelist.db
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\spm.bin (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\spm.bin
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_as.dat (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_as.dat
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_bhv.dat (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_bhv.dat
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_dex.dat (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_dex.dat
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_dsql.dat (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_dsql.dat
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_dyna.dat (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_dyna.dat
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_el.dat (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_el.dat
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_elf.dat (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_elf.dat
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_elfa.dat (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_elfa.dat
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_evope.dat (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_evope.dat
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_java.dat (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_java.dat
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_js.dat (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_js.dat
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_mx4.dat (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_mx4.dat
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_mx95.dat (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_mx95.dat
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_o7.dat (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_o7.dat
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_ob2.dat (2)
15:56:00 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_ob2.dat
15:56:00 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_pe2.dat (2)
15:56:07 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_pe2.dat
15:56:07 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_pe3.dat (2)
15:56:09 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_pe3.dat
15:56:09 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_sc.dat (2)
15:56:10 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_sc.dat
15:56:10 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_swf.dat (2)
15:56:10 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_swf.dat
15:56:10 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_tx.dat (2)
15:56:10 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_tx.dat
15:56:10 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_u.dat (2)
15:56:12 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_u.dat
15:56:12 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_w6.dat (2)
15:56:12 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_w6.dat
15:56:12 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_wh2.dat (2)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_wh2.dat
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\fnames_5.dat (2)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\fnames_5.dat
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\pclassif.dat (2)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\pclassif.dat
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\snxclass.dat (2)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\snxclass.dat
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\algo.dll (4)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\algo.dll
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\def.ini (2)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\def.ini
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\certs.map (2)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\certs.map
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_bhv.map (20000)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_bhv.map
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_dex.map (20000)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_dex.map
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_dsql.map (20000)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_dsql.map
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_dyna.map (20000)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_dyna.map
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_elf.map (20000)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_elf.map
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_elfa.map (20000)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_elfa.map
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_java.map (20000)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_java.map
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_js.map (20000)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_js.map
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_mx4.map (20000)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_mx4.map
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_mx95.map (20000)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_mx95.map
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_o7.map (20000)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_o7.map
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_swf.map (20000)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_swf.map
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_w6.map (20000)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_w6.map
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\db_xtn.map (20000)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\db_xtn.map
15:56:13 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13050900\list_i.txt (2)
15:56:13 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13050900\list_i.txt
15:56:13 min/pkg vps: preparePool C:\Program Files\AVAST Software\Avast\defs\13050900\l_idx.map, ok
15:56:13 min/pkg vps: preparePool C:\Program Files\AVAST Software\Avast\defs\13050900\s_idx.map, ok
15:56:13 min/pkg vps: preparePool C:\Program Files\AVAST Software\Avast\defs\13050900\sl_idx.map, ok
15:56:15 min/pkg vps: Create file C:\Program Files\AVAST Software\Avast\defs\13050900\lshe3.map, ok
15:56:15 min/pkg vps: Create file C:\Program Files\AVAST Software\Avast\defs\13050900\acshort.map, ok
15:56:16 vrb/fil File registered: C:\Program Files\AVAST Software\Avast\AhAScr.dll
15:56:16 vrb/fil File registered: C:\Program Files\AVAST Software\Avast\asOutExt.dll
15:56:16 vrb/reg Set registry: Software\AVAST Software\Avast\DataFolder=C:\ProgramData\AVAST Software\Avast
15:56:16 vrb/reg Set registry: Software\AVAST Software\Avast\Version=8.0
15:56:16 vrb/reg Set registry: Software\AVAST Software\Avast\VersionShort=8.0
15:56:16 vrb/reg Set registry: Software\AVAST Software\Avast\SetupVersion=1489
15:56:16 vrb/reg Set registry: Software\AVAST Software\Avast\ProgramFolder=C:\Program Files\AVAST Software\Avast
15:56:16 vrb/reg Set registry: Software\AVAST Software\Avast\Product=ais
15:56:16 vrb/reg Set registry: Software\AVAST Software\Avast\OSPlatform=2
15:56:16 vrb/reg Set registry: Software\AVAST Software\Avast\OSVersion=393216
15:56:16 vrb/reg Set registry: Software\Microsoft\Windows\CurrentVersion\App Paths\AvastUI.exe\Path=C:\Program Files\AVAST Software\Avast;C:\Program Files\AVAST Software\Avast\Setup
15:56:16 vrb/reg Set registry: Software\Microsoft\Windows\CurrentVersion\App Paths\AvastUI.exe\=C:\Program Files\AVAST Software\Avast\AvastUI.exe
15:56:16 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\OverrideDefaultAddressSelection=1
15:56:16 vrb/reg Set registry: .avastlic\=avastlicfile
15:56:16 vrb/reg Set registry: .avastlic\Content Type=application/avast-license
15:56:16 vrb/reg Set registry: avastlicfile\=avast! license file
15:56:16 vrb/reg Set registry: avastlicfile\EditFlags=65536
15:56:16 vrb/reg Set registry: avastlicfile\BrowserFlags=8
15:56:16 vrb/reg Set registry: avastlicfile\shell\=
15:56:16 vrb/reg Set registry: avastlicfile\shell\open\=
15:56:16 vrb/reg Set registry: avastlicfile\shell\open\command\="C:\Program Files\AVAST Software\Avast\aswChLic.exe" "%1"
15:56:16 vrb/reg Set registry: .avastvpn\=avastvpnfile
15:56:16 vrb/reg Set registry: .avastvpn\Content Type=application/avast-avastvpn
15:56:16 vrb/reg Set registry: avastvpnfile\=avast! secureline file
15:56:16 vrb/reg Set registry: avastvpnfile\EditFlags=65536
15:56:16 vrb/reg Set registry: avastvpnfile\BrowserFlags=8
15:56:16 vrb/reg Set registry: avastvpnfile\shell\=
15:56:16 vrb/reg Set registry: avastvpnfile\shell\open\=
15:56:16 vrb/reg Set registry: avastvpnfile\shell\open\command\="C:\Program Files\AVAST Software\Avast\aswChLic.exe" "%1"
15:56:16 vrb/reg Set registry: .avastsounds\=avastsoundsfile
15:56:16 vrb/reg Set registry: .avastsounds\Content Type=application/avast-sounds
15:56:16 vrb/reg Set registry: avastsoundsfile\=avast! soundpack file
15:56:16 vrb/reg Set registry: avastsoundsfile\EditFlags=65536
15:56:16 vrb/reg Set registry: avastsoundsfile\BrowserFlags=8
15:56:16 vrb/reg Set registry: avastsoundsfile\shell\=
15:56:16 vrb/reg Set registry: avastsoundsfile\shell\open\=
15:56:16 vrb/reg Set registry: avastsoundsfile\shell\open\command\="C:\Program Files\AVAST Software\Avast\aswChLic.exe" "%1"
15:56:16 vrb/reg Set registry: .avastconfig\=avastconfigfile
15:56:16 vrb/reg Set registry: .avastconfig\Content Type=application/avast-config
15:56:16 vrb/reg Set registry: avastconfigfile\=avast! config file
15:56:16 vrb/reg Set registry: avastconfigfile\EditFlags=65536
15:56:16 vrb/reg Set registry: avastconfigfile\BrowserFlags=8
15:56:16 vrb/reg Set registry: avastconfigfile\shell\=
15:56:16 vrb/reg Set registry: avastconfigfile\shell\open\=
15:56:16 vrb/reg Set registry: avastconfigfile\shell\open\command\="C:\Program Files\AVAST Software\Avast\aswChLic.exe" "%1"
15:56:16 vrb/reg Set registry: .avasttheme\=avastthemefile
15:56:16 vrb/reg Set registry: .avasttheme\Content Type=application/avast-theme
15:56:16 vrb/reg Set registry: avastthemefile\=avast! theme file
15:56:16 vrb/reg Set registry: avastthemefile\EditFlags=65536
15:56:16 vrb/reg Set registry: avastthemefile\BrowserFlags=8
15:56:16 vrb/reg Set registry: avastthemefile\shell\=
15:56:16 vrb/reg Set registry: avastthemefile\shell\open\=
15:56:16 vrb/reg Set registry: avastthemefile\shell\open\command\="C:\Program Files\AVAST Software\Avast\aswChLic.exe" "%1"
15:56:17 vrb/sys Driver file copied: C:\Windows\system32\aswBoot.exe
15:56:17 vrb/sys Executing:AvastEmUpdate.exe /installer /reg
15:56:18 vrb/sys Executed:AvastEmUpdate.exe /installer /reg
15:56:18 nrm/fil Direct delete of file: C:\Program Files\AVAST Software\Avast\License\EULA_Avast_Pro_IS.txt
15:56:18 nrm/fil Direct delete of file: C:\Program Files\AVAST Software\Avast\License\EULA_Avast_Business.txt
15:56:18 nrm/sys Uninstalling Aavmker4.sys
15:56:19 vrb/sys Driver file copied: C:\Windows\system32\drivers\aswMonFlt.sys
15:56:20 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswMonFlt\Description=avast! mini-filter driver (aswMonFlt)
15:56:20 vrb/sys Service aswMonFlt installed
15:56:20 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswMonFlt\Instances\DefaultInstance=aswMonFlt Instance
15:56:20 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswMonFlt\Instances\aswMonFlt Instance\Altitude=320700
15:56:20 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswMonFlt\Instances\aswMonFlt Instance\Flags=0
15:56:23 vrb/sys Driver file copied: C:\Windows\system32\drivers\aswRvrt.sys
15:56:25 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswRvrt\Description=avast! Revert
15:56:25 vrb/sys Service aswRvrt installed
15:56:25 vrb/reg Deleted registry: SYSTEM\CurrentControlSet\Services\aswRvrt\ImagePath
15:56:25 vrb/sys Driver file copied: C:\Windows\system32\drivers\aswVmm.sys
15:56:26 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswVmm\Description=avast! VM Monitor
15:56:26 vrb/sys Service aswVmm installed
15:56:26 vrb/reg Deleted registry: SYSTEM\CurrentControlSet\Services\aswVmm\ImagePath
15:56:26 vrb/sys Driver file copied: C:\Windows\system32\drivers\aswSnx.sys
15:56:28 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswSnx\Description=avast! virtualization driver (aswSnx)
15:56:28 vrb/sys Service aswSnx installed
15:56:28 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswSnx\Parameters\ProgramFolder=\DosDevices\C:\Program Files\AVAST Software\Avast
15:56:28 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswSnx\Parameters\DataFolder=\DosDevices\C:\ProgramData\AVAST Software\Avast
15:56:28 nrm/sys Service 'aswSnx' load order set id=2 in group 'FSFilter Virtualization'
15:56:28 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswSnx\Tag=2
15:56:28 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswSnx\Instances\DefaultInstance=aswSnx Instance
15:56:28 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswSnx\Instances\aswSnx Instance\Altitude=137600
15:56:28 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswSnx\Instances\aswSnx Instance\Flags=0
15:56:28 vrb/reg Deleted registry: SYSTEM\CurrentControlSet\Services\aswSnx\ImagePath
15:56:29 vrb/reg Set registry: Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast\={472083B0-C522-11CF-8763-00608CC02F24}
15:56:29 vrb/reg Set registry: AllFilesystemObjects\shellex\ContextMenuHandlers\00avast\={472083B0-C522-11CF-8763-00608CC02F24}
15:56:29 min/sys Uninstalling aswnet driver
15:56:29 min/sys Deleting aswnet driver returned code 0 (0x00000000)
15:56:29 min/sys Uninstalling aswnet driver returned code 0 (0x00000000)
15:56:29 vrb/sys Driver file copied: C:\Windows\system32\drivers\aswTdi.sys
15:56:30 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswTdi\Description=avast! Network Shield TDI driver
15:56:30 vrb/sys Service aswTdi installed
15:56:30 vrb/reg Deleted registry: SYSTEM\CurrentControlSet\Services\aswTdi\ImagePath
15:56:30 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswTdi\Parameters\DisableAutostart=1
15:56:30 nrm/sys Service 'aswTdi' load order set id=13 in group 'PNP_TDI'
15:56:30 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswTdi\Tag=13
15:56:30 vrb/sys Service avast! Mail Scanner uninstalled
15:56:30 vrb/sys Service avast! Web Scanner uninstalled
15:56:30 vrb/sys Driver file copied: C:\Windows\system32\Drivers\aswRdr.sys
15:56:32 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\AswRdr\Description=avast! TDI Redirect driver
15:56:32 vrb/sys Service AswRdr installed
15:56:32 vrb/reg Deleted registry: SYSTEM\CurrentControlSet\Services\aswRdr\ImagePath
15:56:32 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswRdr\Parameters\DisableAutostart=1
15:56:32 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswSP\Parameters\BehavShield=1
15:56:32 vrb/reg Set registry: Software\AVAST Software\Avast\GadgetFolder=C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget
15:56:37 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\avast! Antivirus\Description=Verwaltet und implementiert avast! Antivirus-Dienste für diesen Computer. Dies beinhaltet den Echtzeit-Schutz, den Virus-Container und den Planer.
15:56:37 vrb/sys Service avast! Antivirus installed
15:56:37 vrb/sys Service avast! Antivirus dependency aswMonFlt;RpcSS;
15:56:38 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\avast! Antivirus\Description=Verwaltet und implementiert avast! Antivirus-Dienste für diesen Computer. Dies beinhaltet den Echtzeit-Schutz, den Virus-Container und den Planer.
15:56:38 vrb/sys Service avast! Antivirus updated
15:56:39 vrb/sys Service avast! Antivirus parameters updated
15:56:39 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\avast! Antivirus\Type=32
15:56:40 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswSP\Parameters\ProgramFolder=\DosDevices\C:\Program Files\AVAST Software\Avast
15:56:40 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswSP\Parameters\DataFolder=\DosDevices\C:\ProgramData\AVAST Software\Avast
15:56:40 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswSP\Parameters\ProgramFilesFolder=\DosDevices\C:\Program Files
15:56:40 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswSP\Parameters\GadgetFolder=\DosDevices\C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget
15:56:40 vrb/sys Driver file copied: C:\Windows\system32\drivers\aswSP.sys
15:56:42 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswSP\Description=avast! Self Protection
15:56:42 vrb/sys Service aswSP installed
15:56:42 vrb/reg Deleted registry: SYSTEM\CurrentControlSet\Services\aswSP\ImagePath
15:56:42 vrb/sys Driver file copied: C:\Windows\system32\drivers\aswFsBlk.sys
15:56:43 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswFsBlk\Description=avast! mini-filter driver (aswFsBlk)
15:56:43 vrb/sys Service aswFsBlk installed
15:56:43 nrm/sys Service 'aswFsBlk' load order set id=2 in group 'FSFilter Activity Monitor'
15:56:43 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswFsBlk\Tag=2
15:56:43 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswFsBlk\Instances\DefaultInstance=aswFsBlk Instance
15:56:43 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswFsBlk\Instances\aswFsBlk Instance\Altitude=388400
15:56:43 vrb/reg Set registry: SYSTEM\CurrentControlSet\Services\aswFsBlk\Instances\aswFsBlk Instance\Flags=0
15:56:43 vrb/reg Deleted registry: SYSTEM\CurrentControlSet\Services\aswFsBlk\ImagePath
15:56:43 vrb/fil Shortcut for AvastUI.exe installed in C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
15:56:43 vrb/fil Shortcut for AvastUI.exe installed in C:\Users\Public\Desktop
15:56:43 vrb/reg Set registry: *\shellex\ContextMenuHandlers\avast\(null)={472083B0-C522-11CF-8763-00608CC02F24}
15:56:43 vrb/reg Set registry: avast\ShellEx\ContextMenuHandlers\(null)={472083B0-C522-11CF-8763-00608CC02F24}
15:56:43 vrb/reg Set registry: Folder\shellex\ContextMenuHandlers\avast\(null)={472083B0-C522-11CF-8763-00608CC02F24}
15:56:43 vrb/reg Set registry: CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\(null)=avast
15:56:43 vrb/reg Set registry: CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InProcServer32\(null)=C:\Program Files\AVAST Software\Avast\ashShell.dll
15:56:43 vrb/reg Set registry: CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InProcServer32\ReleaseName=C:\Program Files\AVAST Software\Avast\ashShell.dll
15:56:43 vrb/reg Set registry: CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InProcServer32\ThreadingModel=Apartment
15:56:43 vrb/reg Set registry: SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{472083B0-C522-11CF-8763-00608CC02F24}=avast
15:56:43 vrb/reg Set registry: SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{472083B0-C522-11CF-8763-00608CC02F24}=avast
15:56:43 vrb/reg Set registry: Software\Microsoft\Windows\CurrentVersion\Run\avast="C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
15:56:43 vrb/sys Executing:AvastEmUpdate.exe /installer
15:56:48 vrb/sys Executed:AvastEmUpdate.exe /installer
15:56:48 vrb/reg Set registry: Software\Microsoft\Windows\CurrentVersion\Uninstall\avast\DisplayName=avast! Free Antivirus
15:56:48 vrb/reg Set registry: Software\Microsoft\Windows\CurrentVersion\Uninstall\avast\DisplayVersion=8.0.1489.0
15:56:48 vrb/reg Set registry: Software\Microsoft\Windows\CurrentVersion\Uninstall\avast\InstallLocation=C:\PROGRA~1\AVASTS~1\Avast
15:56:48 vrb/reg Set registry: Software\Microsoft\Windows\CurrentVersion\Uninstall\avast\InstallSource=C:\Users\Juls\DOWNLO~1
15:56:48 vrb/reg Set registry: Software\Microsoft\Windows\CurrentVersion\Uninstall\avast\Publisher=AVAST Software
15:56:48 vrb/reg Set registry: Software\Microsoft\Windows\CurrentVersion\Uninstall\avast\VersionMajor=8
15:56:48 vrb/reg Set registry: Software\Microsoft\Windows\CurrentVersion\Uninstall\avast\VersionMinor=0
15:56:48 vrb/reg Set registry: Software\Microsoft\Windows\CurrentVersion\Uninstall\avast\DisplayIcon=C:\Program Files\AVAST Software\Avast\avastUI.exe
15:56:48 vrb/reg Set registry: Software\Microsoft\Windows\CurrentVersion\Uninstall\avast\UninstallString=C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
15:56:48 vrb/gen SaveState: Edition=1
15:56:51 vrb/gen License key generated Demo
15:56:51 vrb/gen LicUpgradeLicenseKeyToAvast5 returned 0x00000000
15:57:02 vrb/gen Error: basWebRepInstallPlugin for "Internet Explorer" returned 0x00000103
15:57:02 vrb/gen Browser "Firefox" not found
15:57:02 vrb/gen Browser "Opera" not found
15:57:02 vrb/gen Browser "Safari" not found
15:57:02 nrm/gen No recommendation number found
15:57:02 vrb/reg Set registry: Software\AVAST Software\Avast\DataFolder=C:\ProgramData\AVAST Software\Avast
15:57:02 vrb/reg Set registry: Software\AVAST Software\Avast\Version=8.0
15:57:02 vrb/reg Set registry: Software\AVAST Software\Avast\VersionShort=8.0
15:57:02 vrb/reg Set registry: Software\AVAST Software\Avast\SetupVersion=1489
15:57:02 vrb/reg Set registry: Software\AVAST Software\Avast\ProgramFolder=C:\Program Files\AVAST Software\Avast
15:57:02 vrb/reg Set registry: Software\AVAST Software\Avast\Product=ais
15:57:02 vrb/reg Set registry: Software\AVAST Software\Avast\OSPlatform=2
15:57:02 vrb/reg Set registry: Software\AVAST Software\Avast\OSVersion=393216
15:57:03 vrb/gen SaveState: Edition=1
15:57:03 nrm/pkg Transferred: files 6, bytes 308, time 12652 ms
15:57:03 nrm/pkg Retries: total 0, files 0, servers 1
15:57:25 vrb/gen DldSrc set to inet
15:57:26 nrm/gen Server definition(s) loaded for 'main': 112 (maintenance:0)
15:57:26 nrm/gen SelectCurrent: selected server 'Download346 AVAST5 Server' from 'main'
15:57:26 nrm/int SYNCER: Type: use IE settings
15:57:26 nrm/int SYNCER: Auth: another authentication, use WinInet
15:57:26 vrb/int Sending stats 'hxxp://v7.stats.avast.com/cgi-bin/iavs4stats.cgi': 00000000 204
15:57:26 vrb/fil NeedReboot=false
15:57:26 min/gen Return code: 0x20000000 [Something done]
15:57:26 min/gen Stopped: 02.09.2013, 15:57:26


16:03:25 min/gen Started: 02.09.2013, 16:03:25
16:03:25 vrb/gen Operation set to INST_OP_UNKNOWN
16:03:25 min/gen Old version: 5d1 (1489)
16:03:25 min/gen Cmdline: /checkupdate /verysilent
16:03:25 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
16:03:25 min/gen Running SETUP_AIS-5d1 (1489)
16:03:25 nrm/sys Operating system: Windows Vista ver 6.0, build 6002, sp 2.0 [Service Pack 2]
16:03:25 nrm/sys Memory: 68% load. Phys:639200/2057864K free, Page:2427236/4194303K free, Virt:2036504/2097024K free
16:03:25 vrb/sys Computer WinName: JULS-PC
16:03:26 min/sys Windows Net User: NT-AUTORITÄT\SYSTEM
16:03:26 vrb/gen DldSrc set to inet
16:03:26 vrb/gen Operation set to INST_OP_CHECK_UPDATE
16:03:26 min/gen Old version: 5d1 (1489)
16:03:26 vrb/reg Deleted registry: Software\AVAST Software\Avast\UpdateReady
16:03:26 nrm/sys Using temp: C:\Windows\TEMP\_asw_aisI.tm~a04928 (75711M free)
16:03:26 nrm/gen SGW32AIS::CheckIfInstalled set m_bAlreadyInstalled and m_bIsOldVersionDetected to 1
16:03:26 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
16:03:26 vrb/sys Computer DnsName: Juls-PC
16:03:26 vrb/sys Computer Ip Addr: 192.168.178.28
16:03:26 nrm/sys Installed in: C:\Program Files\AVAST Software\Avast (75711M free)
16:03:26 vrb/gen LoadState: Edition=1
16:03:26 nrm/int SYNCER: Type: use IE settings
16:03:26 nrm/int SYNCER: Auth: another authentication, use WinInet
16:03:26 vrb/pkg Part prg_ais-5d1 is installed
16:03:26 vrb/pkg Part vps_win32-13050900 is installed
16:03:26 vrb/pkg Part setup_ais-5d1 is installed
16:03:26 vrb/pkg Part jrog-a7 is installed
16:03:26 vrb/pkg Part jrog2-7a5 is installed
16:03:26 vrb/sys Debug: Windows Server registry key not retrieved.
16:03:26 min/gen Old version: 5d1 (1489)
16:03:30 vrb/sys Debug: Windows Server registry key not retrieved.
16:04:01 vrb/fil SetExistingFilesBitmap: 1305->609->608
16:04:01 min/gen GUID: a8995f92-5bed-40b0-9d6e-842d808da8dc
16:04:01 nrm/gen Server definition(s) loaded for 'main': 112 (maintenance:0)
16:04:01 nrm/gen SelectCurrent: selected server 'Download411 AVAST5 Server' from 'main'
16:04:01 nrm/int SYNCER: Type: use IE settings
16:04:01 nrm/int SYNCER: Auth: another authentication, use WinInet
16:04:01 vrb/sys Debug: Windows Server registry key not retrieved.
16:04:01 nrm/int Used server: hxxp://50.7.97.26/iavs5x
16:04:01 min/fil GetFileWithRetry: servers.def.vpx downloaded .
16:04:01 nrm/gen Server definition(s) loaded for 'main': 113 (maintenance:0)
16:04:01 nrm/gen SelectCurrent: selected server 'Download550 AVAST5 Server' from 'main'
16:04:01 nrm/int SYNCER: Type: use IE settings
16:04:01 nrm/int SYNCER: Auth: another authentication, use WinInet
16:04:02 nrm/int Used server: hxxp://download550.avast.com/iavs5x
16:04:02 min/fil GetFileWithRetry: prod-ais.vpx downloaded .
16:04:02 vrb/pkg LoadPartInfo: jrog = jrog-a7 returned 00000000
16:04:02 vrb/pkg LoadPartInfo: jrog2 = jrog2-889 returned 00000000
16:04:02 vrb/pkg LoadPartInfo: program = prg_ais-5d9 returned 00000000
16:04:02 vrb/pkg LoadPartInfo: setup = setup_ais-5d9 returned 00000000
16:04:02 vrb/pkg LoadPartInfo: vps = vps_win32-13090200 returned 00000000
16:04:02 vrb/reg Set registry: Software\AVAST Software\Avast\DataFolder=C:\ProgramData\AVAST Software\Avast
16:04:02 vrb/reg Set registry: Software\AVAST Software\Avast\Version=8.0
16:04:02 vrb/reg Set registry: Software\AVAST Software\Avast\VersionShort=8.0
16:04:02 vrb/reg Set registry: Software\AVAST Software\Avast\SetupVersion=1489
16:04:02 vrb/reg Set registry: Software\AVAST Software\Avast\ProgramFolder=C:\Program Files\AVAST Software\Avast
16:04:02 vrb/reg Set registry: Software\AVAST Software\Avast\Product=ais
16:04:02 nrm/pkg Transferred: files 2, bytes 3339, time 936 ms
16:04:02 nrm/pkg Retries: total 0, files 0, servers 2
16:04:02 vrb/fil NeedReboot=false
16:04:02 min/gen Return code: 0x20000000 [Something done]
16:04:02 min/gen Stopped: 02.09.2013, 16:04:02


16:04:29 min/gen Started: 02.09.2013, 16:04:29
16:04:29 vrb/gen Operation set to INST_OP_UNKNOWN
16:04:29 min/gen Old version: 5d1 (1489)
16:04:29 min/gen Cmdline: /downloadpkgs /noreboot /updatevps /verysilent /session "0" /limitcpu
16:04:29 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
16:04:29 min/gen Running SETUP_AIS-5d1 (1489)
16:04:29 nrm/sys Operating system: Windows Vista ver 6.0, build 6002, sp 2.0 [Service Pack 2]
16:04:29 nrm/sys Memory: 67% load. Phys:666260/2057864K free, Page:2425468/4194303K free, Virt:2036504/2097024K free
16:04:29 vrb/sys Computer WinName: JULS-PC
16:04:29 min/sys Windows Net User: NT-AUTORITÄT\SYSTEM
16:04:29 vrb/gen DldSrc set to inet
16:04:29 vrb/gen Operation set to INST_OP_UPDATE_GET_PACKAGES
16:04:29 min/gen Old version: 5d1 (1489)
16:04:29 vrb/reg Deleted registry: Software\AVAST Software\Avast\UpdateReady
16:04:29 nrm/sys Using temp: C:\Windows\TEMP\_asw_aisI.tm~a07668 (75698M free)
16:04:29 nrm/gen SGW32AIS::CheckIfInstalled set m_bAlreadyInstalled and m_bIsOldVersionDetected to 1
16:04:29 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
16:04:29 vrb/sys Computer DnsName: Juls-PC
16:04:29 vrb/sys Computer Ip Addr: 192.168.178.28
16:04:29 nrm/sys Installed in: C:\Program Files\AVAST Software\Avast (75698M free)
16:04:29 vrb/gen LoadState: Edition=1
16:04:29 nrm/int SYNCER: Type: use IE settings
16:04:29 nrm/int SYNCER: Auth: another authentication, use WinInet
16:04:29 vrb/pkg Part prg_ais-5d1 is installed
16:04:29 vrb/pkg Part vps_win32-13050900 is installed
16:04:29 vrb/pkg Part setup_ais-5d1 is installed
16:04:29 vrb/pkg Part jrog-a7 is installed
16:04:29 vrb/pkg Part jrog2-7a5 is installed
16:04:29 vrb/sys Debug: Windows Server registry key not retrieved.
16:04:29 min/gen Old version: 5d1 (1489)
16:04:29 vrb/sys Debug: Windows Server registry key not retrieved.
16:04:29 vrb/fil skipped CPackageEngine_File::SetExistingFilesBitmap
16:04:29 min/gen GUID: a8995f92-5bed-40b0-9d6e-842d808da8dc
16:04:29 nrm/gen Server definition(s) loaded for 'main': 113 (maintenance:0)
16:04:29 nrm/gen SelectCurrent: selected server 'Download407 AVAST5 Server' from 'main'
16:04:29 nrm/int SYNCER: Type: use IE settings
16:04:29 nrm/int SYNCER: Auth: another authentication, use WinInet
16:04:29 vrb/sys Debug: Windows Server registry key not retrieved.
16:04:29 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
16:04:30 nrm/int Used server: hxxp://download407.avast.com/iavs5x
16:04:30 min/fil GetFileWithRetry: servers.def.vpx downloaded .
16:04:30 min/fil servers.def.vpx not changed, 1378118539
16:04:30 nrm/gen Server definition(s) loaded for 'main': 113 (maintenance:0)
16:04:30 nrm/gen SelectCurrent: selected server 'Download363 AVAST5 Server' from 'main'
16:04:30 nrm/int SYNCER: Type: use IE settings
16:04:30 nrm/int SYNCER: Auth: another authentication, use WinInet
16:04:30 nrm/int Used server: hxxp://download363.avast.com/iavs5x
16:04:30 min/fil GetFileWithRetry: prod-ais.vpx downloaded .
16:04:30 min/fil prod-ais.vpx not changed, 1378120826
16:04:30 vrb/pkg LoadPartInfo: jrog = jrog-a7 returned 00000000
16:04:30 vrb/pkg LoadPartInfo: jrog2 = jrog2-889 returned 00000000
16:04:30 vrb/pkg LoadPartInfo: program = prg_ais-5d9 returned 00000000
16:04:30 vrb/pkg LoadPartInfo: setup = setup_ais-5d9 returned 00000000
16:04:30 vrb/pkg LoadPartInfo: vps = vps_win32-13090200 returned 00000000
16:04:30 nrm/int Used server: hxxp://download363.avast.com/iavs5x
16:04:30 min/fil GetFileWithRetry: part-vps_win32-13090200.vpx downloaded and verified
16:04:30 vrb/pkg Part vps_win32-13090200 was set to be installed
16:04:30 vrb/pkg DeleteObsoletePackages: Removed part-vps_win32-13050900.vpx
16:04:30 nrm/int Used server: hxxp://download363.avast.com/iavs5x
16:04:30 min/fil GetFileWithRetry: part-jrog2-889.vpx downloaded and verified
16:04:30 vrb/pkg Part jrog2-889 was set to be installed
16:04:30 vrb/pkg DeleteObsoletePackages: Removed part-jrog2-7a5.vpx
16:04:30 vrb/pkg Part vps_win32-13090200 was set to be installed
16:04:30 vrb/pkg Part jrog2-889 was set to be installed
16:04:30 vrb/pkg IsFullOkay: jrog2-889.vpx - not okay (doesn't exist)
16:04:30 vrb/pkg IsFullOkay: jrog2-889.vpx - not okay (doesn't exist)
16:04:32 nrm/int Used server: hxxp://download363.avast.com/iavs5x
16:04:32 min/fil GetFileWithRetry: jrog2-889.vpx downloaded and verified
16:04:32 nrm/pkg DldPackage: C:\Program Files\AVAST Software\Avast\Setup\jrog2-889.vpx, returned 0x00000000
16:04:33 vrb/pkg DeleteObsoletePackages: Removed jrog2-7a5.vpx
16:04:35 vrb/pkg IsFullOkay: vps_32-bad.vpx - not okay (doesn't exist)
16:04:35 vrb/pkg IsFullOkay: vps_32-bad.vpx - not okay (doesn't exist)
16:04:35 vrb/pkg IsFullOkay: vps_win32-bc0.vpx - not okay (doesn't exist)
16:04:35 vrb/pkg IsFullOkay: vps_win32-bc0.vpx - not okay (doesn't exist)
16:06:52 nrm/int Used server: hxxp://download363.avast.com/iavs5x
16:07:08 min/fil GetFileWithRetry: vps_32-bad.vpx downloaded and verified
16:07:08 nrm/pkg DldPackage: C:\Program Files\AVAST Software\Avast\Setup\vps_32-bad.vpx, returned 0x00000000
16:07:20 vrb/pkg DeleteObsoletePackages: Removed vps_32-ac0.vpx
16:07:27 nrm/int Used server: hxxp://download363.avast.com/iavs5x
16:07:27 min/fil GetFileWithRetry: vps_win32-bc0.vpx downloaded and verified
16:07:27 nrm/pkg DldPackage: C:\Program Files\AVAST Software\Avast\Setup\vps_win32-bc0.vpx, returned 0x00000000
16:07:28 vrb/pkg DeleteObsoletePackages: Removed vps_win32-ad3.vpx
16:07:30 min/int submit has nothing to send
16:07:30 nrm/pkg Submit: files 0, bytes 0, time 0 ms
16:07:30 nrm/pkg Submit success: files 0, bytes 0, time 0 ms
16:07:30 nrm/pkg Transferred: files 7, bytes 99542583, time 146953 ms
16:07:30 nrm/pkg Retries: total 0, files 0, servers 2
16:07:32 vrb/int Sending stats 'hxxp://v7.stats.avast.com/cgi-bin/iavs4stats.cgi': 00000000 204
16:07:32 vrb/fil NeedReboot=false
16:07:32 min/gen Return code: 0x20000000 [Something done]
16:07:32 min/gen Stopped: 02.09.2013, 16:07:32


16:07:42 min/gen Started: 02.09.2013, 16:07:42
16:07:42 vrb/gen Operation set to INST_OP_UNKNOWN
16:07:42 min/gen Old version: 5d1 (1489)
16:07:42 min/gen Cmdline: /refresh /noreboot /updatevps /verysilent /session "0" /limitcpu
16:07:42 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
16:07:42 min/gen Running SETUP_AIS-5d1 (1489)
16:07:42 nrm/sys Operating system: Windows Vista ver 6.0, build 6002, sp 2.0 [Service Pack 2]
16:07:42 nrm/sys Memory: 62% load. Phys:769220/2057864K free, Page:2484816/4194303K free, Virt:2036504/2097024K free
16:07:42 vrb/sys Computer WinName: JULS-PC
16:07:42 min/sys Windows Net User: NT-AUTORITÄT\SYSTEM
16:07:42 vrb/gen Operation set to INST_OP_UPDATE_INSTALL_PACKAGES
16:07:42 min/gen Old version: 5d1 (1489)
16:07:48 vrb/reg Deleted registry: Software\AVAST Software\Avast\UpdateReady
16:07:48 nrm/sys Using temp: C:\Windows\TEMP\_asw_aisI.tm~a08048 (75755M free)
16:07:48 nrm/gen SGW32AIS::CheckIfInstalled set m_bAlreadyInstalled and m_bIsOldVersionDetected to 1
16:07:48 nrm/sys Installed in: C:\Program Files\AVAST Software\Avast (75755M free)
16:07:48 vrb/gen LoadState: Edition=1
16:07:48 nrm/int SYNCER: Type: use IE settings
16:07:48 nrm/int SYNCER: Auth: another authentication, use WinInet
16:07:48 vrb/pkg Part prg_ais-5d1 is installed
16:07:48 vrb/pkg Part vps_win32-13090200 is installed
16:07:48 vrb/pkg Part setup_ais-5d1 is installed
16:07:48 vrb/pkg Part jrog-a7 is installed
16:07:49 vrb/pkg Part jrog2-889 is installed
16:07:49 vrb/sys Debug: Windows Server registry key not retrieved.
16:07:49 min/gen Old version: 5d1 (1489)
16:07:49 vrb/sys Debug: Windows Server registry key not retrieved.
16:07:49 vrb/fil skipped CPackageEngine_File::SetExistingFilesBitmap
16:07:49 min/gen GUID: a8995f92-5bed-40b0-9d6e-842d808da8dc
16:07:49 vrb/sys Debug: Windows Server registry key not retrieved.
16:07:49 vrb/gen Entering:UpdateInstallPackages
16:07:49 vrb/pkg LoadPartInfo: jrog = jrog-a7 returned 00000000
16:07:49 vrb/pkg LoadPartInfo: jrog2 = jrog2-889 returned 00000000
16:07:49 vrb/pkg LoadPartInfo: program = prg_ais-5d9 returned 00000000
16:07:49 vrb/pkg LoadPartInfo: setup = setup_ais-5d9 returned 00000000
16:07:49 vrb/pkg LoadPartInfo: vps = vps_win32-13090200 returned 00000000
16:07:53 vrb/pkg ArePartsInstallable: 1
16:07:53 min/pkg vps version 13090200
16:07:53 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\Sf.bin (4)
16:07:53 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\Sf.bin
16:07:53 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\Sf1.bin (4)
16:07:53 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\Sf1.bin
16:07:53 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\dllcc.dat (2)
16:07:53 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\dllcc.dat
16:07:53 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\ArPot.dll (4)
16:07:53 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\ArPot.dll
16:07:53 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\aswAR.dll (4)
16:07:53 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\aswAR.dll
16:07:53 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\aswBoot.dll (4)
16:07:53 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\aswBoot.dll
16:07:53 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\aswCleanerDLL.dll (4)
16:07:53 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\aswCleanerDLL.dll
16:07:53 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\aswCmnBS.dll (4)
16:07:53 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\aswCmnBS.dll
16:07:53 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\aswCmnIS.dll (4)
16:07:53 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\aswCmnIS.dll
16:07:53 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\aswCmnOS.dll (4)
16:07:53 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\aswCmnOS.dll
16:07:53 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\aswEngin.dll (4)
16:07:54 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\aswEngin.dll
16:07:54 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\aswFiDb.dll (4)
16:07:54 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\aswFiDb.dll
16:07:54 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\aswRawFS.dll (4)
16:07:54 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\aswRawFS.dll
16:07:54 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\aswRep.dll (4)
16:07:54 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\aswRep.dll
16:07:54 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\aswScan.dll (4)
16:07:54 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\aswScan.dll
16:07:54 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\exts.dll (4)
16:07:54 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\exts.dll
16:07:54 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\fwAux.dll (4)
16:07:54 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\fwAux.dll
16:07:54 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\swhealthex.dll (4)
16:07:54 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\swhealthex.dll
16:07:54 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\uiext.dll (4)
16:07:54 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\uiext.dll
16:07:54 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\list_d.txt (2)
16:07:54 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\list_d.txt
16:07:54 min/pkg vps: ExtractFilesFromPackage(vps_win32-bc0.vpx) returned 0x00000000
16:07:54 min/pkg vps: OpenPackage(C:\Program Files\AVAST Software\Avast\Setup\vps_32-bad.vpx) returned 0x00000000, files: 51
16:07:54 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\whitelist.db (2)
16:07:54 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\whitelist.db
16:07:54 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_as.dat (2)
16:07:54 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_as.dat
16:07:54 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_bhv.dat (2)
16:07:54 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_bhv.dat
16:07:54 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_dex.dat (2)
16:07:54 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_dex.dat
16:07:54 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_dsql.dat (2)
16:07:54 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_dsql.dat
16:07:54 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_dyna.dat (2)
16:07:54 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_dyna.dat
16:07:54 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_el.dat (2)
16:07:54 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_el.dat
16:07:54 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_elf.dat (2)
16:07:54 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_elf.dat
16:07:54 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_elfa.dat (2)
16:07:54 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_elfa.dat
16:07:54 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_evope.dat (2)
16:07:55 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_evope.dat
16:07:55 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_java.dat (2)
16:07:55 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_java.dat
16:07:55 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_js.dat (2)
16:07:55 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_js.dat
16:07:55 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_mx4.dat (2)
16:07:55 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_mx4.dat
16:07:55 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_mx95.dat (2)
16:07:55 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_mx95.dat
16:07:55 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_o7.dat (2)
16:07:55 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_o7.dat
16:07:55 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_ob2.dat (2)
16:07:55 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_ob2.dat
16:07:55 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_pe2.dat (2)
16:08:01 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_pe2.dat
16:08:01 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_pe3.dat (2)
16:08:05 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_pe3.dat
16:08:05 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_sc.dat (2)
16:08:06 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_sc.dat
16:08:06 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_swf.dat (2)
16:08:06 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_swf.dat
16:08:06 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_tx.dat (2)
16:08:06 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_tx.dat
16:08:06 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_u.dat (2)
16:08:08 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_u.dat
16:08:08 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_w6.dat (2)
16:08:08 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_w6.dat
16:08:08 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_wh2.dat (2)
16:08:08 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_wh2.dat
16:08:08 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\fnames_5.dat (2)
16:08:08 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\fnames_5.dat
16:08:08 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\pclassif.dat (2)
16:08:09 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\pclassif.dat
16:08:09 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\snxclass.dat (2)
16:08:09 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\snxclass.dat
16:08:09 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\algo.dll (4)
16:08:09 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\algo.dll
16:08:09 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\def.ini (2)
16:08:09 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\def.ini
16:08:09 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\certs.map (2)
16:08:09 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\certs.map
16:08:09 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_bhv.map (20000)
16:08:09 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_bhv.map
16:08:09 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_dex.map (20000)
16:08:09 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_dex.map
16:08:09 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_dsql.map (20000)
16:08:09 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_dsql.map
16:08:09 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_dyna.map (20000)
16:08:09 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_dyna.map
16:08:09 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_elf.map (20000)
16:08:09 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_elf.map
16:08:09 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_elfa.map (20000)
16:08:09 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_elfa.map
16:08:09 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_java.map (20000)
16:08:09 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_java.map
16:08:09 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_js.map (20000)
16:08:09 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_js.map
16:08:09 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_mx4.map (20000)
16:08:09 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_mx4.map
16:08:09 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_mx95.map (20000)
16:08:09 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_mx95.map
16:08:09 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_o7.map (20000)
16:08:09 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_o7.map
16:08:09 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_swf.map (20000)
16:08:09 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_swf.map
16:08:09 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_w6.map (20000)
16:08:10 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_w6.map
16:08:10 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\db_xtn.map (20000)
16:08:10 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\db_xtn.map
16:08:10 min/pkg vps: going to extract C:\Program Files\AVAST Software\Avast\defs\13090200\list_i.txt (2)
16:08:10 min/pkg extracted file C:\Program Files\AVAST Software\Avast\defs\13090200\list_i.txt
16:08:10 min/pkg vps: preparePool C:\Program Files\AVAST Software\Avast\defs\13090200\l_idx.map, ok
16:08:10 min/pkg vps: preparePool C:\Program Files\AVAST Software\Avast\defs\13090200\s_idx.map, ok
16:08:10 min/pkg vps: preparePool C:\Program Files\AVAST Software\Avast\defs\13090200\sl_idx.map, ok
16:08:12 min/pkg vps: Create file C:\Program Files\AVAST Software\Avast\defs\13090200\lshe3.map, ok
16:08:12 min/pkg vps: Create file C:\Program Files\AVAST Software\Avast\defs\13090200\acshort.map, ok
16:08:12 min/pkg vps: event 0x0004002A set
16:08:14 min/sys Offer GUI DLL not loaded but "installOffer" function executed.
16:08:14 vrb/gen Offer installed, 0xFFFFFFFF
16:08:14 nrm/pkg Transferred: files 0, bytes 0, time 0 ms
16:08:14 nrm/pkg Retries: total 0, files 0, servers 0
16:08:14 vrb/fil NeedReboot=false
16:08:14 vrb/sys Executing:AvastEmUpdate.exe /updater
16:08:14 vrb/sys Executed:AvastEmUpdate.exe /updater
16:08:14 min/gen Return code: 0x20000000 [Something done]
16:08:14 min/gen Stopped: 02.09.2013, 16:08:14


17:28:20 min/gen Started: 02.09.2013, 17:28:20
17:28:20 vrb/gen Operation set to INST_OP_UNKNOWN
17:28:20 min/gen Old version: 5d1 (1489)
17:28:21 min/gen Cmdline: /checkupdate /verysilent
17:28:21 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
17:28:21 min/gen Running SETUP_AIS-5d1 (1489)
17:28:21 nrm/sys Operating system: Windows Vista ver 6.0, build 6002, sp 2.0 [Service Pack 2]
17:28:21 nrm/sys Memory: 56% load. Phys:888688/2057864K free, Page:2461504/4194303K free, Virt:2036504/2097024K free
17:28:21 vrb/sys Computer WinName: JULS-PC
17:28:21 min/sys Windows Net User: NT-AUTORITÄT\SYSTEM
17:28:21 vrb/gen DldSrc set to inet
17:28:21 vrb/gen Operation set to INST_OP_CHECK_UPDATE
17:28:21 min/gen Old version: 5d1 (1489)
17:28:25 vrb/reg Deleted registry: Software\AVAST Software\Avast\UpdateReady
17:28:25 nrm/sys Using temp: C:\Windows\TEMP\_asw_aisI.tm~a03932 (76832M free)
17:28:25 nrm/gen SGW32AIS::CheckIfInstalled set m_bAlreadyInstalled and m_bIsOldVersionDetected to 1
17:28:25 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
17:28:25 vrb/sys Computer DnsName: Juls-PC
17:28:25 vrb/sys Computer Ip Addr: 192.168.178.28
17:28:25 nrm/sys Installed in: C:\Program Files\AVAST Software\Avast (76832M free)
17:28:25 vrb/gen LoadState: Edition=1
17:28:25 nrm/int SYNCER: Type: use IE settings
17:28:25 nrm/int SYNCER: Auth: another authentication, use WinInet
17:28:25 vrb/pkg Part prg_ais-5d1 is installed
17:28:25 vrb/pkg Part vps_win32-13090200 is installed
17:28:25 vrb/pkg Part setup_ais-5d1 is installed
17:28:25 vrb/pkg Part jrog-a7 is installed
17:28:25 vrb/pkg Part jrog2-889 is installed
17:28:25 vrb/sys Debug: Windows Server registry key not retrieved.
17:28:25 min/gen Old version: 5d1 (1489)
17:28:25 vrb/sys Debug: Windows Server registry key not retrieved.
17:29:24 vrb/fil SetExistingFilesBitmap: 1305->609->608
17:29:24 min/gen GUID: a8995f92-5bed-40b0-9d6e-842d808da8dc
17:29:24 nrm/gen Server definition(s) loaded for 'main': 113 (maintenance:0)
17:29:24 nrm/gen SelectCurrent: selected server 'Download404 AVAST5 Server' from 'main'
17:29:24 nrm/int SYNCER: Type: use IE settings
17:29:24 nrm/int SYNCER: Auth: another authentication, use WinInet
17:29:24 vrb/sys Debug: Windows Server registry key not retrieved.
17:29:26 nrm/int Used server: hxxp://download404.avast.com/iavs5x
17:29:26 min/fil GetFileWithRetry: servers.def.vpx downloaded .
17:29:26 min/fil servers.def.vpx not changed, 1378118539
17:29:26 nrm/gen Server definition(s) loaded for 'main': 113 (maintenance:0)
17:29:26 nrm/gen SelectCurrent: selected server 'Download343 AVAST5 Server' from 'main'
17:29:26 nrm/int SYNCER: Type: use IE settings
17:29:26 nrm/int SYNCER: Auth: another authentication, use WinInet
17:29:26 nrm/int Used server: hxxp://download343.avast.com/iavs5x
17:29:26 min/fil GetFileWithRetry: prod-ais.vpx downloaded .
17:29:26 min/fil prod-ais.vpx not changed, 1378120826
17:29:26 vrb/pkg LoadPartInfo: jrog = jrog-a7 returned 00000000
17:29:26 vrb/pkg LoadPartInfo: jrog2 = jrog2-889 returned 00000000
17:29:26 vrb/pkg LoadPartInfo: program = prg_ais-5d9 returned 00000000
17:29:26 vrb/pkg LoadPartInfo: setup = setup_ais-5d9 returned 00000000
17:29:26 vrb/pkg LoadPartInfo: vps = vps_win32-13090200 returned 00000000
17:29:26 vrb/reg Set registry: Software\AVAST Software\Avast\DataFolder=C:\ProgramData\AVAST Software\Avast
17:29:26 vrb/reg Set registry: Software\AVAST Software\Avast\Version=8.0
17:29:26 vrb/reg Set registry: Software\AVAST Software\Avast\VersionShort=8.0
17:29:26 vrb/reg Set registry: Software\AVAST Software\Avast\SetupVersion=1489
17:29:26 vrb/reg Set registry: Software\AVAST Software\Avast\ProgramFolder=C:\Program Files\AVAST Software\Avast
17:29:26 vrb/reg Set registry: Software\AVAST Software\Avast\Product=ais
17:29:26 nrm/pkg Transferred: files 2, bytes 0, time 1622 ms
17:29:26 nrm/pkg Retries: total 0, files 0, servers 2
17:29:26 vrb/fil NeedReboot=false
17:29:26 min/gen Return code: 0x20000000 [Something done]
17:29:26 min/gen Stopped: 02.09.2013, 17:29:26


17:34:11 min/gen Started: 02.09.2013, 17:34:11
17:34:11 vrb/gen Operation set to INST_OP_UNKNOWN
17:34:11 min/gen Old version: 5d1 (1489)
17:34:11 min/gen Cmdline: /downloadpkgs /noreboot /updatevps /verysilent /session "0" /limitcpu
17:34:11 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
17:34:11 min/gen Running SETUP_AIS-5d1 (1489)
17:34:11 nrm/sys Operating system: Windows Vista ver 6.0, build 6002, sp 2.0 [Service Pack 2]
17:34:11 nrm/sys Memory: 56% load. Phys:893416/2057864K free, Page:2447632/4194303K free, Virt:2036504/2097024K free
17:34:11 vrb/sys Computer WinName: JULS-PC
17:34:11 min/sys Windows Net User: NT-AUTORITÄT\SYSTEM
17:34:11 vrb/gen DldSrc set to inet
17:34:11 vrb/gen Operation set to INST_OP_UPDATE_GET_PACKAGES
17:34:11 min/gen Old version: 5d1 (1489)
17:34:11 vrb/reg Deleted registry: Software\AVAST Software\Avast\UpdateReady
17:34:11 nrm/sys Using temp: C:\Windows\TEMP\_asw_aisI.tm~a04740 (76831M free)
17:34:11 nrm/gen SGW32AIS::CheckIfInstalled set m_bAlreadyInstalled and m_bIsOldVersionDetected to 1
17:34:11 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
17:34:11 vrb/sys Computer DnsName: Juls-PC
17:34:11 vrb/sys Computer Ip Addr: 192.168.178.28
17:34:11 nrm/sys Installed in: C:\Program Files\AVAST Software\Avast (76831M free)
17:34:11 vrb/gen LoadState: Edition=1
17:34:11 nrm/int SYNCER: Type: use IE settings
17:34:11 nrm/int SYNCER: Auth: another authentication, use WinInet
17:34:11 vrb/pkg Part prg_ais-5d1 is installed
17:34:11 vrb/pkg Part vps_win32-13090200 is installed
17:34:11 vrb/pkg Part setup_ais-5d1 is installed
17:34:11 vrb/pkg Part jrog-a7 is installed
17:34:11 vrb/pkg Part jrog2-889 is installed
17:34:11 vrb/sys Debug: Windows Server registry key not retrieved.
17:34:11 min/gen Old version: 5d1 (1489)
17:34:11 vrb/sys Debug: Windows Server registry key not retrieved.
17:34:11 vrb/fil skipped CPackageEngine_File::SetExistingFilesBitmap
17:34:11 min/gen GUID: a8995f92-5bed-40b0-9d6e-842d808da8dc
17:34:11 nrm/gen Server definition(s) loaded for 'main': 113 (maintenance:0)
17:34:11 nrm/gen SelectCurrent: selected server 'Download988 AVAST5 Server' from 'main'
17:34:11 nrm/int SYNCER: Type: use IE settings
17:34:11 nrm/int SYNCER: Auth: another authentication, use WinInet
17:34:11 vrb/sys Debug: Windows Server registry key not retrieved.
17:34:11 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
17:34:13 nrm/int Used server: hxxp://download988.avast.com/iavs5x
17:34:13 min/fil GetFileWithRetry: servers.def.vpx downloaded .
17:34:13 min/fil servers.def.vpx not changed, 1378118539
17:34:13 nrm/gen Server definition(s) loaded for 'main': 113 (maintenance:0)
17:34:13 nrm/gen SelectCurrent: selected server 'Download404 AVAST5 Server' from 'main'
17:34:13 nrm/int SYNCER: Type: use IE settings
17:34:13 nrm/int SYNCER: Auth: another authentication, use WinInet
17:34:13 nrm/int Used server: hxxp://download404.avast.com/iavs5x
17:34:13 min/fil GetFileWithRetry: prod-ais.vpx downloaded .
17:34:13 min/fil prod-ais.vpx not changed, 1378120826
17:34:13 vrb/pkg LoadPartInfo: jrog = jrog-a7 returned 00000000
17:34:13 vrb/pkg LoadPartInfo: jrog2 = jrog2-889 returned 00000000
17:34:13 vrb/pkg LoadPartInfo: program = prg_ais-5d9 returned 00000000
17:34:13 vrb/pkg LoadPartInfo: setup = setup_ais-5d9 returned 00000000
17:34:13 vrb/pkg LoadPartInfo: vps = vps_win32-13090200 returned 00000000
17:34:13 vrb/pkg Part vps_win32-13090200 was set to be installed
17:34:13 vrb/pkg Part jrog2-889 was set to be installed
17:34:58 nrm/gen SelectCurrent: selected server 'Download120 AVAST5 Server' from 'main'
17:34:58 nrm/int SYNCER: Type: use IE settings
17:34:58 nrm/int SYNCER: Auth: another authentication, use WinInet
17:35:22 min/int file C:\ProgramData\AVAST Software\Avast\spool\suspic\{73D73487-D8EC-409B-9ED8-176E1EB6F8DD}.suspic submitted (D4B0C0A4A8CC6C257AED34D16D39DD3C2D3539ED67FD4BADD40AEF16C1591715)
17:35:25 min/int submit POST(hxxp://submit5.avast.com/cgi-bin/submit50.cgi?id=D4B0C0A4A8CC6C257AED34D16D39DD3C2D3539ED67FD4BADD40AEF16C1591715;vps=13090200;virus=OLE:ScriptBridge-inf [Trj];type=heur;full;len=00000405) returned 0x00000000, server reply 206
17:35:25 min/int delete sample C:\ProgramData\AVAST Software\Avast\spool\suspic\{73D73487-D8EC-409B-9ED8-176E1EB6F8DD}.suspic
17:35:25 nrm/pkg Submit: files 2, bytes 2049, time 26613 ms
17:35:25 nrm/pkg Submit success: files 1, bytes 1020, time 23821 ms
17:35:25 nrm/pkg Transferred: files 2, bytes 0, time 1576 ms
17:35:25 nrm/pkg Retries: total 0, files 0, servers 3
17:35:25 vrb/fil NeedReboot=false
17:35:25 min/gen Return code: 0x20000001 [Nothing done]
17:35:25 min/gen Stopped: 02.09.2013, 17:35:25


17:56:51 min/gen Started: 02.09.2013, 17:56:51
17:56:51 vrb/gen Operation set to INST_OP_UNKNOWN
17:56:51 min/gen Old version: 5d1 (1489)
17:56:51 min/gen Cmdline: /checkupdate /verysilent
17:56:51 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
17:56:51 min/gen Running SETUP_AIS-5d1 (1489)
17:56:51 nrm/sys Operating system: Windows Vista ver 6.0, build 6002, sp 2.0 [Service Pack 2]
17:56:51 nrm/sys Memory: 50% load. Phys:1026472/2057864K free, Page:3422616/4194303K free, Virt:2026316/2097024K free
17:56:51 vrb/sys Computer WinName: JULS-PC
17:56:51 min/sys Windows Net User: NT-AUTORITÄT\SYSTEM
17:56:51 vrb/gen DldSrc set to inet
17:56:51 vrb/gen Operation set to INST_OP_CHECK_UPDATE
17:56:51 min/gen Old version: 5d1 (1489)
17:56:51 vrb/reg Deleted registry: Software\AVAST Software\Avast\UpdateReady
17:56:52 nrm/sys Using temp: C:\Windows\TEMP\_asw_aisI.tm~a01456 (76669M free)
17:56:52 nrm/gen SGW32AIS::CheckIfInstalled set m_bAlreadyInstalled and m_bIsOldVersionDetected to 1
17:56:52 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
17:56:52 vrb/sys Computer DnsName: Juls-PC
17:56:52 vrb/sys Computer Ip Addr: 192.168.178.28
17:56:52 nrm/sys Installed in: C:\Program Files\AVAST Software\Avast (76669M free)
17:56:52 vrb/gen LoadState: Edition=1
17:56:52 nrm/int SYNCER: Type: use IE settings
17:56:52 nrm/int SYNCER: Auth: another authentication, use WinInet
17:56:52 vrb/pkg Part prg_ais-5d1 is installed
17:56:52 vrb/pkg Part vps_win32-13090200 is installed
17:56:52 vrb/pkg Part setup_ais-5d1 is installed
17:56:52 vrb/pkg Part jrog-a7 is installed
17:56:52 vrb/pkg Part jrog2-889 is installed
17:56:52 vrb/sys Debug: Windows Server registry key not retrieved.
17:56:52 min/gen Old version: 5d1 (1489)
17:56:52 vrb/sys Debug: Windows Server registry key not retrieved.
17:57:24 vrb/fil SetExistingFilesBitmap: 1305->609->608
17:57:24 min/gen GUID: a8995f92-5bed-40b0-9d6e-842d808da8dc
17:57:24 nrm/gen Server definition(s) loaded for 'main': 113 (maintenance:0)
17:57:24 nrm/gen SelectCurrent: selected server 'Download405 AVAST5 Server' from 'main'
17:57:24 nrm/int SYNCER: Type: use IE settings
17:57:24 nrm/int SYNCER: Auth: another authentication, use WinInet
17:57:24 vrb/sys Debug: Windows Server registry key not retrieved.
17:57:55 nrm/int ERROR:HttpGetWininet, catch returned 0x00002EE2 (12002)
17:58:27 nrm/int Used server: hxxp://download405.avast.com/iavs5x
17:58:27 min/fil GetFileWithRetry: servers.def.vpx downloaded .
17:58:27 min/fil servers.def.vpx not changed, 1378118539
17:58:27 nrm/gen Server definition(s) loaded for 'main': 113 (maintenance:0)
17:58:27 nrm/gen SelectCurrent: selected server 'Download410 AVAST5 Server' from 'main'
17:58:27 nrm/int SYNCER: Type: use IE settings
17:58:27 nrm/int SYNCER: Auth: another authentication, use WinInet
17:58:28 nrm/int Used server: hxxp://download410.avast.com/iavs5x
17:58:28 min/fil GetFileWithRetry: prod-ais.vpx downloaded .
17:58:28 min/fil prod-ais.vpx not changed, 1378120826
17:58:28 vrb/pkg LoadPartInfo: jrog = jrog-a7 returned 00000000
17:58:28 vrb/pkg LoadPartInfo: jrog2 = jrog2-889 returned 00000000
17:58:28 vrb/pkg LoadPartInfo: program = prg_ais-5d9 returned 00000000
17:58:28 vrb/pkg LoadPartInfo: setup = setup_ais-5d9 returned 00000000
17:58:28 vrb/pkg LoadPartInfo: vps = vps_win32-13090200 returned 00000000
17:58:28 vrb/reg Set registry: Software\AVAST Software\Avast\DataFolder=C:\ProgramData\AVAST Software\Avast
17:58:28 vrb/reg Set registry: Software\AVAST Software\Avast\Version=8.0
17:58:28 vrb/reg Set registry: Software\AVAST Software\Avast\VersionShort=8.0
17:58:28 vrb/reg Set registry: Software\AVAST Software\Avast\SetupVersion=1489
17:58:28 vrb/reg Set registry: Software\AVAST Software\Avast\ProgramFolder=C:\Program Files\AVAST Software\Avast
17:58:28 vrb/reg Set registry: Software\AVAST Software\Avast\Product=ais
17:58:28 nrm/pkg Transferred: files 2, bytes 0, time 63788 ms
17:58:28 nrm/pkg Retries: total 0, files 0, servers 2
17:58:28 vrb/fil NeedReboot=false
17:58:28 min/gen Return code: 0x20000000 [Something done]
17:58:28 min/gen Stopped: 02.09.2013, 17:58:28


19:57:59 min/gen Started: 02.09.2013, 19:57:59
19:57:59 vrb/gen Operation set to INST_OP_UNKNOWN
19:57:59 min/gen Old version: 5d1 (1489)
19:57:59 min/gen Cmdline: /checkupdate /verysilent
19:57:59 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
19:57:59 min/gen Running SETUP_AIS-5d1 (1489)
19:57:59 nrm/sys Operating system: Windows Vista ver 6.0, build 6002, sp 2.0 [Service Pack 2]
19:57:59 nrm/sys Memory: 32% load. Phys:1395868/2057864K free, Page:3801484/4194303K free, Virt:2026316/2097024K free
19:57:59 vrb/sys Computer WinName: JULS-PC
19:57:59 min/sys Windows Net User: NT-AUTORITÄT\SYSTEM
19:57:59 vrb/gen DldSrc set to inet
19:57:59 vrb/gen Operation set to INST_OP_CHECK_UPDATE
19:57:59 min/gen Old version: 5d1 (1489)
19:57:59 vrb/reg Deleted registry: Software\AVAST Software\Avast\UpdateReady
19:57:59 nrm/sys Using temp: C:\Windows\TEMP\_asw_aisI.tm~a01596 (76712M free)
19:57:59 nrm/gen SGW32AIS::CheckIfInstalled set m_bAlreadyInstalled and m_bIsOldVersionDetected to 1
19:57:59 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
19:57:59 vrb/sys Computer DnsName: Juls-PC
19:57:59 vrb/sys Computer Ip Addr: 192.168.178.28
19:57:59 nrm/sys Installed in: C:\Program Files\AVAST Software\Avast (76712M free)
19:57:59 vrb/gen LoadState: Edition=1
19:57:59 nrm/int SYNCER: Type: use IE settings
19:57:59 nrm/int SYNCER: Auth: another authentication, use WinInet
19:58:00 vrb/pkg Part prg_ais-5d1 is installed
19:58:00 vrb/pkg Part vps_win32-13090200 is installed
19:58:00 vrb/pkg Part setup_ais-5d1 is installed
19:58:00 vrb/pkg Part jrog-a7 is installed
19:58:01 vrb/pkg Part jrog2-889 is installed
19:58:01 vrb/sys Debug: Windows Server registry key not retrieved.
19:58:01 min/gen Old version: 5d1 (1489)
19:58:01 vrb/sys Debug: Windows Server registry key not retrieved.
19:58:13 vrb/fil SetExistingFilesBitmap: 1305->609->608
19:58:13 min/gen GUID: a8995f92-5bed-40b0-9d6e-842d808da8dc
19:58:13 nrm/gen Server definition(s) loaded for 'main': 113 (maintenance:0)
19:58:13 nrm/gen SelectCurrent: selected server 'Download402 AVAST5 Server' from 'main'
19:58:13 nrm/int SYNCER: Type: use IE settings
19:58:13 nrm/int SYNCER: Auth: another authentication, use WinInet
19:58:13 vrb/sys Debug: Windows Server registry key not retrieved.
19:58:13 nrm/int Used server: hxxp://download402.avast.com/iavs5x
19:58:13 min/fil GetFileWithRetry: servers.def.vpx downloaded .
19:58:13 min/fil servers.def.vpx not changed, 1378118539
19:58:13 nrm/gen Server definition(s) loaded for 'main': 113 (maintenance:0)
19:58:13 nrm/gen SelectCurrent: selected server 'Download312 AVAST5 Server' from 'main'
19:58:13 nrm/int SYNCER: Type: use IE settings
19:58:13 nrm/int SYNCER: Auth: another authentication, use WinInet
19:58:14 nrm/int Used server: hxxp://download312.avast.com/iavs5x
19:58:14 min/fil GetFileWithRetry: prod-ais.vpx downloaded .
19:58:14 min/fil prod-ais.vpx not changed, 1378120826
19:58:14 vrb/pkg LoadPartInfo: jrog = jrog-a7 returned 00000000
19:58:14 vrb/pkg LoadPartInfo: jrog2 = jrog2-889 returned 00000000
19:58:14 vrb/pkg LoadPartInfo: program = prg_ais-5d9 returned 00000000
19:58:14 vrb/pkg LoadPartInfo: setup = setup_ais-5d9 returned 00000000
19:58:14 vrb/pkg LoadPartInfo: vps = vps_win32-13090200 returned 00000000
19:58:14 vrb/reg Set registry: Software\AVAST Software\Avast\DataFolder=C:\ProgramData\AVAST Software\Avast
19:58:14 vrb/reg Set registry: Software\AVAST Software\Avast\Version=8.0
19:58:14 vrb/reg Set registry: Software\AVAST Software\Avast\VersionShort=8.0
19:58:14 vrb/reg Set registry: Software\AVAST Software\Avast\SetupVersion=1489
19:58:14 vrb/reg Set registry: Software\AVAST Software\Avast\ProgramFolder=C:\Program Files\AVAST Software\Avast
19:58:14 vrb/reg Set registry: Software\AVAST Software\Avast\Product=ais
19:58:14 nrm/pkg Transferred: files 2, bytes 0, time 1092 ms
19:58:14 nrm/pkg Retries: total 0, files 0, servers 2
19:58:14 vrb/fil NeedReboot=false
19:58:14 min/gen Return code: 0x20000000 [Something done]
19:58:14 min/gen Stopped: 02.09.2013, 19:58:14


20:30:09 min/gen Started: 02.09.2013, 20:30:09
20:30:09 vrb/gen Operation set to INST_OP_UNKNOWN
20:30:09 min/gen Old version: 5d1 (1489)
20:30:09 min/gen Cmdline: /checkupdate /verysilent
20:30:09 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
20:30:09 min/gen Running SETUP_AIS-5d1 (1489)
20:30:09 nrm/sys Operating system: Windows Vista ver 6.0, build 6002, sp 2.0 [Service Pack 2]
20:30:09 nrm/sys Memory: 51% load. Phys:1008012/2057864K free, Page:3413560/4194303K free, Virt:2026316/2097024K free
20:30:09 vrb/sys Computer WinName: JULS-PC
20:30:09 min/sys Windows Net User: NT-AUTORITÄT\SYSTEM
20:30:09 vrb/gen DldSrc set to inet
20:30:09 vrb/gen Operation set to INST_OP_CHECK_UPDATE
20:30:09 min/gen Old version: 5d1 (1489)
20:30:09 vrb/reg Deleted registry: Software\AVAST Software\Avast\UpdateReady
20:30:09 nrm/sys Using temp: C:\Windows\TEMP\_asw_aisI.tm~a01300 (76637M free)
20:30:09 nrm/gen SGW32AIS::CheckIfInstalled set m_bAlreadyInstalled and m_bIsOldVersionDetected to 1
20:30:09 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
20:30:09 vrb/sys Computer DnsName: Juls-PC
20:30:09 vrb/sys Computer Ip Addr: 192.168.178.28
20:30:09 nrm/sys Installed in: C:\Program Files\AVAST Software\Avast (76637M free)
20:30:09 vrb/gen LoadState: Edition=1
20:30:09 nrm/int SYNCER: Type: use IE settings
20:30:09 nrm/int SYNCER: Auth: another authentication, use WinInet
20:30:09 vrb/pkg Part prg_ais-5d1 is installed
20:30:09 vrb/pkg Part vps_win32-13090200 is installed
20:30:09 vrb/pkg Part setup_ais-5d1 is installed
20:30:09 vrb/pkg Part jrog-a7 is installed
20:30:09 vrb/pkg Part jrog2-889 is installed
20:30:09 vrb/sys Debug: Windows Server registry key not retrieved.
20:30:09 min/gen Old version: 5d1 (1489)
20:30:09 vrb/sys Debug: Windows Server registry key not retrieved.
20:30:17 vrb/fil SetExistingFilesBitmap: 1305->609->608
20:30:17 min/gen GUID: a8995f92-5bed-40b0-9d6e-842d808da8dc
20:30:17 nrm/gen Server definition(s) loaded for 'main': 113 (maintenance:0)
20:30:17 nrm/gen SelectCurrent: selected server 'Download369 AVAST5 Server' from 'main'
20:30:17 nrm/int SYNCER: Type: use IE settings
20:30:17 nrm/int SYNCER: Auth: another authentication, use WinInet
20:30:17 vrb/sys Debug: Windows Server registry key not retrieved.
20:30:18 nrm/int Used server: hxxp://download369.avast.com/iavs5x
20:30:18 min/fil GetFileWithRetry: servers.def.vpx downloaded .
20:30:18 min/fil servers.def.vpx not changed, 1378118539
20:30:18 nrm/gen Server definition(s) loaded for 'main': 113 (maintenance:0)
20:30:18 nrm/gen SelectCurrent: selected server 'Download407 AVAST5 Server' from 'main'
20:30:18 nrm/int SYNCER: Type: use IE settings
20:30:18 nrm/int SYNCER: Auth: another authentication, use WinInet
20:30:19 nrm/int Used server: hxxp://download407.avast.com/iavs5x
20:30:19 min/fil GetFileWithRetry: prod-ais.vpx downloaded .
20:30:19 min/fil prod-ais.vpx not changed, 1378120826
20:30:19 vrb/pkg LoadPartInfo: jrog = jrog-a7 returned 00000000
20:30:19 vrb/pkg LoadPartInfo: jrog2 = jrog2-889 returned 00000000
20:30:19 vrb/pkg LoadPartInfo: program = prg_ais-5d9 returned 00000000
20:30:19 vrb/pkg LoadPartInfo: setup = setup_ais-5d9 returned 00000000
20:30:19 vrb/pkg LoadPartInfo: vps = vps_win32-13090200 returned 00000000
20:30:19 vrb/reg Set registry: Software\AVAST Software\Avast\DataFolder=C:\ProgramData\AVAST Software\Avast
20:30:19 vrb/reg Set registry: Software\AVAST Software\Avast\Version=8.0
20:30:19 vrb/reg Set registry: Software\AVAST Software\Avast\VersionShort=8.0
20:30:19 vrb/reg Set registry: Software\AVAST Software\Avast\SetupVersion=1489
20:30:19 vrb/reg Set registry: Software\AVAST Software\Avast\ProgramFolder=C:\Program Files\AVAST Software\Avast
20:30:19 vrb/reg Set registry: Software\AVAST Software\Avast\Product=ais
20:30:19 nrm/pkg Transferred: files 2, bytes 0, time 1325 ms
20:30:19 nrm/pkg Retries: total 0, files 0, servers 2
20:30:19 vrb/fil NeedReboot=false
20:30:19 min/gen Return code: 0x20000000 [Something done]
20:30:19 min/gen Stopped: 02.09.2013, 20:30:19


20:59:30 min/gen Started: 02.09.2013, 20:59:30
20:59:30 vrb/gen Operation set to INST_OP_UNKNOWN
20:59:30 min/gen Old version: 5d1 (1489)
20:59:30 min/gen Cmdline: /checkupdate /verysilent
20:59:30 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
20:59:30 min/gen Running SETUP_AIS-5d1 (1489)
20:59:30 nrm/sys Operating system: Windows Vista ver 6.0, build 6002, sp 2.0 [Service Pack 2]
20:59:30 nrm/sys Memory: 52% load. Phys:985904/2057864K free, Page:3393176/4194303K free, Virt:2026316/2097024K free
20:59:30 vrb/sys Computer WinName: JULS-PC
20:59:30 min/sys Windows Net User: NT-AUTORITÄT\SYSTEM
20:59:30 vrb/gen DldSrc set to inet
20:59:30 vrb/gen Operation set to INST_OP_CHECK_UPDATE
20:59:30 min/gen Old version: 5d1 (1489)
20:59:30 vrb/reg Deleted registry: Software\AVAST Software\Avast\UpdateReady
20:59:30 nrm/sys Using temp: C:\Windows\TEMP\_asw_aisI.tm~a01832 (76322M free)
20:59:30 nrm/gen SGW32AIS::CheckIfInstalled set m_bAlreadyInstalled and m_bIsOldVersionDetected to 1
20:59:30 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
20:59:30 vrb/sys Computer DnsName: Juls-PC
20:59:30 vrb/sys Computer Ip Addr: 192.168.178.28
20:59:30 nrm/sys Installed in: C:\Program Files\AVAST Software\Avast (76322M free)
20:59:30 vrb/gen LoadState: Edition=1
20:59:31 nrm/int SYNCER: Type: use IE settings
20:59:31 nrm/int SYNCER: Auth: another authentication, use WinInet
20:59:31 vrb/pkg Part prg_ais-5d1 is installed
20:59:31 vrb/pkg Part vps_win32-13090200 is installed
20:59:31 vrb/pkg Part setup_ais-5d1 is installed
20:59:31 vrb/pkg Part jrog-a7 is installed
20:59:31 vrb/pkg Part jrog2-889 is installed
20:59:31 vrb/sys Debug: Windows Server registry key not retrieved.
20:59:31 min/gen Old version: 5d1 (1489)
20:59:31 vrb/sys Debug: Windows Server registry key not retrieved.
20:59:37 vrb/fil SetExistingFilesBitmap: 1305->609->608
20:59:37 min/gen GUID: a8995f92-5bed-40b0-9d6e-842d808da8dc
20:59:37 nrm/gen Server definition(s) loaded for 'main': 113 (maintenance:0)
20:59:37 nrm/gen SelectCurrent: selected server 'Download410 AVAST5 Server' from 'main'
20:59:37 nrm/int SYNCER: Type: use IE settings
20:59:37 nrm/int SYNCER: Auth: another authentication, use WinInet
20:59:37 vrb/sys Debug: Windows Server registry key not retrieved.
20:59:38 nrm/int Used server: hxxp://download410.avast.com/iavs5x
20:59:38 min/fil GetFileWithRetry: servers.def.vpx downloaded .
20:59:38 min/fil servers.def.vpx not changed, 1378118539
20:59:38 nrm/gen Server definition(s) loaded for 'main': 113 (maintenance:0)
20:59:38 nrm/gen SelectCurrent: selected server 'Download404 AVAST5 Server' from 'main'
20:59:38 nrm/int SYNCER: Type: use IE settings
20:59:38 nrm/int SYNCER: Auth: another authentication, use WinInet
20:59:38 nrm/int Used server: hxxp://download404.avast.com/iavs5x
20:59:38 min/fil GetFileWithRetry: prod-ais.vpx downloaded .
20:59:38 min/fil prod-ais.vpx not changed, 1378120826
20:59:38 vrb/pkg LoadPartInfo: jrog = jrog-a7 returned 00000000
20:59:38 vrb/pkg LoadPartInfo: jrog2 = jrog2-889 returned 00000000
20:59:38 vrb/pkg LoadPartInfo: program = prg_ais-5d9 returned 00000000
20:59:38 vrb/pkg LoadPartInfo: setup = setup_ais-5d9 returned 00000000
20:59:38 vrb/pkg LoadPartInfo: vps = vps_win32-13090200 returned 00000000
20:59:38 vrb/reg Set registry: Software\AVAST Software\Avast\DataFolder=C:\ProgramData\AVAST Software\Avast
20:59:38 vrb/reg Set registry: Software\AVAST Software\Avast\Version=8.0
20:59:38 vrb/reg Set registry: Software\AVAST Software\Avast\VersionShort=8.0
20:59:38 vrb/reg Set registry: Software\AVAST Software\Avast\SetupVersion=1489
20:59:38 vrb/reg Set registry: Software\AVAST Software\Avast\ProgramFolder=C:\Program Files\AVAST Software\Avast
20:59:38 vrb/reg Set registry: Software\AVAST Software\Avast\Product=ais
20:59:38 nrm/pkg Transferred: files 2, bytes 0, time 1280 ms
20:59:38 nrm/pkg Retries: total 0, files 0, servers 2
20:59:38 vrb/fil NeedReboot=false
20:59:38 min/gen Return code: 0x20000000 [Something done]
20:59:38 min/gen Stopped: 02.09.2013, 20:59:38


22:00:48 min/gen Started: 02.09.2013, 22:00:48
22:00:48 vrb/gen Operation set to INST_OP_UNKNOWN
22:00:48 min/gen Old version: 5d1 (1489)
22:00:48 min/gen Cmdline: /checkupdate /verysilent
22:00:48 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
22:00:48 min/gen Running SETUP_AIS-5d1 (1489)
22:00:48 nrm/sys Operating system: Windows Vista ver 6.0, build 6002, sp 2.0 [Service Pack 2]
22:00:48 nrm/sys Memory: 55% load. Phys:918336/2057864K free, Page:3290868/4194303K free, Virt:2026316/2097024K free
22:00:48 vrb/sys Computer WinName: JULS-PC
22:00:48 min/sys Windows Net User: NT-AUTORITÄT\SYSTEM
22:00:48 vrb/gen DldSrc set to inet
22:00:48 vrb/gen Operation set to INST_OP_CHECK_UPDATE
22:00:48 min/gen Old version: 5d1 (1489)
22:00:48 vrb/reg Deleted registry: Software\AVAST Software\Avast\UpdateReady
22:00:48 nrm/sys Using temp: C:\Windows\TEMP\_asw_aisI.tm~a02336 (76115M free)
22:00:48 nrm/gen SGW32AIS::CheckIfInstalled set m_bAlreadyInstalled and m_bIsOldVersionDetected to 1
22:00:48 nrm/int SYNCER: Agent=Syncer/5.00 (ais-1489;p)
22:00:48 vrb/sys Computer DnsName: Juls-PC
22:00:48 vrb/sys Computer Ip Addr: 192.168.178.28
22:00:48 nrm/sys Installed in: C:\Program Files\AVAST Software\Avast (76115M free)
22:00:48 vrb/gen LoadState: Edition=1
22:00:48 nrm/int SYNCER: Type: use IE settings
22:00:48 nrm/int SYNCER: Auth: another authentication, use WinInet
22:00:48 vrb/pkg Part prg_ais-5d1 is installed
22:00:48 vrb/pkg Part vps_win32-13090200 is installed
22:00:48 vrb/pkg Part setup_ais-5d1 is installed
22:00:48 vrb/pkg Part jrog-a7 is installed
22:00:48 vrb/pkg Part jrog2-889 is installed
22:00:48 vrb/sys Debug: Windows Server registry key not retrieved.
22:00:48 min/gen Old version: 5d1 (1489)
22:00:48 vrb/sys Debug: Windows Server registry key not retrieved.
22:00:56 vrb/fil SetExistingFilesBitmap: 1305->609->608
22:00:56 min/gen GUID: a8995f92-5bed-40b0-9d6e-842d808da8dc
22:00:56 nrm/gen Server definition(s) loaded for 'main': 113 (maintenance:0)
22:00:56 nrm/gen SelectCurrent: selected server 'Download346 AVAST5 Server' from 'main'
22:00:56 nrm/int SYNCER: Type: use IE settings
22:00:56 nrm/int SYNCER: Auth: another authentication, use WinInet
22:00:56 vrb/sys Debug: Windows Server registry key not retrieved.
22:00:57 nrm/int Used server: hxxp://download346.avast.com/iavs5x
22:00:57 min/fil GetFileWithRetry: servers.def.vpx downloaded .
22:00:57 min/fil servers.def.vpx not changed, 1378118539
22:00:57 nrm/gen Server definition(s) loaded for 'main': 113 (maintenance:0)
22:00:57 nrm/gen SelectCurrent: selected server 'Download892 AVAST5 Server' from 'main'
22:00:57 nrm/int SYNCER: Type: use IE settings
22:00:57 nrm/int SYNCER: Auth: another authentication, use WinInet
22:00:57 nrm/int Used server: hxxp://download892.avast.com/iavs5x
22:00:57 min/fil GetFileWithRetry: prod-ais.vpx downloaded .
22:00:57 min/fil prod-ais.vpx not changed, 1378120826
22:00:57 vrb/pkg LoadPartInfo: jrog = jrog-a7 returned 00000000
22:00:57 vrb/pkg LoadPartInfo: jrog2 = jrog2-889 returned 00000000
22:00:57 vrb/pkg LoadPartInfo: program = prg_ais-5d9 returned 00000000
22:00:57 vrb/pkg LoadPartInfo: setup = setup_ais-5d9 returned 00000000
22:00:57 vrb/pkg LoadPartInfo: vps = vps_win32-13090200 returned 00000000
22:00:57 vrb/reg Set registry: Software\AVAST Software\Avast\DataFolder=C:\ProgramData\AVAST Software\Avast
22:00:57 vrb/reg Set registry: Software\AVAST Software\Avast\Version=8.0
22:00:57 vrb/reg Set registry: Software\AVAST Software\Avast\VersionShort=8.0
22:00:57 vrb/reg Set registry: Software\AVAST Software\Avast\SetupVersion=1489
22:00:57 vrb/reg Set registry: Software\AVAST Software\Avast\ProgramFolder=C:\Program Files\AVAST Software\Avast
22:00:57 vrb/reg Set registry: Software\AVAST Software\Avast\Product=ais
22:00:57 nrm/pkg Transferred: files 2, bytes 0, time 640 ms
22:00:57 nrm/pkg Retries: total 0, files 0, servers 2
22:00:57 vrb/fil NeedReboot=false
22:00:57 min/gen Return code: 0x20000000 [Something done]
22:00:57 min/gen Stopped: 02.09.2013, 22:00:57

[/CODE]

Alt 04.09.2013, 08:50   #8
schrauber
/// the machine
/// TB-Ausbilder
 
VAF Player lässt sich nicht deinstallieren! - Standard

VAF Player lässt sich nicht deinstallieren!


FRST Logfile?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.09.2013, 09:19   #9
Ju_Vo
 
VAF Player lässt sich nicht deinstallieren! - Standard

VAF Player lässt sich nicht deinstallieren!


Hallo, hier nochmal die FRST Logdatei, war im Anhang nicht als ZIP Datei, deswegen habe ich es nicht nochmal eingefügt!


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-09-2013 04
Ran by Juls (administrator) on JULS-PC on 02-09-2013 21:48:19
Running from C:\Users\Juls\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\bcmwltry.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files\WinZipper\winzipersvc.exe
(Wsys Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
() C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Creative Technology Ltd.) C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
(Google Inc.) C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [200704 2008-09-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Windows\system32\WLTRAY.exe [3810304 2008-12-22] (Dell Inc.)
HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\QuickSet.exe [1662032 2008-08-27] (Dell Inc.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-05-08] (Intel Corporation)
HKLM\...\Run: [Dell Webcam Central] - C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe [446635 2008-06-03] (Creative Technology Ltd.)
HKLM\...\Run: [PDVDDXSrv] - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128296 2008-05-23] (CyberLink Corp.)
HKLM\...\Run: [dellsupportcenter] - C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-06-03] (SupportSoft, Inc.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [483420 2008-12-15] (IDT, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [X]
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Juls\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-13] (Google Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
MountPoints2: D - D:\HTC_Sync_Manager_PC.exe
MountPoints2: {0462c941-00de-11de-8a4d-806e6f6e6963} - F:\InstallNavi.exe
MountPoints2: {5f5304f5-1010-11e3-9b0c-0023ae1e7a7a} - D:\HTC_Sync_Manager_PC.exe
MountPoints2: {eb44da24-0fd4-11e3-bd4c-0023ae1e7a7a} - G:\HTC_Sync_Manager_PC.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://deutsch.eazel.com/de/index.php?rvs=hompag
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=ST9160310AS_5SV3ZT31XXXX5SV3ZT31&ts=1378150426
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=ST9160310AS_5SV3ZT31XXXX5SV3ZT31&ts=1378150426
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = hxxp://www.wer-kennt-wen.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=ST9160310AS_5SV3ZT31XXXX5SV3ZT31&ts=1378150426
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=ST9160310AS_5SV3ZT31XXXX5SV3ZT31&ts=1378150426
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://deutsch.eazel.com/de/index.php?rvs=hompag
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=ST9160310AS_5SV3ZT31XXXX5SV3ZT31&ts=1378150426
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=ST9160310AS_5SV3ZT31XXXX5SV3ZT31&ts=1378150426
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=ST9160310AS_5SV3ZT31XXXX5SV3ZT31&ts=1378150426
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
SearchScopes: HKLM - {E0CF963B-5192-41A4-8355-24FD7D03D324} URL = hxxp://deutsch.eazel.com/de/index.php?rvs=hompag
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=ST9160310AS_5SV3ZT31XXXX5SV3ZT31&ts=1378150426
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=64E500234ED22BBD&affID=120524&tsp=4993
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=ST9160310AS_5SV3ZT31XXXX5SV3ZT31&ts=1378150426
SearchScopes: HKCU - {4B7D934D-1DB8-4FED-B19B-8D5700C76D1B} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=DLCDF7&pc=MDDC&src=IE-SearchBox
SearchScopes: HKCU - {5042D780-0816-8CAF-69AC-06A54D832FE0} URL = hxxp://bwrk.startya.com/s/?q={searchTerms}&iesrc=IE-SearchBox&site=Yahoo&cfg=2-490-0-0
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tag=bds-p23-serp-de-ie-21&tbrId=v1_abb-channel-23_6603f871e4f84b0d9376258dc35ca0bf_39_1006_20130902_DE_ie_ds_&query={searchTerms}
SearchScopes: HKCU - {CF739809-1C6C-47C0-85B9-569DBB141420} URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=DVS
SearchScopes: HKCU - {E0CF963B-5192-41A4-8355-24FD7D03D324} URL = hxxp://deutsch.eazel.com/de/index.php?rvs=hompag
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
BHO: AlxHelper Class - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Amazon Browser Bar - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -&Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKCU -No Name - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} -  No File
Toolbar: HKCU -No Name - {69B6939F-C70D-45C5-9BBD-E2E2CC3DD8E5} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default
FF user.js: detected! => C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default\user.js
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Juls\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Juls\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default\searchplugins\icqplugin.xml
FF Extension: No Name - C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default\Extensions\130
FF Extension: No Name - C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default\Extensions\131
FF Extension: Conduit Engine  - C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default\Extensions\engine@conduit.com
FF Extension: Eazel-DE Community Toolbar - C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default\Extensions\{69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKCU\...\Firefox\Extensions: [{450ef4aa-3d18-4b12-8d9f-ecc17330b054}] C:\Program Files\LyricsSeeker\131.xpi
FF Extension: No Name - C:\Program Files\LyricsSeeker\131.xpi

Chrome: 
=======
CHR HomePage: hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=ST9160310AS_5SV3ZT31XXXX5SV3ZT31&ts=1378150426
CHR RestoreOnStartup: "hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=ST9160310AS_5SV3ZT31XXXX5SV3ZT31&ts=1378150426"
CHR DefaultSearchURL: (qvo6) - hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=ST9160310AS_5SV3ZT31XXXX5SV3ZT31&ts=1378150426&type=default&q={searchTerms}
CHR DefaultSuggestURL: (qvo6) -       "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Users\Juls\AppData\Local\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Juls\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Juls\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Juls\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Lightning Newtab) - C:\Users\Juls\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0
CHR Extension: (Amazon 1Button App for Chrome) - C:\Users\Juls\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\3.2013.715.0_0
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Juls\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM\...\Chrome\Extension: [lgoiojnjnacbjngolldkokokgpcjbgjj] - C:\Program Files\LyricsSeeker\131.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=ST9160310AS_5SV3ZT31XXXX5SV3ZT31&ts=1378150426

========================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe [81920 2008-12-15] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-09-24] (Stardock Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 sprtsvc_DellSupportCenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-10-04] (SupportSoft, Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe [241746 2008-12-15] (IDT, Inc.)
R2 Updater Service for AMZN; C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2013-03-21] ()
R2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [424104 2013-09-02] (Taiwan Shui Mu Chih Ching Technology Limited.)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2809856 2008-12-22] (Dell Inc.)
R2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [303680 2013-09-02] (Wsys Co., Ltd.)
R2 yksvc; RUNDLL32.EXE ykx32coinst,serviceStartProc [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-09-02] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-09-02] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-09-02] ()
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-12-22] (Broadcom Corporation)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [34248 2009-09-16] (McAfee, Inc.)
S3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [40552 2009-09-16] (McAfee, Inc.)
R3 OA009Ufd; C:\Windows\System32\DRIVERS\OA009Ufd.sys [144672 2008-09-03] (Creative Technology Ltd.)
R3 OA009Vid; C:\Windows\System32\DRIVERS\OA009Vid.sys [269216 2008-09-03] (Creative Technology Ltd.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-02 21:45 - 2013-09-02 21:46 - 00000444 _____ C:\Users\Juls\Downloads\defogger_disable.log
2013-09-02 21:45 - 2013-09-02 21:45 - 00000000 _____ C:\Users\Juls\defogger_reenable
2013-09-02 21:44 - 2013-09-02 21:44 - 00050477 _____ C:\Users\Juls\Downloads\Defogger.exe
2013-09-02 21:43 - 2013-09-02 21:44 - 01085803 _____ (Farbar) C:\Users\Juls\Downloads\FRST.exe
2013-09-02 21:33 - 2013-09-02 21:33 - 00000418 _____ C:\Windows\Tasks\At2.job
2013-09-02 21:33 - 2013-09-02 21:33 - 00000000 ____D C:\Users\Juls\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-09-02 17:54 - 2013-09-02 17:54 - 00000000 ____D C:\Windows\system32\searchplugins
2013-09-02 17:54 - 2013-09-02 17:54 - 00000000 ____D C:\Windows\system32\Extensions
2013-09-02 16:04 - 2013-09-02 16:04 - 00000000 ____D C:\Users\Juls\AppData\Roaming\player
2013-09-02 16:04 - 2013-09-02 16:04 - 00000000 ____D C:\Program Files\Tuguu SL
2013-09-02 16:00 - 2013-09-02 15:57 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-09-02 16:00 - 2013-09-02 15:57 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-09-02 15:57 - 2013-09-02 15:57 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-09-02 15:56 - 2013-09-02 15:57 - 00770344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-09-02 15:56 - 2013-09-02 15:57 - 00369584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-09-02 15:56 - 2013-09-02 15:57 - 00175176 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-09-02 15:56 - 2013-09-02 15:56 - 00001831 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-09-02 15:56 - 2013-05-09 10:59 - 00066336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-09-02 15:56 - 2013-05-09 10:59 - 00056080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-09-02 15:56 - 2013-05-09 10:59 - 00049760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2013-09-02 15:56 - 2013-05-09 10:59 - 00049376 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-09-02 15:56 - 2013-05-09 10:59 - 00029816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-09-02 15:56 - 2013-05-09 10:58 - 00229648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-09-02 15:53 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-09-02 15:51 - 2013-09-02 15:51 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-02 15:49 - 2013-09-02 15:51 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-02 15:47 - 2013-09-02 15:47 - 00000000 __SHD C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-09-02 15:43 - 2013-09-02 15:45 - 00000000 ____D C:\Users\Juls\Desktop\TuneUp Utilities 2012 (Download)
2013-09-02 15:41 - 2013-09-02 15:41 - 00000000 ____D C:\Users\Juls\AppData\Local\Amazon Browser Bar
2013-09-02 15:38 - 2013-09-02 15:38 - 00000000 ____D C:\Program Files\Amazon
2013-09-02 15:27 - 2013-09-02 20:14 - 00000000 ____D C:\Program Files\MyPC Backup
2013-09-02 15:27 - 2013-09-02 15:41 - 00000000 ____D C:\Program Files\Amazon Browser Bar
2013-09-02 15:27 - 2013-09-02 15:27 - 00129536 _____ C:\Users\Public\AlexaNSISPlugin.5360.dll
2013-09-02 15:24 - 2013-09-02 20:48 - 00000000 ____D C:\Users\Juls\AppData\Roaming\Systweak
2013-09-02 15:24 - 2013-08-22 18:36 - 00018776 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot.exe
2013-09-02 15:01 - 2013-09-02 21:02 - 00000000 ____D C:\Program Files\WinZipper
2013-09-02 15:01 - 2013-09-02 15:54 - 00000000 ____D C:\Program Files\Omiga Plus
2013-09-02 15:01 - 2013-09-02 15:01 - 00000000 ____D C:\Users\Juls\AppData\Roaming\WinZipper
2013-09-02 14:58 - 2013-09-02 14:58 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-09-02 14:49 - 2013-09-02 14:49 - 00000556 _____ C:\Windows\KB893803v2.log
2013-09-02 14:49 - 2013-09-02 14:49 - 00000000 ____D C:\Program Files\Common Files\337
2013-09-02 14:48 - 2013-09-02 21:05 - 00000000 ____D C:\ProgramData\eSafe
2013-09-02 14:48 - 2013-09-02 15:01 - 00000000 ____D C:\Program Files\Desk 365
2013-09-02 14:48 - 2013-09-02 14:55 - 00000000 ____D C:\Users\Juls\AppData\Roaming\Desk 365
2013-09-02 14:47 - 2013-09-02 20:12 - 00000000 ____D C:\Program Files\SaltarSmart
2013-09-02 14:47 - 2013-09-02 15:05 - 00000000 ____D C:\Users\Juls\AppData\Local\Lollipop
2013-08-29 17:53 - 2013-08-29 17:53 - 00000000 ____D C:\Program Files\EpsonNet
2013-08-29 17:53 - 2012-11-12 20:41 - 00458310 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppui.dll
2013-08-29 17:53 - 2012-11-12 20:41 - 00458310 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enppui.dll
2013-08-29 17:53 - 2012-11-12 15:15 - 00476027 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppmon.dll
2013-08-29 17:53 - 2012-11-12 15:15 - 00476027 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enppmon.dll
2013-08-29 17:53 - 2012-10-22 17:19 - 00218112 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enspres.dll
2013-08-29 17:53 - 2012-10-22 17:19 - 00218112 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enpres.dll
2013-08-29 17:52 - 2013-08-29 17:52 - 00000000 ____D C:\Users\Juls\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPSON Software
2013-08-29 17:48 - 2007-04-10 01:06 - 00008192 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_DCINST.DLL
2013-08-29 17:47 - 2011-03-15 03:03 - 00081408 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_FD4BILE.DLL
2013-08-29 17:44 - 2012-07-24 00:00 - 00342016 _____ (Seiko Epson Corporation) C:\Windows\system32\esw2ud.dll
2013-08-29 17:44 - 2011-12-12 00:00 - 00122000 _____ (Seiko Epson Corporation) C:\Windows\system32\escsvc.exe
2013-08-29 14:09 - 2013-09-02 21:01 - 00000362 _____ C:\Windows\Tasks\Lyrics Seeker Update.job
2013-08-29 14:09 - 2013-09-02 18:23 - 00000000 ____D C:\Program Files\LyricsSeeker
2013-08-28 16:09 - 2013-08-28 16:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2013-08-28 16:07 - 2013-08-28 16:07 - 00000000 ____D C:\Program Files\HTC
2013-08-28 16:05 - 2013-08-28 16:05 - 00000000 ____D C:\Users\Juls\AppData\Local\Downloaded Installations
2013-08-28 16:02 - 2013-08-28 16:06 - 00008080 _____ C:\Windows\DPINST.LOG
2013-08-28 16:01 - 2013-08-28 16:01 - 00000000 ____D C:\ProgramData\HTC
2013-08-28 16:01 - 2009-06-10 09:49 - 00024576 _____ (HTC, Corporation) C:\Windows\system32\Drivers\ANDROIDUSB.sys
2013-08-28 16:01 - 2009-06-09 07:41 - 01122664 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2013-08-28 13:46 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-28 13:32 - 2013-08-28 13:32 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2013-08-25 16:18 - 2013-08-25 16:18 - 00000000 ____D C:\Users\Juls\AppData\Local\avgchrome
2013-08-25 16:09 - 2013-08-28 13:28 - 00000418 _____ C:\Windows\Tasks\At1.job
2013-08-25 16:09 - 2013-08-25 16:09 - 00000000 ____D C:\Users\Juls\AppData\Roaming\DSite
2013-08-25 16:09 - 2013-08-25 16:09 - 00000000 ____D C:\Users\Juls\AppData\Roaming\Babylon
2013-08-25 16:09 - 2013-08-25 16:09 - 00000000 ____D C:\ProgramData\Babylon
2013-08-25 16:09 - 2013-08-25 16:09 - 00000000 ____D C:\Program Files\Image Converter
2013-08-25 15:44 - 2013-08-25 15:44 - 00000847 _____ C:\Users\Juls\AppData\Local\recently-used.xbel
2013-08-25 15:34 - 2013-08-25 15:34 - 00000000 ____D C:\Users\Juls\.thumbnails
2013-08-25 15:30 - 2013-08-25 15:34 - 00000000 ____D C:\Users\Juls\.gimp-2.8
2013-08-25 15:29 - 2013-08-25 15:29 - 00000000 ____D C:\Users\Juls\AppData\Local\gegl-0.2
2013-08-25 14:48 - 2013-08-25 15:27 - 00000000 ____D C:\Users\Juls\Documents\Bluetooth Exchange Folder
2013-08-25 14:33 - 2013-08-25 15:09 - 00000000 ____D C:\Users\Juls\Documents\Fußball
2013-08-19 13:59 - 2013-08-19 14:02 - 00000000 ____D C:\Windows\system32\MRT
2013-08-19 13:53 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-19 13:53 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-19 13:53 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-19 13:53 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-19 13:53 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-19 13:53 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-19 13:53 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-19 13:53 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-19 13:53 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-19 13:53 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-19 13:53 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-19 13:53 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-19 13:53 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-19 13:53 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-19 13:53 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-19 13:53 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-15 11:53 - 2013-07-05 06:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 11:53 - 2013-06-15 15:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-15 11:53 - 2013-06-15 13:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-15 11:52 - 2013-07-17 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 11:52 - 2013-07-10 11:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 11:52 - 2013-07-09 14:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 11:52 - 2013-07-08 06:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-15 11:52 - 2013-07-08 06:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 11:47 - 2013-07-08 06:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 11:47 - 2013-07-08 06:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 11:47 - 2013-07-08 06:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 11:47 - 2013-07-08 06:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

==================== One Month Modified Files and Folders =======

2013-09-02 21:48 - 2013-09-02 21:48 - 00000000 ____D C:\FRST
2013-09-02 21:47 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-02 21:47 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-02 21:46 - 2013-09-02 21:45 - 00000444 _____ C:\Users\Juls\Downloads\defogger_disable.log
2013-09-02 21:45 - 2013-09-02 21:45 - 00000000 _____ C:\Users\Juls\defogger_reenable
2013-09-02 21:45 - 2009-03-03 18:29 - 00000000 ____D C:\Users\Juls
2013-09-02 21:44 - 2013-09-02 21:44 - 00050477 _____ C:\Users\Juls\Downloads\Defogger.exe
2013-09-02 21:44 - 2013-09-02 21:43 - 01085803 _____ (Farbar) C:\Users\Juls\Downloads\FRST.exe
2013-09-02 21:33 - 2013-09-02 21:33 - 00000418 _____ C:\Windows\Tasks\At2.job
2013-09-02 21:33 - 2013-09-02 21:33 - 00000000 ____D C:\Users\Juls\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-09-02 21:33 - 2011-12-13 19:50 - 00002360 _____ C:\Users\Juls\Desktop\Google Chrome.lnk
2013-09-02 21:33 - 2009-03-03 18:34 - 00001233 _____ C:\Users\Juls\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-02 21:10 - 2009-02-22 14:46 - 01171358 _____ C:\Windows\WindowsUpdate.log
2013-09-02 21:05 - 2013-09-02 14:48 - 00000000 ____D C:\ProgramData\eSafe
2013-09-02 21:04 - 2013-03-30 16:09 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-02 21:02 - 2013-09-02 15:01 - 00000000 ____D C:\Program Files\WinZipper
2013-09-02 21:01 - 2013-08-29 14:09 - 00000362 _____ C:\Windows\Tasks\Lyrics Seeker Update.job
2013-09-02 20:59 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-02 20:58 - 2008-01-21 04:47 - 00163122 _____ C:\Windows\PFRO.log
2013-09-02 20:56 - 2009-02-22 21:10 - 00005332 _____ C:\Windows\bthservsdp.dat
2013-09-02 20:56 - 2006-11-02 15:01 - 00032530 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-02 20:52 - 2011-12-13 19:47 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343180365-3658905709-1398490034-1000UA.job
2013-09-02 20:48 - 2013-09-02 15:24 - 00000000 ____D C:\Users\Juls\AppData\Roaming\Systweak
2013-09-02 20:41 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-02 20:14 - 2013-09-02 15:27 - 00000000 ____D C:\Program Files\MyPC Backup
2013-09-02 20:12 - 2013-09-02 14:47 - 00000000 ____D C:\Program Files\SaltarSmart
2013-09-02 20:01 - 2013-06-09 12:31 - 00000000 ____D C:\Users\Juls\Documents\TS GRUPPE 5
2013-09-02 18:23 - 2013-08-29 14:09 - 00000000 ____D C:\Program Files\LyricsSeeker
2013-09-02 17:54 - 2013-09-02 17:54 - 00000000 ____D C:\Windows\system32\searchplugins
2013-09-02 17:54 - 2013-09-02 17:54 - 00000000 ____D C:\Windows\system32\Extensions
2013-09-02 17:52 - 2011-12-13 19:47 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343180365-3658905709-1398490034-1000Core.job
2013-09-02 16:04 - 2013-09-02 16:04 - 00000000 ____D C:\Users\Juls\AppData\Roaming\player
2013-09-02 16:04 - 2013-09-02 16:04 - 00000000 ____D C:\Program Files\Tuguu SL
2013-09-02 15:57 - 2013-09-02 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-09-02 15:57 - 2013-09-02 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-09-02 15:57 - 2013-09-02 15:57 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-09-02 15:57 - 2013-09-02 15:56 - 00770344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-09-02 15:57 - 2013-09-02 15:56 - 00369584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-09-02 15:57 - 2013-09-02 15:56 - 00175176 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-09-02 15:56 - 2013-09-02 15:56 - 00001831 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-09-02 15:56 - 2006-11-02 12:23 - 00002577 _____ C:\Windows\system32\config.nt
2013-09-02 15:54 - 2013-09-02 15:01 - 00000000 ____D C:\Program Files\Omiga Plus
2013-09-02 15:51 - 2013-09-02 15:51 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-02 15:51 - 2013-09-02 15:49 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-02 15:47 - 2013-09-02 15:47 - 00000000 __SHD C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-09-02 15:45 - 2013-09-02 15:43 - 00000000 ____D C:\Users\Juls\Desktop\TuneUp Utilities 2012 (Download)
2013-09-02 15:45 - 2008-01-21 09:16 - 01606414 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-02 15:41 - 2013-09-02 15:41 - 00000000 ____D C:\Users\Juls\AppData\Local\Amazon Browser Bar
2013-09-02 15:41 - 2013-09-02 15:27 - 00000000 ____D C:\Program Files\Amazon Browser Bar
2013-09-02 15:38 - 2013-09-02 15:38 - 00000000 ____D C:\Program Files\Amazon
2013-09-02 15:27 - 2013-09-02 15:27 - 00129536 _____ C:\Users\Public\AlexaNSISPlugin.5360.dll
2013-09-02 15:27 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-09-02 15:05 - 2013-09-02 14:47 - 00000000 ____D C:\Users\Juls\AppData\Local\Lollipop
2013-09-02 15:01 - 2013-09-02 15:01 - 00000000 ____D C:\Users\Juls\AppData\Roaming\WinZipper
2013-09-02 15:01 - 2013-09-02 14:48 - 00000000 ____D C:\Program Files\Desk 365
2013-09-02 14:58 - 2013-09-02 14:58 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-09-02 14:55 - 2013-09-02 14:48 - 00000000 ____D C:\Users\Juls\AppData\Roaming\Desk 365
2013-09-02 14:49 - 2013-09-02 14:49 - 00000556 _____ C:\Windows\KB893803v2.log
2013-09-02 14:49 - 2013-09-02 14:49 - 00000000 ____D C:\Program Files\Common Files\337
2013-08-29 18:20 - 2006-11-02 14:52 - 00273417 _____ C:\Windows\setupact.log
2013-08-29 18:00 - 2012-10-15 17:26 - 00000000 ____D C:\Program Files\ABBYY FineReader 9.0 Sprint
2013-08-29 17:58 - 2012-10-15 17:25 - 00000000 ____D C:\ProgramData\UDL
2013-08-29 17:57 - 2012-10-15 17:23 - 00000308 _____ C:\Windows\setup.iss
2013-08-29 17:57 - 2012-10-15 17:17 - 00000000 ____D C:\Program Files\EPSON Software
2013-08-29 17:57 - 2009-02-22 21:07 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-08-29 17:55 - 2012-10-15 17:10 - 00000000 ____D C:\Program Files\epson
2013-08-29 17:53 - 2013-08-29 17:53 - 00000000 ____D C:\Program Files\EpsonNet
2013-08-29 17:52 - 2013-08-29 17:52 - 00000000 ____D C:\Users\Juls\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPSON Software
2013-08-29 17:52 - 2012-10-15 17:17 - 00000000 ____D C:\Program Files\Common Files\EPSON
2013-08-29 17:47 - 2012-10-15 17:11 - 00000000 ____D C:\ProgramData\EPSON
2013-08-29 17:44 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\twain_32
2013-08-29 16:51 - 2009-03-07 16:45 - 00006080 _____ C:\Users\Juls\AppData\Local\d3d9caps.dat
2013-08-28 16:09 - 2013-08-28 16:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2013-08-28 16:07 - 2013-08-28 16:07 - 00000000 ____D C:\Program Files\HTC
2013-08-28 16:06 - 2013-08-28 16:02 - 00008080 _____ C:\Windows\DPINST.LOG
2013-08-28 16:05 - 2013-08-28 16:05 - 00000000 ____D C:\Users\Juls\AppData\Local\Downloaded Installations
2013-08-28 16:01 - 2013-08-28 16:01 - 00000000 ____D C:\ProgramData\HTC
2013-08-28 13:32 - 2013-08-28 13:32 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2013-08-28 13:28 - 2013-08-25 16:09 - 00000418 _____ C:\Windows\Tasks\At1.job
2013-08-25 16:19 - 2011-06-29 17:03 - 00072704 ____H C:\Users\Juls\Desktop\photothumb.db
2013-08-25 16:18 - 2013-08-25 16:18 - 00000000 ____D C:\Users\Juls\AppData\Local\avgchrome
2013-08-25 16:09 - 2013-08-25 16:09 - 00000000 ____D C:\Users\Juls\AppData\Roaming\DSite
2013-08-25 16:09 - 2013-08-25 16:09 - 00000000 ____D C:\Users\Juls\AppData\Roaming\Babylon
2013-08-25 16:09 - 2013-08-25 16:09 - 00000000 ____D C:\ProgramData\Babylon
2013-08-25 16:09 - 2013-08-25 16:09 - 00000000 ____D C:\Program Files\Image Converter
2013-08-25 15:44 - 2013-08-25 15:44 - 00000847 _____ C:\Users\Juls\AppData\Local\recently-used.xbel
2013-08-25 15:34 - 2013-08-25 15:34 - 00000000 ____D C:\Users\Juls\.thumbnails
2013-08-25 15:34 - 2013-08-25 15:30 - 00000000 ____D C:\Users\Juls\.gimp-2.8
2013-08-25 15:29 - 2013-08-25 15:29 - 00000000 ____D C:\Users\Juls\AppData\Local\gegl-0.2
2013-08-25 15:27 - 2013-08-25 14:48 - 00000000 ____D C:\Users\Juls\Documents\Bluetooth Exchange Folder
2013-08-25 15:09 - 2013-08-25 14:33 - 00000000 ____D C:\Users\Juls\Documents\Fußball
2013-08-25 14:17 - 2013-01-05 22:17 - 00000000 ____D C:\Users\Juls\Documents\KIGA
2013-08-25 14:04 - 2013-03-30 16:09 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-25 14:04 - 2013-03-30 16:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-23 17:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-22 18:36 - 2013-09-02 15:24 - 00018776 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot.exe
2013-08-19 14:02 - 2013-08-19 13:59 - 00000000 ____D C:\Windows\system32\MRT
2013-08-19 14:02 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-19 13:59 - 2006-11-02 12:24 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

Files to move or delete:
====================
C:\Users\Juls\AppData\Local\Temp\02B673~1.exe
C:\Users\Juls\AppData\Local\Temp\aacenc3.exe
C:\Users\Juls\AppData\Local\Temp\AskSLib.dll
C:\Users\Juls\AppData\Local\Temp\AskSLib.exe
C:\Users\Juls\AppData\Local\Temp\BackupSetup.exe
C:\Users\Juls\AppData\Local\Temp\deskplusdl.exe
C:\Users\Juls\AppData\Local\Temp\dl_1378126050.exe
C:\Users\Juls\AppData\Local\Temp\dl_1911589.exe
C:\Users\Juls\AppData\Local\Temp\dl_1912697.exe
C:\Users\Juls\AppData\Local\Temp\eSafeSvc.exe
C:\Users\Juls\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Juls\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\Juls\AppData\Local\Temp\FlashPlayerUpdate02.exe
C:\Users\Juls\AppData\Local\Temp\GLF284C.tmp.ConduitEngineSetup.exe
C:\Users\Juls\AppData\Local\Temp\GUREB76.exe
C:\Users\Juls\AppData\Local\Temp\ICReinstall_ImageEditorSetup (1).exe
C:\Users\Juls\AppData\Local\Temp\ICReinstall_ZipOpenerSetup (1).exe
C:\Users\Juls\AppData\Local\Temp\ICReinstall_ZipOpenerSetup.exe
C:\Users\Juls\AppData\Local\Temp\NEW424D.tmp.exe
C:\Users\Juls\AppData\Local\Temp\Optimizer_Pro.exe
C:\Users\Juls\AppData\Local\Temp\search-resultsToolbarInstaller-1.9.1.0.exe
C:\Users\Juls\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Juls\AppData\Local\Temp\Shockwave_Installer_Slim.exe
C:\Users\Juls\AppData\Local\Temp\SHSetup.exe
C:\Users\Juls\AppData\Local\Temp\softonic-de3.exe
C:\Users\Juls\AppData\Local\Temp\Softonicde3.exe
C:\Users\Juls\AppData\Local\Temp\tbEaze.dll
C:\Users\Juls\AppData\Local\Temp\Toolbar_Eazel.exe
C:\Users\Juls\AppData\Local\Temp\uninst.exe
C:\Users\Juls\AppData\Local\Temp\uninst1.exe
C:\Users\Juls\AppData\Local\Temp\WinZipperdl.exe
C:\Users\Juls\AppData\Local\Temp\_is2442.exe
C:\Users\Juls\AppData\Local\Temp\{E4826CA1-D747-4568-A5D8-2ACB36C260BE}\SETUP.EXE
C:\Users\Juls\AppData\Local\Temp\{C0816C25-CC91-4DE1-B0FB-FF23E393413C}\ICQ7.exe
C:\Users\Juls\AppData\Local\Temp\{B64AD267-9026-437B-8E81-B4BA865BDA92}\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQToolbarSetup.exe
C:\Users\Juls\AppData\Local\Temp\{A99E808D-F9E9-43E2-8EEA-9ADFF954330B}\SETUP.EXE
C:\Users\Juls\AppData\Local\Temp\{A78CCC25-9827-4423-938B-D2604889D1AE}\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}\MoveIt.dll
C:\Users\Juls\AppData\Local\Temp\{831ADE39-9701-4330-9567-A7C1D00E843A}\setup.exe
C:\Users\Juls\AppData\Local\Temp\{6C5B516E-F716-47B2-8547-1E46EA28AF81}\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}\ICQToolbarSetup.exe
C:\Users\Juls\AppData\Local\Temp\{6C5B516E-F716-47B2-8547-1E46EA28AF81}\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}\MoveIt.dll
C:\Users\Juls\AppData\Local\Temp\{5B48520B-5730-4A8B-8A29-4693BAEB43F8}\SETUP.EXE
C:\Users\Juls\AppData\Local\Temp\{2496560D-2AF4-46BD-A732-AE12F6F1C8E6}\SETUP.EXE
C:\Users\Juls\AppData\Local\Temp\{1ADCE3FF-A4E5-4646-A41C-145F07C3DF2B}\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQTIK.dll
C:\Users\Juls\AppData\Local\Temp\WinZipper\omigazip\7z.dll
C:\Users\Juls\AppData\Local\Temp\WinZipper\omigazip\dup.exe
C:\Users\Juls\AppData\Local\Temp\WinZipper\omigazip\ebase.dll
C:\Users\Juls\AppData\Local\Temp\WinZipper\omigazip\eshellctx.dll
C:\Users\Juls\AppData\Local\Temp\WinZipper\omigazip\eshellctx64.dll
C:\Users\Juls\AppData\Local\Temp\WinZipper\omigazip\eUninstall.exe
C:\Users\Juls\AppData\Local\Temp\WinZipper\omigazip\libpng.dll
C:\Users\Juls\AppData\Local\Temp\WinZipper\omigazip\ouilibnl.dll
C:\Users\Juls\AppData\Local\Temp\WinZipper\omigazip\sqlite3.dll
C:\Users\Juls\AppData\Local\Temp\WinZipper\omigazip\TrayDownloader.exe
C:\Users\Juls\AppData\Local\Temp\WinZipper\omigazip\winzipersvc.exe
C:\Users\Juls\AppData\Local\Temp\WinZipper\omigazip\WinZipper.exe
C:\Users\Juls\AppData\Local\Temp\Temp1_picture_converter.zip\PictureConverter.exe
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\SAS.exe
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TeamViewer.exe
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_.exe
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_Resource_da.dll
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_Resource_de.dll
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_Resource_en.dll
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_Resource_es.dll
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_Resource_fi.dll
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_Resource_fr.dll
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_Resource_it.dll
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_Resource_ja.dll
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_Resource_ko.dll
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_Resource_nl.dll
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_Resource_no.dll
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_Resource_pl.dll
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_Resource_pt.dll
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_Resource_ru.dll
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_Resource_sv.dll
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_Resource_tr.dll
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_Service.exe
C:\Users\Juls\AppData\Local\Temp\TeamViewer\Version5\TV.dll
C:\Users\Juls\AppData\Local\Temp\SoftwareUpdate_Temp\EPSON XP-205 207 Series\Download Navigator\Download_Navigator_Installer\EPSDNEUL.EXE
C:\Users\Juls\AppData\Local\Temp\SoftwareUpdate_Temp\EPSON XP-205 207 Series\Download Navigator\Download_Navigator_Installer\Setup.exe
C:\Users\Juls\AppData\Local\Temp\SoftwareUpdate_Temp\EPSON XP-205 207 Series\Download\Resource\Download_Navigator340.exe
C:\Users\Juls\AppData\Local\Temp\Setup (1).exe\e352273728b34ffd8ed8e6a92370730f\bin.dll
C:\Users\Juls\AppData\Local\Temp\Setup (1).exe\e352273728b34ffd8ed8e6a92370730f\config.dll
C:\Users\Juls\AppData\Local\Temp\Setup (1).exe\e352273728b34ffd8ed8e6a92370730f\eSetup (1).exe
C:\Users\Juls\AppData\Local\Temp\Setup (1).exe\e352273728b34ffd8ed8e6a92370730f\installer.exe
C:\Users\Juls\AppData\Local\Temp\Setup (1).exe\e352273728b34ffd8ed8e6a92370730f\software\Delta Babylon.exe
C:\Users\Juls\AppData\Local\Temp\Setup (1).exe\e352273728b34ffd8ed8e6a92370730f\software\Desk365.exe
C:\Users\Juls\AppData\Local\Temp\Setup (1).exe\e352273728b34ffd8ed8e6a92370730f\software\LollipopInstaller_14656.exe
C:\Users\Juls\AppData\Local\Temp\Setup (1).exe\e352273728b34ffd8ed8e6a92370730f\software\OptimizerPro.exe
C:\Users\Juls\AppData\Local\Temp\Setup (1).exe\e352273728b34ffd8ed8e6a92370730f\software\SaltarSmart.exe
C:\Users\Juls\AppData\Local\Temp\nsr7AE.tmp\Time.dll
C:\Users\Juls\AppData\Local\Temp\nshFF8.tmp\Time.dll
C:\Users\Juls\AppData\Local\Temp\nsh1268.tmp\Time.dll
C:\Users\Juls\AppData\Local\Temp\nsgDFD5.tmp\nsSCM.dll
C:\Users\Juls\AppData\Local\Temp\Low\Google Toolbar\gtb30D1.tmp.exe
C:\Users\Juls\AppData\Local\Temp\Jgl_Rt2\nachtstation2.exe
C:\Users\Juls\AppData\Local\Temp\Jgl_Rt1\nachtstation1.exe
C:\Users\Juls\AppData\Local\Temp\Jgl_Rt\nachtstation.exe
C:\Users\Juls\AppData\Local\Temp\is357113909\cor_ar_201381417179_qvo6.exe
C:\Users\Juls\AppData\Local\Temp\is357113909\DeltaTB.exe
C:\Users\Juls\AppData\Local\Temp\is357113909\ImageEditor.exe
C:\Users\Juls\AppData\Local\Temp\is357113909\OpenItSetup.exe
C:\Users\Juls\AppData\Local\Temp\is357113909\uninstaller.exe
C:\Users\Juls\AppData\Local\Temp\is357113909\wajam_validate.exe
C:\Users\Juls\AppData\Local\Temp\is-E2FR4.tmp\OptProCrash.dll
C:\Users\Juls\AppData\Local\Temp\InstallPlus\E_FWCHKR.exe
C:\Users\Juls\AppData\Local\Temp\InstallPlus\E_UPNFLE.DLL
C:\Users\Juls\AppData\Local\Temp\InstallPlus\E_UPWJ01.dll
C:\Users\Juls\AppData\Local\Temp\InstallPlus\InstallNaui.exe
C:\Users\Juls\AppData\Local\Temp\InstallNavi\E_FWCHKR.exe
C:\Users\Juls\AppData\Local\Temp\InstallNavi\E_UPNFLE.DLL
C:\Users\Juls\AppData\Local\Temp\InstallNavi\E_UPWJ01.dll
C:\Users\Juls\AppData\Local\Temp\InstallNavi\InstallNaui.exe
C:\Users\Juls\AppData\Local\Temp\EPSON XP-205 207 Series_Home\Install Plus_10\InstallPlus.exe
C:\Users\Juls\AppData\Local\Temp\EPSON XP-205 207 Series_Home\Install Plus_10\_cdres\_dll\ENSTRMAPI.dll
C:\Users\Juls\AppData\Local\Temp\EPSON XP-205 207 Series_Home\Install Plus_10\_cdres\_dll\EPDNSTRT.DLL
C:\Users\Juls\AppData\Local\Temp\EPSON\Epson Printer Finder\EPSONPrinterFinder1_0_0_FC_1_0\Setup.exe
C:\Users\Juls\AppData\Local\Temp\EPSON\eMail Print\EpsonConnectPrinterSetup1_1_1_FC_1_0\Setup.exe
C:\Users\Juls\AppData\Local\Temp\EPSON\Download\Resource\CESU4110.exe
C:\Users\Juls\AppData\Local\Temp\EPSON\Download\Resource\Download_Navigator_341.exe
C:\Users\Juls\AppData\Local\Temp\EPSON\Download\Resource\ENP_2_6_0_EN.exe
C:\Users\Juls\AppData\Local\Temp\EPSON\Download\Resource\FWG693TL.exe
C:\Users\Juls\AppData\Local\Temp\EPSON\Download\Resource\FWG693TL_RF10D4.exe
C:\Users\Juls\AppData\Local\Temp\EPSON\Download\Resource\Remote_Print_Driver_x86_163.exe
C:\Users\Juls\AppData\Local\Temp\EPSON\Download\Resource\XP200_WW_WIN_3792_41.exe
C:\Users\Juls\AppData\Local\Temp\EPSON\Download\Resource\XP205207_x86_700UsHomeExportAsiaML_MP.exe
C:\Users\Juls\AppData\Local\Temp\EPSON\Download\Resource\XP205_XP202_XP102_XP30_x86_690E_ESI01.exe
C:\Users\Juls\AppData\Local\Temp\EPSDNAVI_Temp\Download Navigator\CESU\Data\EPSDNEUL.EXE
C:\Users\Juls\AppData\Local\Temp\EPSDNAVI_Temp\Download Navigator\CESU\Data\Setup.exe
C:\Users\Juls\AppData\Local\Temp\eIntaller\BBF6904A02EB450b952CB9DA3DF36AF1\eGdpSvc.exe
C:\Users\Juls\AppData\Local\Temp\eIntaller\BBF6904A02EB450b952CB9DA3DF36AF1\eXQ.exe
C:\Users\Juls\AppData\Local\Temp\ED9DD823-BAB0-7891-A33E-EE1B3548AC48\Latest\BabMaint.exe
C:\Users\Juls\AppData\Local\Temp\ED9DD823-BAB0-7891-A33E-EE1B3548AC48\Latest\BExternal.dll
C:\Users\Juls\AppData\Local\Temp\ED9DD823-BAB0-7891-A33E-EE1B3548AC48\Latest\BUSolForMontiera.dll
C:\Users\Juls\AppData\Local\Temp\ED9DD823-BAB0-7891-A33E-EE1B3548AC48\Latest\BUSolution.dll
C:\Users\Juls\AppData\Local\Temp\ED9DD823-BAB0-7891-A33E-EE1B3548AC48\Latest\ccp.exe
C:\Users\Juls\AppData\Local\Temp\ED9DD823-BAB0-7891-A33E-EE1B3548AC48\Latest\ChromeToolbarSetup.dll
C:\Users\Juls\AppData\Local\Temp\ED9DD823-BAB0-7891-A33E-EE1B3548AC48\Latest\CrxInstaller.dll
C:\Users\Juls\AppData\Local\Temp\ED9DD823-BAB0-7891-A33E-EE1B3548AC48\Latest\enhancedNT.dll
C:\Users\Juls\AppData\Local\Temp\ED9DD823-BAB0-7891-A33E-EE1B3548AC48\Latest\GUninstaller.exe
C:\Users\Juls\AppData\Local\Temp\ED9DD823-BAB0-7891-A33E-EE1B3548AC48\Latest\IEHelper.dll
C:\Users\Juls\AppData\Local\Temp\ED9DD823-BAB0-7891-A33E-EE1B3548AC48\Latest\MntrDLLInstall.dll
C:\Users\Juls\AppData\Local\Temp\ED9DD823-BAB0-7891-A33E-EE1B3548AC48\Latest\MyDeltaTB.exe
C:\Users\Juls\AppData\Local\Temp\ED9DD823-BAB0-7891-A33E-EE1B3548AC48\Latest\Setup.exe
C:\Users\Juls\AppData\Local\Temp\ED9DD823-BAB0-7891-A33E-EE1B3548AC48\Latest\sqlite3.dll
C:\Users\Juls\AppData\Local\Temp\Delta\delta\1.8.24.6\delta4ie.exe
C:\Users\Juls\AppData\Local\Temp\C487.dir\InstallFlashPlayer.exe
C:\Users\Juls\AppData\Local\Temp\A1B4AF15-BAB0-7891-A6C2-CBC4BA1285F4\Latest\BabMaint.exe
C:\Users\Juls\AppData\Local\Temp\A1B4AF15-BAB0-7891-A6C2-CBC4BA1285F4\Latest\BExternal.dll
C:\Users\Juls\AppData\Local\Temp\A1B4AF15-BAB0-7891-A6C2-CBC4BA1285F4\Latest\BUSolForMontiera.dll
C:\Users\Juls\AppData\Local\Temp\A1B4AF15-BAB0-7891-A6C2-CBC4BA1285F4\Latest\BUSolution.dll
C:\Users\Juls\AppData\Local\Temp\A1B4AF15-BAB0-7891-A6C2-CBC4BA1285F4\Latest\ccp.exe
C:\Users\Juls\AppData\Local\Temp\A1B4AF15-BAB0-7891-A6C2-CBC4BA1285F4\Latest\ChromeToolbarSetup.dll
C:\Users\Juls\AppData\Local\Temp\A1B4AF15-BAB0-7891-A6C2-CBC4BA1285F4\Latest\CrxInstaller.dll
C:\Users\Juls\AppData\Local\Temp\A1B4AF15-BAB0-7891-A6C2-CBC4BA1285F4\Latest\enhancedNT.dll
C:\Users\Juls\AppData\Local\Temp\A1B4AF15-BAB0-7891-A6C2-CBC4BA1285F4\Latest\GUninstaller.exe
C:\Users\Juls\AppData\Local\Temp\A1B4AF15-BAB0-7891-A6C2-CBC4BA1285F4\Latest\IEHelper.dll
C:\Users\Juls\AppData\Local\Temp\A1B4AF15-BAB0-7891-A6C2-CBC4BA1285F4\Latest\MntrDLLInstall.dll
C:\Users\Juls\AppData\Local\Temp\A1B4AF15-BAB0-7891-A6C2-CBC4BA1285F4\Latest\MyDeltaTB.exe
C:\Users\Juls\AppData\Local\Temp\A1B4AF15-BAB0-7891-A6C2-CBC4BA1285F4\Latest\Setup.exe
C:\Users\Juls\AppData\Local\Temp\A1B4AF15-BAB0-7891-A6C2-CBC4BA1285F4\Latest\sqlite3.dll
C:\Users\Juls\AppData\Local\Temp\6E7EFF1D-BAB0-7891-AF7D-F07DC5F1F155\Latest\BabMaint.exe
C:\Users\Juls\AppData\Local\Temp\6E7EFF1D-BAB0-7891-AF7D-F07DC5F1F155\Latest\BExternal.dll
C:\Users\Juls\AppData\Local\Temp\6E7EFF1D-BAB0-7891-AF7D-F07DC5F1F155\Latest\BUSolForMontiera.dll
C:\Users\Juls\AppData\Local\Temp\6E7EFF1D-BAB0-7891-AF7D-F07DC5F1F155\Latest\BUSolution.dll
C:\Users\Juls\AppData\Local\Temp\6E7EFF1D-BAB0-7891-AF7D-F07DC5F1F155\Latest\ccp.exe
C:\Users\Juls\AppData\Local\Temp\6E7EFF1D-BAB0-7891-AF7D-F07DC5F1F155\Latest\ChromeToolbarSetup.dll
C:\Users\Juls\AppData\Local\Temp\6E7EFF1D-BAB0-7891-AF7D-F07DC5F1F155\Latest\CrxInstaller.dll
C:\Users\Juls\AppData\Local\Temp\6E7EFF1D-BAB0-7891-AF7D-F07DC5F1F155\Latest\GUninstaller.exe
C:\Users\Juls\AppData\Local\Temp\6E7EFF1D-BAB0-7891-AF7D-F07DC5F1F155\Latest\IEHelper.dll
C:\Users\Juls\AppData\Local\Temp\6E7EFF1D-BAB0-7891-AF7D-F07DC5F1F155\Latest\MntrDLLInstall.dll
C:\Users\Juls\AppData\Local\Temp\6E7EFF1D-BAB0-7891-AF7D-F07DC5F1F155\Latest\MyDeltaTB.exe
C:\Users\Juls\AppData\Local\Temp\6E7EFF1D-BAB0-7891-AF7D-F07DC5F1F155\Latest\NTRedirect.dll
C:\Users\Juls\AppData\Local\Temp\6E7EFF1D-BAB0-7891-AF7D-F07DC5F1F155\Latest\Setup.exe
C:\Users\Juls\AppData\Local\Temp\6E7EFF1D-BAB0-7891-AF7D-F07DC5F1F155\Latest\sqlite3.dll
C:\Users\Juls\AppData\Local\Temp\4598.dir\InstallFlashPlayer.exe
C:\Users\Juls\AppData\Local\Temp\3D1F.dir\InstallFlashPlayer.exe
C:\Users\Juls\AppData\Local\Temp\1D5.dir\InstallFlashPlayer.exe
C:\Users\Juls\AppData\Local\Temp\._msige52\GoogleEarth.exe
C:\Users\Juls\AppData\Local\Temp\._msige52\program files\Google\Google Earth\plugin\earthps.dll
C:\Users\Juls\AppData\Local\Temp\._msige52\program files\Google\Google Earth\plugin\geplugin.exe
C:\Users\Juls\AppData\Local\Temp\._msige52\program files\Google\Google Earth\plugin\ge_expat.dll
C:\Users\Juls\AppData\Local\Temp\._msige52\program files\Google\Google Earth\plugin\googleearth_free.dll
C:\Users\Juls\AppData\Local\Temp\._msige52\program files\Google\Google Earth\plugin\msvcp80.dll
C:\Users\Juls\AppData\Local\Temp\._msige52\program files\Google\Google Earth\plugin\msvcr80.dll
C:\Users\Juls\AppData\Local\Temp\._msige52\program files\Google\Google Earth\plugin\npgeplugin.dll
C:\Users\Juls\AppData\Local\Temp\._msige52\program files\Google\Google Earth\plugin\plugin_ax.dll
C:\Users\Juls\AppData\Local\Temp\._msige52\program files\Google\Google Earth\client\earthflashsol.exe
C:\Users\Juls\AppData\Local\Temp\._msige52\program files\Google\Google Earth\client\earthps.dll
C:\Users\Juls\AppData\Local\Temp\._msige52\program files\Google\Google Earth\client\ge_expat.dll
C:\Users\Juls\AppData\Local\Temp\._msige52\program files\Google\Google Earth\client\googleearth.exe
C:\Users\Juls\AppData\Local\Temp\._msige52\program files\Google\Google Earth\client\googleearth_free.dll
C:\Users\Juls\AppData\Local\Temp\._msige52\program files\Google\Google Earth\client\gpsbabel.exe
C:\Users\Juls\AppData\Local\Temp\._msige52\program files\Google\Google Earth\client\msvcp80.dll
C:\Users\Juls\AppData\Local\Temp\._msige52\program files\Google\Google Earth\client\msvcr80.dll
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-02 21:06

==================== End Of Log ============================
--- --- ---

--- --- ---


Und noch Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-09-2013 04
Ran by Juls at 2013-09-02 21:50:17
Running from C:\Users\Juls\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212)
Adobe Digital Editions 2.0 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader X (10.1.6) - Deutsch (Version: 10.1.6)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
Advanced Audio FX Engine
Amazon Browser Bar (Version: 3.0)
Ashampoo Burning Studio 2010 (Version: 9.12)
avast! Free Antivirus (Version: 8.0.1489.0)
AVS Update Manager 1.0
AVS4YOU Software Navigator 1.4
Batch PPTX to PPT Converter (Version: 2011.3.211.1577)
Benutzerhandbuch EPSON XP-205 207 Series
Choice Guard (Version: 1.2.87.0)
Cisco EAP-FAST Module (Version: 2.1.6)
Cisco LEAP Module (Version: 1.0.12)
Cisco PEAP Module (Version: 1.0.13)
Compatibility Pack für 2007 Office System (Version: 12.0.4518.1014)
Dell Dock (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.2.09085)
Dell Touchpad (Version: 7.2.115.201)
Dell Webcam Central
Dell Wireless WLAN Card Utility (Version: 5.10.38.30)
Dell-eBay (Version: 1.00.0000)
Download Navigator (Version: 1.1.0)
EDocs
Epson Easy Photo Print 2 (Version: 2.3.2.0)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (Version: 1.00.0000)
Epson Event Manager (Version: 3.01.0000)
EPSON Scan
EPSON XP-205 207 Series Printer Uninstall
EpsonNet Print (Version: 2.6.0)
ePub Converter (HKCU Version: 2.7.28)
Free Audio CD Burner version 1.2
Google Chrome (HKCU Version: 28.0.1500.95)
Google Earth (Version: 5.2.1.1588)
GoToAssist 8.0.0.514
Image Converter (Version: 1.0.0)
Image Editor Packages
Integrated Webcam Driver (1.00.02.0825)  
Intel® Matrix Storage Manager
IPTInstaller (Version: 4.0.8)
Java(TM) 6 Update 7 (Version: 1.6.0.70)
Junk Mail filter update (Version: 14.0.8050.1202)
Live! Cam Avatar Creator (Version: 4.6.1419.1)
Lyrics Seeker
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Image Composite Editor (Version: 1.2.0)
Microsoft Office 2000 SR-1 Premium (Version: 9.00.3821)
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.4518.1014)
Microsoft Search Enhancement Pack (Version: 1.2.121.0)
Microsoft Silverlight (Version: 2.0.31005.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 14.0.1468.721)
Netzwerkhandbuch EPSON XP-205 207 Series
Norton Security Scan (Version: 3.5.1.10)
PhotoScape
PowerDVD (Version: 8.1)
QuickSet (Version: 9.2.11)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
Skype™ 6.3 (Version: 6.3.105)
Software Updater (Version: 4.1.1)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
swMSM (Version: 12.0.0.1)
Uninstall 1.0.0.1
Update for Image Editor
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
VAFPlayer (Version: 1.6.8)
WIDCOMM Bluetooth Software 6.1.0.4502 (Version: 6.1.0.4502)
Windows Live Anmelde-Assistent (Version: 5.000.817.1)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Fotogalerie (Version: 14.0.8051.1204)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Messenger (Version: 14.0.8050.1202)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Toolbar (Version: 14.0.8052.1208)
Windows Live Writer (Version: 14.0.8050.1202)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
WinRAR
WinZipper (Version: 1.4.8)
Wsys Control 10.2.1.2612 (Version: 10.2.1.2612)
 

==================== Restore Points  =========================

28-08-2013 11:46:12 Windows Update
28-08-2013 14:02:17 Gerätetreiber-Paketinstallation: HTC, Corporation
28-08-2013 14:04:44 Gerätetreiber-Paketinstallation: HTC Corporation Netzwerkadapter
28-08-2013 14:05:28 Gerätetreiber-Paketinstallation: HTC Corporation Tragbare Geräte
28-08-2013 14:07:22 Gerätetreiber-Paketinstallation: HTC Netzwerkprotokoll
29-08-2013 12:15:33 Windows Update
29-08-2013 12:44:55 Installed Software Updater
29-08-2013 12:53:20 Installed Driver Whiz.
29-08-2013 15:10:50 Removed Epson E-Web Print
29-08-2013 15:14:20 Removed Epson Connect Printer Setup
29-08-2013 15:15:06 Removed Epson Customer Research Participation
29-08-2013 15:20:50 Removed EPSON Printer Finder
29-08-2013 15:23:21 Removed Epson Event Manager
29-08-2013 15:26:53 Entfernt Easy Photo Print Plug-in for PMB(Picture Motion Browser@¢áa
29-08-2013 15:44:22 Gerätetreiber-Paketinstallation: EPSON Bildverarbeitungsgeräte
29-08-2013 15:51:10 Gerätetreiber-Paketinstallation: EPSON Drucker
29-08-2013 15:52:51 Installed EpsonNet Print
29-08-2013 15:53:12 Installed Epson Event Manager
29-08-2013 15:57:26 Installiert Easy Photo Print Plug-in for PMB(Picture Motion Browéf
02-09-2013 12:44:19 Windows Update
02-09-2013 13:36:47 RegClean Pro Mo, Sep 02, 13  15:35
02-09-2013 13:50:59 avast! Free Antivirus Setup
02-09-2013 18:03:38 Windows Defender Checkpoint
02-09-2013 18:06:58 Quitado VAFPlayer
02-09-2013 18:08:36 Quitado VAFPlayer
02-09-2013 18:15:34 Quitado VAFPlayer
02-09-2013 18:45:22 Quitado VAFPlayer
02-09-2013 18:50:04 Quitado VAFPlayer
02-09-2013 18:51:20 Quitado VAFPlayer
02-09-2013 19:06:48 Quitado VAFPlayer
02-09-2013 19:16:35 Quitado VAFPlayer
02-09-2013 19:35:22 Quitado VAFPlayer

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0E5837E9-203A-48D8-ADAF-ED7778315C09} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {203F99D6-A0D6-40FB-9010-965F5E8965CA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-343180365-3658905709-1398490034-1000Core => C:\Users\Juls\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-13] (Google Inc.)
Task: {2735E4A0-9E12-40A1-91D3-DA89C5396AD6} - System32\Tasks\At1 => C:\Users\Juls\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE [2013-09-02] ()
Task: {3149A7AA-98F2-49BD-BEA7-79D9E57B4743} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-343180365-3658905709-1398490034-1000UA => C:\Users\Juls\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-13] (Google Inc.)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {383DC908-5919-4C78-B1B4-301A94DA7298} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {4C92F69E-9E5B-41FD-8A8F-6F9FC969942C} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files\Desk 365\desk365.exe No File
Task: {4D13D85A-2615-45E4-9C76-CAD3172B0952} - System32\Tasks\Omiga Plus RunAsStdUser => C:\Program Files\Omiga Plus\omigaplus.exe No File
Task: {694BAA03-BD2E-4D23-BE6F-E28DD3680123} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {7A62A335-9C4D-4759-AE89-98F9B42C65AC} - System32\Tasks\User_Feed_Synchronization-{522DE86D-9B4A-4483-90B9-56B2F27F4CE5} => C:\Windows\system32\msfeedssync.exe [2011-08-29] (Microsoft Corporation)
Task: {7C29783D-FD69-41CF-ABD0-93FC5FA757F5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-25] (Adobe Systems Incorporated)
Task: {9BB88315-ABF4-41AF-9BBE-AF5EB810AA7B} - System32\Tasks\Lyrics Seeker Update => C:\Program Files\LyricsSeeker\Lupdate.exe [2013-08-29] ()
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {AA1647F4-ABEF-4670-B7A3-D9C86ACDA55C} - System32\Tasks\At2 => C:\Users\Juls\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE [2013-09-02] ()
Task: {B39B75EF-1AFC-4074-AEB6-3CFAFD0E4A9D} - System32\Tasks\Launch BCM WLAN Tray => C:\Windows\system32\WLTRAY.EXE [2008-12-22] (Dell Inc.)
Task: {D20B67BA-0502-4DDD-A1F5-894A6E6A672D} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Juls => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {D279BC73-9EFC-488D-AA6F-1FF9B2B4CD28} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {DEB25BDE-7E3C-4A85-97BF-AEA30C4355A3} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {F3028751-A895-4357-B2E1-791AA4E41320} - System32\Tasks\Norton Security Scan for Juls => C:\PROGRA~1\NORTON~2\Engine\351~1.10\Nss.exe [2011-11-04] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\At1.job => C:\Users\Juls\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\At2.job => C:\Users\Juls\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343180365-3658905709-1398490034-1000Core.job => C:\Users\Juls\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343180365-3658905709-1398490034-1000UA.job => C:\Users\Juls\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Lyrics Seeker Update.job => C:\Program Files\LyricsSeeker\Lupdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for Juls.job => C:\PROGRA~1\NORTON~2\Engine\351~1.10\Nss.exe

==================== Loaded Modules (whitelisted) =============

2013-09-02 15:52 - 2013-05-09 10:58 - 00246592 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\snxhk.dll
2009-10-25 21:00 - 2009-04-11 08:28 - 02012160 _____ (Microsoft Corporation) C:\Windows\system32\milcore.dll
2009-02-22 22:39 - 2008-12-09 07:25 - 00548864 _____ (Intel Corporation) C:\Windows\system32\igdumdx32.dll
2009-02-22 22:39 - 2008-12-09 07:25 - 03411968 _____ (Intel Corporation) C:\Windows\system32\igdumd32.dll
2008-06-06 03:06 - 2008-06-06 03:06 - 00208896 _____ (Broadcom Corporation.) C:\Windows\system32\btmmhook.dll
2006-11-02 10:40 - 2006-11-02 11:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\tschannel.dll
2008-01-21 04:23 - 2008-01-21 04:23 - 01298432 _____ (Microsoft Corporation) C:\Windows\System32\TMM.dll
2006-11-02 10:45 - 2006-11-02 11:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\pautoenr.dll
2009-10-25 21:00 - 2009-04-11 08:28 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\certenroll.dll
2009-02-22 22:39 - 2008-12-09 07:25 - 00258048 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2008-01-21 04:24 - 2008-01-21 04:24 - 00397312 _____ (Microsoft Corporation) C:\Windows\system32\audioeng.dll
2009-02-22 22:39 - 2008-12-09 07:25 - 00221184 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00121968 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\ashShell.dll
2009-10-25 20:57 - 2009-04-11 08:28 - 00099328 _____ (Microsoft Corporation) C:\PROGRA~1\WI4EB4~1\wmpband.dll
2006-11-02 10:34 - 2006-11-02 11:46 - 00869376 _____ (Microsoft Corporation) C:\Windows\system32\WINBRAND.dll
2011-04-23 13:27 - 2010-05-04 21:13 - 00231424 _____ (Microsoft Corporation) C:\Windows\System32\msshsq.dll
2008-01-21 04:24 - 2008-01-21 04:24 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2008-06-06 02:21 - 2008-06-06 02:21 - 00184320 _____ (Broadcom Corporation.) C:\Windows\system32\btncopy.dll
2009-10-25 20:58 - 2009-04-11 08:28 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\wscntfy.dll
2009-10-25 20:59 - 2009-04-11 08:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\FunDisc.dll
2009-10-25 20:58 - 2009-04-11 08:28 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\fdproxy.dll
2009-10-25 21:02 - 2009-04-11 08:28 - 02134528 _____ (Microsoft Corporation) C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-02-22 21:10 - 2008-12-22 12:32 - 07216640 _____ (Dell Inc.) C:\Windows\system32\BCMWLCPL.CPL
2013-09-02 15:55 - 2013-09-02 15:55 - 03781960 _____ (Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
2013-09-02 15:54 - 2013-09-02 15:54 - 00225280 _____ (Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2013-09-02 15:55 - 2013-09-02 15:55 - 00063312 _____ (Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90DEU.DLL
2013-07-10 20:01 - 2013-04-23 01:00 - 05920408 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
2013-08-29 14:55 - 2013-08-29 14:55 - 11497984 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
2013-01-09 17:55 - 2012-10-05 12:58 - 00364656 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
2009-02-22 22:39 - 2008-12-09 07:25 - 00278528 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc
2008-06-06 02:59 - 2008-06-06 02:59 - 00126976 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2008-08-27 08:28 - 2008-08-27 08:28 - 00101456 _____ (Dell Inc.) C:\Program Files\Dell\QuickSet\dadkeyb.dll
2008-01-21 04:23 - 2008-01-21 04:23 - 02243072 _____ (Microsoft Corporation) C:\Windows\System32\NLSData0007.dll
2013-09-02 15:01 - 2013-09-02 15:00 - 00073896 _____ (337 Technology Limited.) C:\Program Files\WinZipper\eshellctx.dll
2011-02-19 01:40 - 2011-02-19 01:40 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\MSVCR100.dll
2011-02-20 00:03 - 2011-02-20 00:03 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\MSVCP100.dll
2009-02-22 22:39 - 2008-12-09 07:25 - 00217088 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2009-02-22 22:39 - 2008-12-09 07:25 - 00106496 _____ (Intel Corporation) C:\Windows\system32\hccutils.DLL
2009-02-22 22:39 - 2008-12-09 07:25 - 00052224 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2008-06-06 03:05 - 2008-06-06 03:05 - 00655360 _____ (Broadcom Corporation.) C:\Windows\system32\BtwNamespaceExt.dll
2008-06-06 03:04 - 2008-06-06 03:04 - 00372736 _____ (Broadcom Corporation.) C:\Windows\system32\BtwNeLib.dll
2008-06-06 02:17 - 2008-06-06 02:17 - 00622592 _____ (Broadcom Corporation.) C:\Windows\system32\btwapi.dll
2012-10-15 17:23 - 2012-10-15 17:23 - 01101824 _____ (Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2008-06-06 02:33 - 2008-06-06 02:33 - 00233472 _____ (Broadcom Corporation.) C:\Windows\system32\btosif.dll
2008-06-06 02:34 - 2008-06-06 02:34 - 00184320 _____ (Broadcom Corporation.) C:\Windows\system32\btwpimif.dll
2012-10-15 17:23 - 2012-10-15 17:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80DEU.DLL
2009-10-25 20:57 - 2009-04-11 08:28 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\wshBth.dll
2009-10-25 20:58 - 2009-04-11 08:28 - 00842240 _____ (Microsoft Corporation) C:\Windows\System32\systemcpl.dll
2009-10-25 20:57 - 2009-04-11 08:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\System32\SLWGA.dll
2006-11-02 14:34 - 2006-11-02 14:34 - 00653928 _____ (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpRes.dll
2008-01-21 04:23 - 2008-01-21 04:23 - 00671288 _____ (Microsoft Corporation) C:\Program Files\Windows Defender\MpRtMon.DLL
2009-10-25 20:57 - 2009-04-11 08:28 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2009-02-22 22:39 - 2008-09-04 07:29 - 01531904 _____ (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.dll
2009-02-22 22:39 - 2008-09-04 07:29 - 00100546 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\Vxdif.dll
2009-02-22 22:39 - 2008-09-04 07:29 - 00057344 _____ (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\EzAuto.dll
2009-02-22 22:39 - 2008-12-09 07:25 - 00106496 _____ (Intel Corporation) C:\Windows\System32\hccutils.DLL
2013-08-29 14:55 - 2013-08-29 14:55 - 07977984 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll
2013-08-29 14:56 - 2013-08-29 14:56 - 00771584 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b167ef6967ad27503c6ac6aabcef1aff\System.Runtime.Remoting.ni.dll
2009-02-22 21:10 - 2008-12-22 12:32 - 00054784 _____ () C:\Windows\System32\bcmwlrmt.dll
2013-08-29 14:56 - 2013-08-29 14:56 - 11820032 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\59eba2680c01c33b2b3f5385979e32c6\System.Web.ni.dll
2009-02-22 21:16 - 2008-05-08 01:19 - 00204800 _____ (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
2009-02-22 21:16 - 2008-05-08 01:38 - 00077824 _____ (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAMon_DEU.dll
2009-02-22 21:20 - 2006-10-03 21:06 - 00290816 ____N (Creative Technology Ltd) C:\Program Files\Dell Webcam\Dell Webcam Central\CTAudEp.dll
2009-02-22 21:20 - 2006-12-15 05:45 - 00981760 ____N (Microsoft Corporation) C:\Program Files\Dell Webcam\Dell Webcam Central\MFC42u.DLL
2009-02-22 21:20 - 2008-03-04 00:41 - 00315392 ____N (Creative Technology Ltd.) C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.crl
2009-02-22 21:20 - 2007-06-21 00:31 - 00348160 ____N (Creative Technology Ltd) C:\Program Files\Dell Webcam\Dell Webcam Central\HookWndU.DLL
2009-02-22 21:20 - 2008-05-12 17:03 - 00061440 ____N (Creative Technology Ltd.) C:\Program Files\Dell Webcam\Dell Webcam Central\CtPinMgr.dll
2008-01-21 04:24 - 2008-01-21 04:24 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2009-02-22 21:20 - 2008-05-06 18:27 - 00053248 ____N (Creative Technology Ltd.) C:\Program Files\Dell Webcam\Dell Webcam Central\CTPControl.dll
2009-02-22 21:20 - 2008-03-31 20:47 - 00016384 ____N (Creative Technology Ltd.) C:\Program Files\Dell Webcam\Dell Webcam Central\CTPControl.crl
2006-11-02 10:55 - 2006-11-02 11:44 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\vidcap.ax
2009-10-25 20:59 - 2009-04-11 08:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\kswdmcap.ax
2009-02-22 21:20 - 2000-02-12 00:58 - 00995383 ____N (Microsoft Corporation) C:\Program Files\Dell Webcam\Dell Webcam Central\MFC42.dll
2009-02-22 21:36 - 2008-05-23 22:06 - 01060864 ____N (Microsoft Corporation) C:\Program Files\CyberLink\PowerDVD DX\MFC71.DLL
2009-02-22 21:36 - 2008-05-23 22:06 - 00348160 ____N (Microsoft Corporation) C:\Program Files\CyberLink\PowerDVD DX\MSVCR71.dll
2009-02-22 21:36 - 2008-05-23 22:06 - 00499712 ____N (Microsoft Corporation) C:\Program Files\CyberLink\PowerDVD DX\MSVCP71.dll
2009-02-22 21:36 - 2008-05-23 22:06 - 00069632 _____ (CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll
2008-10-24 14:46 - 2008-10-24 14:46 - 00073728 _____ (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtmessage.dll
2008-10-04 21:58 - 2008-10-04 21:58 - 00881952 _____ (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsched.dll
2008-10-04 21:58 - 2008-10-04 21:58 - 00382240 _____ (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtevent.dll
2008-10-04 21:58 - 2008-10-04 21:58 - 00398624 _____ (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtfod.dll
2008-10-04 21:58 - 2008-10-04 21:58 - 01069056 _____ (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\LIBEAY32.dll
2009-06-03 14:46 - 2009-06-03 14:46 - 00881960 _____ (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsync.dll
2009-06-03 14:46 - 2009-06-03 14:46 - 00386344 _____ (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtui.dll
2008-10-24 14:46 - 2008-10-24 14:46 - 00036864 _____ (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.SupportMessage.dll
2006-11-02 10:40 - 2006-11-02 11:46 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\qmgrprxy.dll
2008-10-24 14:46 - 2008-10-24 14:46 - 00020480 _____ (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.dll
2013-08-29 14:56 - 2013-08-29 14:56 - 05462016 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\1735bd4880a5818d3b50e1645e751ee7\System.Xml.ni.dll
2009-02-22 14:46 - 2008-12-15 06:13 - 02916352 _____ (IDT, Inc.) C:\Program Files\IDT\WDM\STLang.dll
2009-02-22 22:38 - 2008-12-15 06:13 - 00429056 _____ (IDT, Inc.) C:\Windows\system32\stapi32.dll
2008-01-21 04:25 - 2008-01-21 04:25 - 00195072 _____ (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnssci.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 00291328 _____ (SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\LcMgr.dll
2011-04-14 09:16 - 2011-04-14 09:16 - 00136704 _____ (SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\ScanEngine30.dll
2011-04-14 09:25 - 2011-04-14 09:25 - 00055808 _____ (SEIKO EPSON CORP.) C:\Program Files\EPSON Software\Event Manager\ScnMgr10.dll
2011-04-14 09:25 - 2011-04-14 09:25 - 00206336 _____ (SEIKO EPSON CORP.) C:\Program Files\EPSON Software\Event Manager\ScnCom10.dll
2011-04-14 09:25 - 2011-04-14 09:25 - 00082944 _____ (SEIKO EPSON CORP.) C:\Program Files\EPSON Software\Event Manager\ScnEps25.dll
2011-11-25 17:47 - 2011-11-25 17:47 - 00110080 _____ (SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\epnsm.dll
2005-01-13 10:47 - 2005-01-13 10:47 - 00049152 _____ (SEIKO EPSON CORP.) C:\Program Files\EPSON Software\Event Manager\ESPSUTL.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00038032 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswUtil.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00943408 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\ashBase.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00051952 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00116848 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00206440 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00380528 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00156512 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\ashTask.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00682824 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswAux.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00073064 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\avastIP.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00260536 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswProperty.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00149272 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\AavmRpch.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00226552 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswLog.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00476800 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswSqLt.dll
2013-09-02 15:53 - 2013-05-09 10:58 - 00065848 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\1031\Base.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 02105248 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswAra.dll
2013-09-02 15:52 - 2013-04-02 15:14 - 00265216 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Program Files\AVAST Software\Avast\SSLEAY32.dll
2013-09-02 15:52 - 2013-04-02 15:14 - 01169408 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Program Files\AVAST Software\Avast\LIBEAY32.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00206976 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswData.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00062752 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00902720 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\Aavm4h.dll
2013-09-02 15:53 - 2013-05-09 10:58 - 00277528 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\1031\UILangRes.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 06449776 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\CommonRes.dll
2013-09-02 16:07 - 2013-08-19 15:26 - 00042688 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\defs\13090200\uiExt.dll
2010-04-15 20:14 - 2010-01-21 17:05 - 00062464 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2013-08-19 13:53 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00134888 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
2013-07-10 20:01 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\D3D10Warp.dll
2013-07-10 20:01 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-10 20:01 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2008-01-21 04:24 - 2008-01-21 04:24 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\D3DIM700.DLL
2006-11-02 14:35 - 2006-11-02 14:35 - 00116736 _____ (Microsoft Corporation) C:\Windows\eHome\ehProxy.dll
2013-08-29 17:47 - 2011-04-14 01:00 - 00105472 _____ (SEIKO EPSON Corporation) C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FAUDILE.DLL
2013-08-29 17:47 - 2012-07-02 05:00 - 00178688 _____ (SEIKO EPSON Corporation) C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FMAIILE.DLL
2013-08-29 17:48 - 2012-07-23 06:00 - 01526784 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FUICILE.DLL
2009-10-25 20:58 - 2009-04-11 08:28 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2008-06-06 02:44 - 2008-06-06 02:44 - 00397312 _____ (Broadcom Corporation.) C:\Windows\system32\btwhidcs.DLL
2006-11-02 10:57 - 2006-11-02 11:44 - 00418816 _____ (Microsoft Corporation) C:\Windows\system32\irprops.cpl
2008-06-06 02:32 - 2008-06-12 07:59 - 00102400 _____ (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll
2008-06-06 02:11 - 2008-06-06 02:11 - 05369856 _____ (Broadcom Corporation.) C:\Windows\system32\btrez.dll
2009-02-22 22:39 - 2008-09-04 07:29 - 00100546 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\VXDIF.DLL
2009-02-22 22:39 - 2008-09-04 07:29 - 01531904 _____ (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.DLL
2008-06-06 02:31 - 2008-06-06 02:31 - 00180224 _____ (Broadcom Corporation.) C:\Windows\system32\BtAudioHelper.dll
2008-06-06 02:36 - 2008-06-06 02:36 - 00356352 _____ (Broadcom Corporation.) C:\Windows\system32\btosif_ol.dll
2008-06-06 02:36 - 2008-06-06 02:36 - 00274432 _____ (Broadcom Corporation.) C:\Windows\system32\btosif_olx.dll
2006-11-02 11:11 - 2006-11-02 11:46 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\MAPI32.dll
2008-06-06 02:35 - 2008-06-06 02:35 - 00335872 _____ (Broadcom Corporation.) C:\Windows\system32\btosif_notes.dll
2013-08-15 11:38 - 2013-07-25 02:48 - 45966800 _____ (Google Inc.) C:\Users\Juls\AppData\Local\Google\Chrome\Application\28.0.1500.95\chrome.dll
2013-08-15 11:38 - 2013-07-25 02:48 - 09962960 _____ (The ICU Project) C:\Users\Juls\AppData\Local\Google\Chrome\Application\28.0.1500.95\icudt.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00380528 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\aswCmnBS.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00116848 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\aswCmnOS.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00206440 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\aswCmnIS.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00902720 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\Aavm4h.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00149272 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\AavmRpch.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00943408 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\ashBase.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00051952 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\aswEngLdr.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00156512 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\ashTask.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00682824 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\aswAux.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00260536 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\aswProperty.dll
2013-09-02 15:52 - 2013-05-09 10:58 - 00073064 _____ (AVAST Software) C:\PROGRA~1\AVASTS~1\Avast\avastIP.dll
2013-08-15 11:38 - 2013-07-25 01:20 - 00081768 _____ (Microsoft Corporation) C:\Users\Juls\AppData\Local\Google\Chrome\Application\28.0.1500.95\xinput1_3.dll
2013-08-15 11:38 - 2013-07-25 02:49 - 04052944 _____ () C:\Users\Juls\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll
2013-08-15 11:38 - 2013-07-25 02:49 - 00396240 _____ () C:\Users\Juls\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
2013-08-15 11:38 - 2013-07-25 02:48 - 02082768 _____ (Google Inc.) C:\Users\Juls\AppData\Local\Google\Chrome\Application\28.0.1500.95\libpeerconnection.dll
2013-08-15 11:38 - 2013-07-25 02:48 - 01597392 _____ () C:\Users\Juls\AppData\Local\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
2013-08-15 11:38 - 2013-07-25 02:49 - 13599184 _____ () C:\Users\Juls\AppData\Local\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\ProgramData\TEMP:0888F409

==================== Faulty Device Manager Devices =============

Name: isatap.{93AE4A6F-4952-4FDE-8E5B-573F1D715EE2}
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{93AE4A6F-4952-4FDE-8E5B-573F1D715EE2}
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{93AE4A6F-4952-4FDE-8E5B-573F1D715EE2}
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/02/2013 09:36:09 PM) (Source: MsiInstaller) (User: Juls-PC)
Description: Producto: VAFPlayer -- Error 1001. Error 1001. Exception occurred while initializing the installation:
System.IO.FileNotFoundException: Could not load file or assembly 'file:///C:\Program Files\Tuguu SL\VAFPlayer\VAFPlayer.exe' or one of its dependencies. Das System kann die angegebene Datei nicht finden..(NULL)(NULL)(NULL)(NULL)

Error: (09/02/2013 09:17:30 PM) (Source: MsiInstaller) (User: Juls-PC)
Description: Producto: VAFPlayer -- Error 1001. Error 1001. Exception occurred while initializing the installation:
System.IO.FileNotFoundException: Could not load file or assembly 'file:///C:\Program Files\Tuguu SL\VAFPlayer\VAFPlayer.exe' or one of its dependencies. Das System kann die angegebene Datei nicht finden..(NULL)(NULL)(NULL)(NULL)

Error: (09/02/2013 09:16:09 PM) (Source: MsiInstaller) (User: Juls-PC)
Description: Producto: VAFPlayer -- Error 1001. Error 1001. Exception occurred while initializing the installation:
System.IO.FileNotFoundException: Could not load file or assembly 'file:///C:\Program Files\Tuguu SL\VAFPlayer\VAFPlayer.exe' or one of its dependencies. Das System kann die angegebene Datei nicht finden..(NULL)(NULL)(NULL)(NULL)

Error: (09/02/2013 09:00:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2013 08:53:07 PM) (Source: MsiInstaller) (User: Juls-PC)
Description: Producto: VAFPlayer -- Error 1001. Error 1001. Exception occurred while initializing the installation:
System.IO.FileNotFoundException: Could not load file or assembly 'file:///C:\Program Files\Tuguu SL\VAFPlayer\VAFPlayer.exe' or one of its dependencies. Das System kann die angegebene Datei nicht finden..(NULL)(NULL)(NULL)(NULL)

Error: (09/02/2013 08:48:17 PM) (Source: MsiInstaller) (User: Juls-PC)
Description: Producto: VAFPlayer -- Error 1001. Error 1001. Exception occurred while initializing the installation:
System.IO.FileNotFoundException: Could not load file or assembly 'file:///C:\Program Files\Tuguu SL\VAFPlayer\VAFPlayer.exe' or one of its dependencies. Das System kann die angegebene Datei nicht finden..(NULL)(NULL)(NULL)(NULL)

Error: (09/02/2013 08:32:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2013 08:17:53 PM) (Source: MsiInstaller) (User: Juls-PC)
Description: Producto: VAFPlayer -- Error 1001. Error 1001. Exception occurred while initializing the installation:
System.IO.FileNotFoundException: Could not load file or assembly 'file:///C:\Program Files\Tuguu SL\VAFPlayer\VAFPlayer.exe' or one of its dependencies. Das System kann die angegebene Datei nicht finden..(NULL)(NULL)(NULL)(NULL)

Error: (09/02/2013 08:08:13 PM) (Source: MsiInstaller) (User: Juls-PC)
Description: Producto: VAFPlayer -- Error 1001. Error 1001. Exception occurred while initializing the installation:
System.IO.FileNotFoundException: Could not load file or assembly 'file:///C:\Program Files\Tuguu SL\VAFPlayer\VAFPlayer.exe' or one of its dependencies. Das System kann die angegebene Datei nicht finden..(NULL)(NULL)(NULL)(NULL)

Error: (09/02/2013 08:02:58 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\JULS\APPDATA\ROAMING\SYSTWEAK\ADVANCED SYSTEM PROTECTOR\SETTINGS.DB-JOURNAL> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)


System errors:
=============
Error: (09/02/2013 09:00:53 PM) (Source: Service Control Manager) (User: )
Description: Wsys Service

Error: (09/02/2013 09:00:53 PM) (Source: Service Control Manager) (User: )
Description: Intel(R) PRO/1000 NDIS 6 Adapter Driver%%1058

Error: (09/02/2013 09:00:53 PM) (Source: Service Control Manager) (User: )
Description: Intel(R) PRO/1000 PCI Express-Netzwerkverbindungstreiber%%1058

Error: (09/02/2013 09:00:53 PM) (Source: Service Control Manager) (User: )
Description: Bluetooth-Gerät (PAN)%%1058

Error: (09/02/2013 08:32:07 PM) (Source: Service Control Manager) (User: )
Description: Wsys Service

Error: (09/02/2013 08:32:07 PM) (Source: Service Control Manager) (User: )
Description: Intel(R) PRO/1000 NDIS 6 Adapter Driver%%1058

Error: (09/02/2013 08:32:07 PM) (Source: Service Control Manager) (User: )
Description: Intel(R) PRO/1000 PCI Express-Netzwerkverbindungstreiber%%1058

Error: (09/02/2013 08:32:07 PM) (Source: Service Control Manager) (User: )
Description: Bluetooth-Gerät (PAN)%%1058

Error: (09/02/2013 08:20:02 PM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (09/02/2013 08:17:56 PM) (Source: Service Control Manager) (User: )
Description: Update SaltarSmart150001Neustart des Diensts


Microsoft Office Sessions:
=========================
Error: (09/02/2013 09:36:09 PM) (Source: MsiInstaller)(User: Juls-PC)
Description: Producto: VAFPlayer -- Error 1001. Error 1001. Exception occurred while initializing the installation:
System.IO.FileNotFoundException: Could not load file or assembly 'file:///C:\Program Files\Tuguu SL\VAFPlayer\VAFPlayer.exe' or one of its dependencies. Das System kann die angegebene Datei nicht finden..(NULL)(NULL)(NULL)(NULL)

Error: (09/02/2013 09:17:30 PM) (Source: MsiInstaller)(User: Juls-PC)
Description: Producto: VAFPlayer -- Error 1001. Error 1001. Exception occurred while initializing the installation:
System.IO.FileNotFoundException: Could not load file or assembly 'file:///C:\Program Files\Tuguu SL\VAFPlayer\VAFPlayer.exe' or one of its dependencies. Das System kann die angegebene Datei nicht finden..(NULL)(NULL)(NULL)(NULL)

Error: (09/02/2013 09:16:09 PM) (Source: MsiInstaller)(User: Juls-PC)
Description: Producto: VAFPlayer -- Error 1001. Error 1001. Exception occurred while initializing the installation:
System.IO.FileNotFoundException: Could not load file or assembly 'file:///C:\Program Files\Tuguu SL\VAFPlayer\VAFPlayer.exe' or one of its dependencies. Das System kann die angegebene Datei nicht finden..(NULL)(NULL)(NULL)(NULL)

Error: (09/02/2013 09:00:53 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2013 08:53:07 PM) (Source: MsiInstaller)(User: Juls-PC)
Description: Producto: VAFPlayer -- Error 1001. Error 1001. Exception occurred while initializing the installation:
System.IO.FileNotFoundException: Could not load file or assembly 'file:///C:\Program Files\Tuguu SL\VAFPlayer\VAFPlayer.exe' or one of its dependencies. Das System kann die angegebene Datei nicht finden..(NULL)(NULL)(NULL)(NULL)

Error: (09/02/2013 08:48:17 PM) (Source: MsiInstaller)(User: Juls-PC)
Description: Producto: VAFPlayer -- Error 1001. Error 1001. Exception occurred while initializing the installation:
System.IO.FileNotFoundException: Could not load file or assembly 'file:///C:\Program Files\Tuguu SL\VAFPlayer\VAFPlayer.exe' or one of its dependencies. Das System kann die angegebene Datei nicht finden..(NULL)(NULL)(NULL)(NULL)

Error: (09/02/2013 08:32:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2013 08:17:53 PM) (Source: MsiInstaller)(User: Juls-PC)
Description: Producto: VAFPlayer -- Error 1001. Error 1001. Exception occurred while initializing the installation:
System.IO.FileNotFoundException: Could not load file or assembly 'file:///C:\Program Files\Tuguu SL\VAFPlayer\VAFPlayer.exe' or one of its dependencies. Das System kann die angegebene Datei nicht finden..(NULL)(NULL)(NULL)(NULL)

Error: (09/02/2013 08:08:13 PM) (Source: MsiInstaller)(User: Juls-PC)
Description: Producto: VAFPlayer -- Error 1001. Error 1001. Exception occurred while initializing the installation:
System.IO.FileNotFoundException: Could not load file or assembly 'file:///C:\Program Files\Tuguu SL\VAFPlayer\VAFPlayer.exe' or one of its dependencies. Das System kann die angegebene Datei nicht finden..(NULL)(NULL)(NULL)(NULL)

Error: (09/02/2013 08:02:58 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\JULS\APPDATA\ROAMING\SYSTWEAK\ADVANCED SYSTEM PROTECTOR\SETTINGS.DB-JOURNAL


CodeIntegrity Errors:
===================================
  Date: 2011-07-28 19:39:32.878
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\igdumdx32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-07-28 19:39:32.257
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\igdumdx32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-05-23 18:04:23.830
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\igdumdx32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-05-23 18:04:23.526
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\igdumdx32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-11-15 18:59:39.018
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-11-15 18:59:38.784
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-11-15 18:59:38.316
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-11-15 18:59:38.082
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-09-08 21:04:00.688
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-09-08 21:04:00.376
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 66%
Total physical RAM: 2009.63 MB
Available physical RAM: 666.68 MB
Total Pagefile: 4258.52 MB
Available Pagefile: 2601.35 MB
Total Virtual: 2047.88 MB
Available Virtual: 1897.61 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:134.36 GB) (Free:75.71 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:8.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149 GB) (Disk ID: 98B37E08)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=134 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Alt 04.09.2013, 13:05   #10
schrauber
/// the machine
/// TB-Ausbilder
 
VAF Player lässt sich nicht deinstallieren! - Standard

VAF Player lässt sich nicht deinstallieren!


Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.09.2013, 12:44   #11
Ju_Vo
 
VAF Player lässt sich nicht deinstallieren! - Standard

VAF Player lässt sich nicht deinstallieren!


Combofix Logfile:
Code:
ATTFilter
ComboFix 13-09-04.04 - Juls 05.09.2013  11:45:02.2.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.2010.670 [GMT 2:00]
ausgeführt von:: c:\users\Juls\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\337
c:\program files\Common Files\337\libcef\1.1364.1123\icudt.dll
c:\program files\Common Files\337\libcef\1.1364.1123\libcef.dll
c:\program files\Common Files\337\libcef\1.1364.1123\locales\en-US.pak
c:\users\Juls\AppData\Local\lollipop
c:\users\Juls\AppData\Local\lollipop\lollipop.bat
c:\users\Juls\AppData\Local\lollipop\Lollipop.exe
c:\users\Juls\AppData\Local\Microsoft\Windows\Temporary Internet Files\1822d32e-a0f3-4b71-abdf-8daf82a476b8.jpg
c:\users\Public\AlexaNSISPlugin.5360.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WsysSvc
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-08-05 bis 2013-09-05  ))))))))))))))))))))))))))))))
.
.
2013-09-04 08:27 . 2013-08-06 07:28	7166848	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{7D121615-ED5F-401D-889A-5B7273F67882}\mpengine.dll
2013-09-02 19:48 . 2013-09-02 19:48	--------	d-----w-	C:\FRST
2013-09-02 19:33 . 2013-09-02 19:33	--------	d-----w-	c:\users\Juls\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-09-02 15:54 . 2013-09-02 15:54	--------	d-----w-	c:\windows\system32\searchplugins
2013-09-02 15:54 . 2013-09-02 15:54	--------	d-----w-	c:\windows\system32\Extensions
2013-09-02 14:04 . 2013-09-02 14:04	--------	d-----w-	c:\users\Juls\AppData\Roaming\player
2013-09-02 14:04 . 2013-09-02 14:04	--------	d-----w-	c:\program files\Tuguu SL
2013-09-02 13:56 . 2013-05-09 08:59	29816	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2013-09-02 13:56 . 2013-09-02 13:57	369584	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-09-02 13:56 . 2013-05-09 08:59	49760	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2013-09-02 13:56 . 2013-05-09 08:59	56080	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2013-09-02 13:56 . 2013-09-02 13:57	770344	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-09-02 13:56 . 2013-09-02 13:57	175176	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-09-02 13:56 . 2013-05-09 08:59	49376	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2013-09-02 13:56 . 2013-05-09 08:59	66336	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2013-09-02 13:56 . 2013-05-09 08:58	229648	----a-w-	c:\windows\system32\aswBoot.exe
2013-09-02 13:53 . 2013-05-09 08:58	41664	----a-w-	c:\windows\avastSS.scr
2013-09-02 13:51 . 2013-09-02 13:51	--------	d-----w-	c:\program files\AVAST Software
2013-09-02 13:49 . 2013-09-02 13:51	--------	d-----w-	c:\programdata\AVAST Software
2013-09-02 13:47 . 2013-09-02 13:47	--------	d-sh--w-	c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-09-02 13:41 . 2013-09-02 13:41	--------	d-----w-	c:\users\Juls\AppData\Local\Amazon Browser Bar
2013-09-02 13:38 . 2013-09-02 13:38	--------	d-----w-	c:\program files\Amazon
2013-09-02 13:27 . 2013-09-02 18:14	--------	d-----w-	c:\program files\MyPC Backup
2013-09-02 13:27 . 2013-09-02 13:41	--------	d-----w-	c:\program files\Amazon Browser Bar
2013-09-02 13:24 . 2013-09-02 18:48	--------	d-----w-	c:\users\Juls\AppData\Roaming\Systweak
2013-09-02 13:24 . 2013-08-22 16:36	18776	----a-w-	c:\windows\system32\roboot.exe
2013-09-02 13:01 . 2013-09-02 13:54	--------	d-----w-	c:\program files\Omiga Plus
2013-09-02 13:01 . 2013-09-05 11:34	--------	d-----w-	c:\program files\WinZipper
2013-09-02 13:01 . 2013-09-03 19:26	--------	d-----w-	c:\users\Juls\AppData\Roaming\WinZipper
2013-09-02 12:58 . 2013-09-02 12:58	--------	d-----w-	c:\program files\Microsoft.NET
2013-09-02 12:48 . 2013-09-02 13:01	--------	d-----w-	c:\program files\Desk 365
2013-09-02 12:48 . 2013-09-02 12:55	--------	d-----w-	c:\users\Juls\AppData\Roaming\Desk 365
2013-09-02 12:48 . 2013-09-05 08:45	--------	d-----w-	c:\programdata\eSafe
2013-09-02 12:47 . 2013-09-02 18:12	--------	d-----w-	c:\program files\SaltarSmart
2013-08-29 15:53 . 2013-08-29 15:53	--------	d-----w-	c:\program files\EpsonNet
2013-08-29 15:53 . 2012-11-12 18:41	458310	----a-w-	c:\windows\system32\ensppui.dll
2013-08-29 15:53 . 2012-11-12 18:41	458310	----a-w-	c:\windows\system32\enppui.dll
2013-08-29 15:53 . 2012-11-12 13:15	476027	----a-w-	c:\windows\system32\ensppmon.dll
2013-08-29 15:53 . 2012-11-12 13:15	476027	----a-w-	c:\windows\system32\enppmon.dll
2013-08-29 15:53 . 2012-10-22 15:19	218112	----a-w-	c:\windows\system32\enspres.dll
2013-08-29 15:53 . 2012-10-22 15:19	218112	----a-w-	c:\windows\system32\enpres.dll
2013-08-29 15:48 . 2007-04-09 23:06	8192	----a-w-	c:\windows\system32\E_DCINST.DLL
2013-08-29 15:47 . 2011-03-15 01:03	81408	----a-w-	c:\windows\system32\E_FD4BILE.DLL
2013-08-29 15:44 . 2012-07-23 22:00	342016	----a-w-	c:\windows\system32\esw2ud.dll
2013-08-29 15:44 . 2011-12-11 22:00	122000	----a-w-	c:\windows\system32\escsvc.exe
2013-08-29 12:09 . 2013-09-02 16:23	--------	d-----w-	c:\program files\LyricsSeeker
2013-08-28 14:07 . 2013-08-28 14:07	--------	d-----w-	c:\program files\HTC
2013-08-28 14:05 . 2013-08-28 14:05	--------	d-----w-	c:\users\Juls\AppData\Local\Downloaded Installations
2013-08-28 14:01 . 2009-06-10 07:49	24576	----a-w-	c:\windows\system32\drivers\ANDROIDUSB.sys
2013-08-28 14:01 . 2009-06-09 05:41	1122664	----a-w-	c:\windows\system32\WdfCoInstaller01007.dll
2013-08-28 14:01 . 2013-08-28 14:01	--------	d-----w-	c:\programdata\HTC
2013-08-28 14:01 . 2013-08-28 14:09	--------	d-----w-	C:\Temp
2013-08-28 11:46 . 2013-08-02 04:09	1548288	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-08-25 14:18 . 2013-08-25 14:18	--------	d-----w-	c:\users\Juls\AppData\Local\avgchrome
2013-08-25 14:09 . 2013-08-25 14:09	--------	d-----w-	c:\users\Juls\AppData\Roaming\DSite
2013-08-25 14:09 . 2013-08-25 14:09	--------	d-----w-	c:\program files\Image Converter
2013-08-25 14:09 . 2013-08-25 14:09	--------	d-----w-	c:\programdata\Babylon
2013-08-25 14:09 . 2013-08-25 14:09	--------	d-----w-	c:\users\Juls\AppData\Roaming\Babylon
2013-08-25 13:34 . 2013-08-25 13:34	--------	d-----w-	c:\users\Juls\.thumbnails
2013-08-25 13:30 . 2013-08-25 13:34	--------	d-----w-	c:\users\Juls\.gimp-2.8
2013-08-25 13:29 . 2013-08-25 13:29	--------	d-----w-	c:\users\Juls\AppData\Local\gegl-0.2
2013-08-19 11:59 . 2013-08-19 12:02	--------	d-----w-	c:\windows\system32\MRT
2013-08-15 09:53 . 2013-06-15 13:22	15872	----a-w-	c:\windows\system32\icaapi.dll
2013-08-15 09:53 . 2013-06-15 11:23	24064	----a-w-	c:\windows\system32\drivers\tssecsrv.sys
2013-08-15 09:53 . 2013-07-05 04:53	905664	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-08-15 09:52 . 2013-07-17 19:41	2048	----a-w-	c:\windows\system32\tzres.dll
2013-08-15 09:52 . 2013-07-10 09:47	783360	----a-w-	c:\windows\system32\rpcrt4.dll
2013-08-15 09:52 . 2013-07-08 04:55	3551680	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-08-15 09:52 . 2013-07-09 12:10	1205168	----a-w-	c:\windows\system32\ntdll.dll
2013-08-15 09:52 . 2013-07-08 04:55	3603904	----a-w-	c:\windows\system32\ntkrnlpa.exe
2013-08-15 09:47 . 2013-07-08 04:20	172544	----a-w-	c:\windows\system32\wintrust.dll
2013-08-15 09:47 . 2013-07-08 04:16	98304	----a-w-	c:\windows\system32\cryptnet.dll
2013-08-15 09:47 . 2013-07-08 04:16	133120	----a-w-	c:\windows\system32\cryptsvc.dll
2013-08-15 09:47 . 2013-07-08 04:16	992768	----a-w-	c:\windows\system32\crypt32.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-25 12:04 . 2013-03-30 14:09	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-25 12:04 . 2013-03-30 14:09	692104	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2011-04-14 12:01 . 2011-09-13 16:20	24376	----a-w-	c:\program files\mozilla firefox\components\Scriptff.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58	121968	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE" [2012-02-29 249440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-09-04 200704]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-12-09 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-12-09 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-09 154136]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-12-22 3810304]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-05-07 178712]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-06-03 446635]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-06-03 206064]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-12-15 483420]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2011-10-31 1058400]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-6-6 752168]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE -b -l [2000-1-21 65588]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun [2008-9-24 1295656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-02-22 19:32	10536	----a-w-	c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe [2008-12-15 81920]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs	REG_MULTI_SZ   	BthServ
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2013-09-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-30 12:04]
.
2013-09-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343180365-3658905709-1398490034-1000Core.job
- c:\users\Juls\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-13 17:47]
.
2013-09-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343180365-3658905709-1398490034-1000UA.job
- c:\users\Juls\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-13 17:47]
.
2013-09-05 c:\windows\Tasks\Lyrics Seeker Update.job
- c:\program files\LyricsSeeker\Lupdate.exe [2013-08-29 05:41]
.
2012-12-10 c:\windows\Tasks\Norton Security Scan for Juls.job
- c:\progra~1\NORTON~2\Engine\351~1.10\Nss.exe [2012-01-06 07:02]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_6603f871e4f84b0d9376258dc35ca0bf_39_1006_20130902_DE_ie_sp_
mStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=ST9160310AS_5SV3ZT31XXXX5SV3ZT31&ts=1378150426
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - (no file)
WebBrowser-{69B6939F-C70D-45C5-9BBD-E2E2CC3DD8E5} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-PhotoScape - c:\users\Juls\Desktop\PhotoScape\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-09-05 13:35
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(2876)
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe
c:\program files\Dell\DellDock\DockLogin.exe
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\WinZipper\winzipersvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\EscSvc.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Amazon Browser Bar\ToolbarUpdaterService.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\system32\conime.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\ehmsas.exe
c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-09-05  13:40:25 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-09-05 11:40
.
Vor Suchlauf: 18 Verzeichnis(se), 82.961.973.248 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 83.299.643.392 Bytes frei
.
- - End Of File - - ED4AD40F01D36B0A522B5143856E4D0C
--- --- ---
CDB4DE4BBD714F152979DA2DCBEF57EB

Alt 05.09.2013, 13:50   #12
schrauber
/// the machine
/// TB-Ausbilder
 
VAF Player lässt sich nicht deinstallieren! - Standard

VAF Player lässt sich nicht deinstallieren!


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.09.2013, 21:33   #13
Ju_Vo
 
VAF Player lässt sich nicht deinstallieren! - Standard

VAF Player lässt sich nicht deinstallieren!


Malwarebytes Anti-Malware (Test) 1.75.0.1300
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2013.09.05.06

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Juls :: JULS-PC [Administrator]

Schutz: Aktiviert

05.09.2013 17:45:15
mbam-log-2013-09-05 (17-45-15).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 219010
Laufzeit: 9 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 2
C:\Program Files\Tuguu SL\VAFPlayer (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Tuguu SL\VAFPlayer\languages (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Vorher waren es aber viel mehr infizierte dateien... musst zwischendurch neustarten, weil es keine rückmeldung mehr zeigte...

2013/09/05 15:48:36 +0200 JULS-PC Juls MESSAGE Starting protection
2013/09/05 15:48:36 +0200 JULS-PC Juls MESSAGE Protection started successfully
2013/09/05 15:48:36 +0200 JULS-PC Juls MESSAGE Starting IP protection
2013/09/05 15:48:56 +0200 JULS-PC Juls MESSAGE IP Protection started successfully
2013/09/05 15:48:58 +0200 JULS-PC Juls MESSAGE Starting database refresh
2013/09/05 15:48:58 +0200 JULS-PC Juls MESSAGE Stopping IP protection
2013/09/05 15:48:59 +0200 JULS-PC Juls MESSAGE IP Protection stopped successfully
2013/09/05 15:49:03 +0200 JULS-PC Juls MESSAGE Database refreshed successfully
2013/09/05 15:49:03 +0200 JULS-PC Juls MESSAGE Starting IP protection
2013/09/05 15:49:10 +0200 JULS-PC Juls MESSAGE IP Protection started successfully
2013/09/05 15:58:46 +0200 JULS-PC Juls MESSAGE Executing scheduled update: Daily
2013/09/05 15:59:01 +0200 JULS-PC Juls MESSAGE Scheduled update executed successfully: database updated from version v2013.09.05.05 to version v2013.09.05.06
2013/09/05 15:59:01 +0200 JULS-PC Juls MESSAGE Starting database refresh
2013/09/05 15:59:01 +0200 JULS-PC Juls MESSAGE Stopping IP protection
2013/09/05 15:59:01 +0200 JULS-PC Juls MESSAGE IP Protection stopped successfully
2013/09/05 15:59:29 +0200 JULS-PC Juls MESSAGE Database refreshed successfully
2013/09/05 15:59:29 +0200 JULS-PC Juls MESSAGE Starting IP protection
2013/09/05 15:59:35 +0200 JULS-PC Juls MESSAGE IP Protection started successfully
2013/09/05 17:41:18 +0200 JULS-PC Juls MESSAGE Starting protection
2013/09/05 17:41:18 +0200 JULS-PC Juls MESSAGE Protection started successfully
2013/09/05 17:41:18 +0200 JULS-PC Juls MESSAGE Starting IP protection
2013/09/05 17:41:24 +0200 JULS-PC Juls MESSAGE IP Protection started successfully

So, nach einem komplettneustart und zwei programmneustarts hat es endlich funktioniert....

Code:
ATTFilter
# AdwCleaner v3.002 - Bericht erstellt am 05/09/2013 um 21:33:48
# Updated 01/09/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : Juls - JULS-PC
# Gestartet von : C:\Users\Juls\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Juls\AppData\Roaming\Desk 365
Ordner Gelöscht : C:\Users\Juls\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Juls\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Juls\AppData\Roaming\WinZipper
Ordner Gelöscht : C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default\Conduit
Ordner Gelöscht : C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default\ConduitEngine
Ordner Gelöscht : C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default\CT2096149
Ordner Gelöscht : C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default\Extensions\engine@conduit.com
Ordner Gelöscht : C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default\Extensions\{69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5}
Datei Gelöscht : C:\Program Files\Mozilla Firefox\Components\AskSearch.js
Datei Gelöscht : C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default\user.js
Datei Gelöscht : C:\Windows\Tasks\Lyrics Seeker Update.job
Datei Gelöscht : C:\Windows\System32\Tasks\Lyrics Seeker Update
Datei Gelöscht : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Juls\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Juls\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Juls\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Juls\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Juls\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Juls\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Juls\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (3).lnk

***** [ Registrierungsdatenbank ] *****

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lyrics Seeker Update
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BB88315-ABF4-41AF-9BBE-AF5EB810AA7B}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9BB88315-ABF4-41AF-9BBE-AF5EB810AA7B}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Omiga Plus RunAsStdUser
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D13D85A-2615-45E4-9C76-CAD3172B0952}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D13D85A-2615-45E4-9C76-CAD3172B0952}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\5d28bdcbc69b844
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2096149
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2431245
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\distromatic
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\lyrixeeker
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Toolbar
Schlüssel Gelöscht : HKLM\Software\Amazon Browser Bar
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\Desksvc
Schlüssel Gelöscht : HKLM\Software\eSafeSecControl
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\Software\omigaplusSvc
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\V9
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Browser Bar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Amazon Browser Bar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\lyrix@lyrixeeker.co
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WSysControl
Produkt Gelöscht : VAFPlayer

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16502

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v

[ Datei : C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default\prefs.js ]

Zeile gelöscht : user_pref("CT2096149..clientLogIsEnabled", true);
Zeile gelöscht : user_pref("CT2096149..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Zeile gelöscht : user_pref("CT2096149..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Zeile gelöscht : user_pref("CT2096149.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Zeile gelöscht : user_pref("CT2096149.CTID", "CT2096149");
Zeile gelöscht : user_pref("CT2096149.CurrentServerDate", "24-5-2011");
Zeile gelöscht : user_pref("CT2096149.DialogsAlignMode", "LTR");
Zeile gelöscht : user_pref("CT2096149.DialogsGetterLastCheckTime", "Tue May 24 2011 17:36:44 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.DownloadReferralCookieData", "");
Zeile gelöscht : user_pref("CT2096149.EMailNotifierPollDate", "Tue May 24 2011 17:36:27 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.ExternalComponentPollDate128980152497863240", "Tue May 24 2011 17:36:24 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.ExternalComponentPollDate129010431852969472", "Tue May 24 2011 17:36:26 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.ExternalComponentPollDate129241041042904211", "Tue May 24 2011 17:36:24 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedLastCount128731247637625063", 400);
Zeile gelöscht : user_pref("CT2096149.FeedLastCount129318631772025035", 254);
Zeile gelöscht : user_pref("CT2096149.FeedPollDate128731245136062514", "Tue May 24 2011 17:36:36 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate128731245316218848", "Tue May 24 2011 17:36:36 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate128731246282468810", "Tue May 24 2011 17:36:36 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate128731246553406402", "Tue May 24 2011 17:36:36 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate128731246684343903", "Tue May 24 2011 17:36:36 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate128731246876375154", "Tue May 24 2011 17:36:37 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate128731247027625394", "Tue May 24 2011 17:36:37 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate128731247188094432", "Tue May 24 2011 17:36:37 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate128731247334657027", "Tue May 24 2011 17:36:37 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate128731247470125937", "Tue May 24 2011 17:36:37 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate128731247603093789", "Tue May 24 2011 17:36:37 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate128734892822582235", "Tue May 24 2011 17:36:37 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate128734892990081385", "Tue May 24 2011 17:36:37 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate129318631772181287", "Tue May 24 2011 17:36:30 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate129318631772181288", "Tue May 24 2011 17:36:30 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate129318631772181289", "Tue May 24 2011 17:36:36 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate129318631772181290", "Tue May 24 2011 17:36:36 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate129318631772181291", "Tue May 24 2011 17:36:36 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate129318631772181292", "Tue May 24 2011 17:36:36 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate129318631772181293", "Tue May 24 2011 17:36:37 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate129318631772181294", "Tue May 24 2011 17:36:37 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate129318631772181295", "Tue May 24 2011 17:36:37 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedPollDate129318631772181296", "Tue May 24 2011 17:36:37 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.FeedTTL128731246553406402", 2);
Zeile gelöscht : user_pref("CT2096149.FeedTTL128731247027625394", 30);
Zeile gelöscht : user_pref("CT2096149.FeedTTL128731247470125937", 30);
Zeile gelöscht : user_pref("CT2096149.FeedTTL128734892990081385", 5);
Zeile gelöscht : user_pref("CT2096149.FeedTTL129318631772181287", 40);
Zeile gelöscht : user_pref("CT2096149.FeedTTL129318631772181288", 40);
Zeile gelöscht : user_pref("CT2096149.FeedTTL129318631772181289", 40);
Zeile gelöscht : user_pref("CT2096149.FeedTTL129318631772181290", 40);
Zeile gelöscht : user_pref("CT2096149.FeedTTL129318631772181291", 40);
Zeile gelöscht : user_pref("CT2096149.FeedTTL129318631772181292", 40);
Zeile gelöscht : user_pref("CT2096149.FeedTTL129318631772181293", 40);
Zeile gelöscht : user_pref("CT2096149.FeedTTL129318631772181294", 40);
Zeile gelöscht : user_pref("CT2096149.FeedTTL129318631772181296", 40);
Zeile gelöscht : user_pref("CT2096149.FirstServerDate", "24-5-2011");
Zeile gelöscht : user_pref("CT2096149.FirstTime", true);
Zeile gelöscht : user_pref("CT2096149.FirstTimeFF3", true);
Zeile gelöscht : user_pref("CT2096149.FixPageNotFoundErrors", true);
Zeile gelöscht : user_pref("CT2096149.GroupingServerCheckInterval", 1440);
Zeile gelöscht : user_pref("CT2096149.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Zeile gelöscht : user_pref("CT2096149.HasUserGlobalKeys", true);
Zeile gelöscht : user_pref("CT2096149.Initialize", true);
Zeile gelöscht : user_pref("CT2096149.InitializeCommonPrefs", true);
Zeile gelöscht : user_pref("CT2096149.InstallationAndCookieDataSentCount", 1);
Zeile gelöscht : user_pref("CT2096149.InstallationType", "UnknownIntegration");
Zeile gelöscht : user_pref("CT2096149.InstalledDate", "Tue May 24 2011 17:36:27 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.InvalidateCache", false);
Zeile gelöscht : user_pref("CT2096149.IsGrouping", false);
Zeile gelöscht : user_pref("CT2096149.IsMulticommunity", false);
Zeile gelöscht : user_pref("CT2096149.IsOpenThankYouPage", true);
Zeile gelöscht : user_pref("CT2096149.IsOpenUninstallPage", true);
Zeile gelöscht : user_pref("CT2096149.LanguagePackLastCheckTime", "Tue May 24 2011 17:36:45 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.LanguagePackReloadIntervalMM", 1440);
Zeile gelöscht : user_pref("CT2096149.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Zeile gelöscht : user_pref("CT2096149.LastLogin_3.3.3.2", "Tue May 24 2011 17:36:29 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.LatestVersion", "3.3.3.2");
Zeile gelöscht : user_pref("CT2096149.Locale", "de");
Zeile gelöscht : user_pref("CT2096149.MCDetectTooltipHeight", "83");
Zeile gelöscht : user_pref("CT2096149.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Zeile gelöscht : user_pref("CT2096149.MCDetectTooltipWidth", "295");
Zeile gelöscht : user_pref("CT2096149.RadioIsPodcast", false);
Zeile gelöscht : user_pref("CT2096149.RadioLastCheckTime", "Tue May 24 2011 17:36:37 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.RadioLastUpdateIPServer", "3");
Zeile gelöscht : user_pref("CT2096149.RadioLastUpdateServer", "128929877726170000");
Zeile gelöscht : user_pref("CT2096149.RadioMediaID", "9475153");
Zeile gelöscht : user_pref("CT2096149.RadioMediaType", "Media Player");
Zeile gelöscht : user_pref("CT2096149.RadioMenuSelectedID", "EBRadioMenu_CT20961499475153");
Zeile gelöscht : user_pref("CT2096149.RadioStationName", "Antenne%20Bayern%20Top%2040%20");
Zeile gelöscht : user_pref("CT2096149.RadioStationURL", "hxxp://channels.webradio.antenne.de/top-40");
Zeile gelöscht : user_pref("CT2096149.SearchFromAddressBarIsInit", true);
Zeile gelöscht : user_pref("CT2096149.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2096149&q=");
Zeile gelöscht : user_pref("CT2096149.SearchInNewTabEnabled", true);
Zeile gelöscht : user_pref("CT2096149.SearchInNewTabIntervalMM", 1440);
Zeile gelöscht : user_pref("CT2096149.SearchInNewTabLastCheckTime", "Tue May 24 2011 17:36:40 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Zeile gelöscht : user_pref("CT2096149.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Zeile gelöscht : user_pref("CT2096149.ServiceMapLastCheckTime", "Tue May 24 2011 17:36:38 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.SettingsLastCheckTime", "Tue May 24 2011 17:36:38 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.SettingsLastUpdate", "1305713167");
Zeile gelöscht : user_pref("CT2096149.ThirdPartyComponentsInterval", 504);
Zeile gelöscht : user_pref("CT2096149.ThirdPartyComponentsLastCheck", "Tue May 24 2011 17:36:22 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.ThirdPartyComponentsLastUpdate", "1255344657");
Zeile gelöscht : user_pref("CT2096149.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2096149");
Zeile gelöscht : user_pref("CT2096149.UserID", "UN99028539490820119");
Zeile gelöscht : user_pref("CT2096149.WeatherNetwork", "");
Zeile gelöscht : user_pref("CT2096149.WeatherPollDate", "Tue May 24 2011 17:36:38 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.WeatherUnit", "C");
Zeile gelöscht : user_pref("CT2096149.alertChannelId", "516568");
Zeile gelöscht : user_pref("CT2096149.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");
Zeile gelöscht : user_pref("CT2096149.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdownload.conduit.com/\"}");
Zeile gelöscht : user_pref("CT2096149.globalFirstTimeInfoLastCheckTime", "Tue May 24 2011 17:36:44 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.isAppTrackingManagerOn", true);
Zeile gelöscht : user_pref("CT2096149.myStuffEnabled", true);
Zeile gelöscht : user_pref("CT2096149.myStuffPublihserMinWidth", 400);
Zeile gelöscht : user_pref("CT2096149.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Zeile gelöscht : user_pref("CT2096149.myStuffServiceIntervalMM", 1440);
Zeile gelöscht : user_pref("CT2096149.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Zeile gelöscht : user_pref("CT2096149.testingCtid", "");
Zeile gelöscht : user_pref("CT2096149.toolbarAppMetaDataLastCheckTime", "Tue May 24 2011 17:36:44 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.toolbarContextMenuLastCheckTime", "Tue May 24 2011 17:36:44 GMT+0200");
Zeile gelöscht : user_pref("CT2096149.usagesFlag", 1);
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/516568/512438/DE", "\"0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2096149", "\"1287389692\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=EB_LOCALE", "L+tncv4eqt6Qm5T3dzChdA==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=EB_LOCALE", "0uSPYx+Kl2jpu8sJZMeHjw==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=EB_LOCALE", "//KMoTBHPo0DboijRSgloQ==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=EB_LOCALE", "5bAIKdEiuKR0/D3MPZJRog==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"803651ba7facb1:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"07b2625f8cb1:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"07b2625f8cb1:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2096149", "\"634416823708270000\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2096149/CT2096149", "\"1305713167\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"634410529136300000\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16409683.xml", "\"7b0cb529a2801ecc447b19dace5d5204\"-gzip");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16727535.xml", "\"e2a32cef22408a595a6415d99c7e4ef9\"-gzip");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/18863815.xml", "\"66cf0f91db4338bb2d2231e7dadabca1\"-gzip");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19058681.xml", "\"017cc079577afcb789548e46cfaf3c1c\"-gzip");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19248106.xml", "\"510d890ee5a1b9bce78c14db466002cc\"-gzip");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19554706.xml", "\"81bfb3dee86125ebe935921dfd220012\"-gzip");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/428333.xml", "\"f9b01f768fb85856a975a6bee44d8e6a\"-gzip");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/807095.xml", "\"b661b5b852492ac56d6ad35c53538b29\"-gzip");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/813286.xml", "\"118857547402ff794ff14fbd916cff8c\"-gzip");
Zeile gelöscht : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Zeile gelöscht : user_pref("CommunityToolbar.EngineOwner", "CT2096149");
Zeile gelöscht : user_pref("CommunityToolbar.EngineOwnerGuid", "{69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5}");
Zeile gelöscht : user_pref("CommunityToolbar.EngineOwnerToolbarId", "eazel-de");
Zeile gelöscht : user_pref("CommunityToolbar.IsEngineShown", false);
Zeile gelöscht : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Zeile gelöscht : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2096149");
Zeile gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5}");
Zeile gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "eazel-de");
Zeile gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Zeile gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2096149,ConduitEngine");
Zeile gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2096149");
Zeile gelöscht : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue May 24 2011 17:36:40 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Zeile gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Jun 20 2011 18:27:55 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Zeile gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
Zeile gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Zeile gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Jun 21 2011 18:08:54 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Zeile gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Zeile gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Zeile gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Zeile gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Zeile gelöscht : user_pref("CommunityToolbar.alert.userId", "449796ed-669e-4bc8-b4d1-9351cd980bd5");
Zeile gelöscht : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Tue May 24 2011 17:36:40 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.globalUserId", "f8f92102-55c2-49db-ab16-c276fa55b567");
Zeile gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Zeile gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Zeile gelöscht : user_pref("CommunityToolbar.twitter.user_16409683.LastCheckTime", "Tue May 24 2011 17:37:30 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.twitter.user_16727535.LastCheckTime", "Tue May 24 2011 17:37:30 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.twitter.user_18863815.LastCheckTime", "Tue May 24 2011 17:37:30 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.twitter.user_19058681.LastCheckTime", "Tue May 24 2011 17:37:30 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.twitter.user_19248106.LastCheckTime", "Tue May 24 2011 17:37:30 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.twitter.user_19554706.LastCheckTime", "Tue May 24 2011 17:37:30 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.twitter.user_19757371.LastCheckTime", "Tue May 24 2011 17:37:30 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Tue May 24 2011 17:37:30 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.twitter.user_807095.LastCheckTime", "Tue May 24 2011 17:37:30 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.twitter.user_813286.LastCheckTime", "Tue May 24 2011 17:37:30 GMT+0200");
Zeile gelöscht : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Fri Jun 17 2011 19:42:11 GMT+0200");
Zeile gelöscht : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Tue May 24 2011 17:36:46 GMT+0200");
Zeile gelöscht : user_pref("ConduitEngine.FirstServerDate", "05/24/2011 18");
Zeile gelöscht : user_pref("ConduitEngine.FirstTime", true);
Zeile gelöscht : user_pref("ConduitEngine.FirstTimeFF3", true);
Zeile gelöscht : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Zeile gelöscht : user_pref("ConduitEngine.HideEngineAfterRestart", true);
Zeile gelöscht : user_pref("ConduitEngine.Initialize", true);
Zeile gelöscht : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Zeile gelöscht : user_pref("ConduitEngine.InstalledDate", "Tue May 24 2011 17:36:47 GMT+0200");
Zeile gelöscht : user_pref("ConduitEngine.IsMulticommunity", false);
Zeile gelöscht : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Zeile gelöscht : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Zeile gelöscht : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Tue May 24 2011 17:36:46 GMT+0200");
Zeile gelöscht : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Tue May 24 2011 17:36:44 GMT+0200");
Zeile gelöscht : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Zeile gelöscht : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Zeile gelöscht : user_pref("ConduitEngine.SettingsLastCheckTime", "Tue May 24 2011 17:36:47 GMT+0200");
Zeile gelöscht : user_pref("ConduitEngine.UserID", "UN43759992493109146");
Zeile gelöscht : user_pref("ConduitEngine.engineLocale", "de");
Zeile gelöscht : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Tue May 24 2011 17:36:46 GMT+0200");
Zeile gelöscht : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Tue May 24 2011 17:36:53 GMT+0200");
Zeile gelöscht : user_pref("ConduitEngine.initDone", true);
Zeile gelöscht : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Zeile gelöscht : user_pref("icqtoolbar.installsource", "1");

-\\ Google Chrome v

[ Datei : C:\Users\Juls\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : search_url
Gelöscht : keyword

*************************

AdwCleaner[R0].txt - [32479 octets] - [05/09/2013 17:59:39]
AdwCleaner[R1].txt - [31533 octets] - [05/09/2013 21:05:01]
AdwCleaner[R2].txt - [31653 octets] - [05/09/2013 21:33:07]
AdwCleaner[S0].txt - [1329 octets] - [05/09/2013 18:00:59]
AdwCleaner[S1].txt - [354 octets] - [05/09/2013 21:06:32]
AdwCleaner[S2].txt - [30303 octets] - [05/09/2013 21:33:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [30364 octets] ##########
Junkware Removal Tool (Logdatei):

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.7 (09.01.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Juls on 05.09.2013 at 22:20:25,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\vafplayer
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\tuguu sl
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-343180365-3658905709-1398490034-1000\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E0CF963B-5192-41A4-8355-24FD7D03D324}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{4B7D934D-1DB8-4FED-B19B-8D5700C76D1B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{E0CF963B-5192-41A4-8355-24FD7D03D324}



~~~ Files

Successfully deleted: [File] "C:\Windows\System32\Tasks\desk 365 runasstduser"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Juls\appdata\local\apn"
Successfully deleted: [Folder] "C:\Program Files\saltarsmart"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.09.2013 at 22:25:33,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Und die neue FRST Logdatei:



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-09-2013 04
Ran by Juls (administrator) on JULS-PC on 05-09-2013 22:31:35
Running from C:\Users\Juls\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\bcmwltry.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Creative Technology Ltd.) C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
(Google Inc.) C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [200704 2008-09-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Windows\system32\WLTRAY.exe [3810304 2008-12-22] (Dell Inc.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-05-08] (Intel Corporation)
HKLM\...\Run: [Dell Webcam Central] - C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe [446635 2008-06-03] (Creative Technology Ltd.)
HKLM\...\Run: [PDVDDXSrv] - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128296 2008-05-23] (CyberLink Corp.)
HKLM\...\Run: [dellsupportcenter] - C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-06-03] (SupportSoft, Inc.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [483420 2008-12-15] (IDT, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKCU\...\Policies\Explorer: [NoDrives] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_6603f871e4f84b0d9376258dc35ca0bf_39_1006_20130902_DE_ie_sp_
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {4B7D934D-1DB8-4FED-B19B-8D5700C76D1B} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=DLCDF7&pc=MDDC&src=IE-SearchBox
SearchScopes: HKCU - {5042D780-0816-8CAF-69AC-06A54D832FE0} URL = hxxp://bwrk.startya.com/s/?q={searchTerms}&iesrc=IE-SearchBox&site=Yahoo&cfg=2-490-0-0
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -&Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Juls\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Juls\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default\Extensions\130
FF Extension: No Name - C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default\Extensions\131
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKCU\...\Firefox\Extensions: [{450ef4aa-3d18-4b12-8d9f-ecc17330b054}] C:\Program Files\LyricsSeeker\131.xpi
FF Extension: No Name - C:\Program Files\LyricsSeeker\131.xpi

Chrome: 
=======
CHR HomePage: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_cr_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_6603f871e4f84b0d9376258dc35ca0bf_39_1006_20130902_DE_cr_sp_
CHR RestoreOnStartup: "hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_cr_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_6603f871e4f84b0d9376258dc35ca0bf_39_1006_20130902_DE_cr_sp_"
CHR DefaultSearchURL: (qvo6) - hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=ST9160310AS_5SV3ZT31XXXX5SV3ZT31&ts=1378150426&type=default&q={searchTerms}
CHR DefaultSuggestURL: (qvo6) -       "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Users\Juls\AppData\Local\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Juls\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Juls\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Juls\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Lightning Newtab) - C:\Users\Juls\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\1.1.5.3_0
CHR Extension: (Amazon 1Button App for Chrome) - C:\Users\Juls\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\3.2013.715.0_0
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Juls\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM\...\Chrome\Extension: [lgoiojnjnacbjngolldkokokgpcjbgjj] - C:\Program Files\LyricsSeeker\131.crx

========================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe [81920 2008-12-15] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-09-24] (Stardock Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 sprtsvc_DellSupportCenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-10-04] (SupportSoft, Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe [241746 2008-12-15] (IDT, Inc.)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2809856 2008-12-22] (Dell Inc.)
S2 yksvc; RUNDLL32.EXE ykx32coinst,serviceStartProc [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-09-02] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-09-02] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-09-02] ()
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-12-22] (Broadcom Corporation)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [34248 2009-09-16] (McAfee, Inc.)
S3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [40552 2009-09-16] (McAfee, Inc.)
R3 OA009Ufd; C:\Windows\System32\DRIVERS\OA009Ufd.sys [144672 2008-09-03] (Creative Technology Ltd.)
R3 OA009Vid; C:\Windows\System32\DRIVERS\OA009Vid.sys [269216 2008-09-03] (Creative Technology Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-05 22:25 - 2013-09-05 22:25 - 00001737 _____ C:\Users\Juls\Desktop\JRT.txt
2013-09-05 22:20 - 2013-09-05 22:20 - 00000000 ____D C:\Windows\ERUNT
2013-09-05 22:19 - 2013-09-05 22:19 - 01028757 _____ (Thisisu) C:\Users\Juls\Downloads\JRT.exe
2013-09-05 17:59 - 2013-09-05 22:10 - 00000000 ____D C:\AdwCleaner
2013-09-05 17:58 - 2013-09-05 17:58 - 01037222 _____ C:\Users\Juls\Downloads\adwcleaner.exe
2013-09-05 15:48 - 2013-09-05 15:48 - 00000908 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-05 15:48 - 2013-09-05 15:48 - 00000000 ____D C:\Users\Juls\AppData\Roaming\Malwarebytes
2013-09-05 15:48 - 2013-09-05 15:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-05 15:48 - 2013-09-05 15:48 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-05 15:48 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-05 15:47 - 2013-09-05 15:47 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Juls\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-05 13:40 - 2013-09-05 13:40 - 00016917 _____ C:\ComboFix.txt
2013-09-05 10:55 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-05 10:55 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-05 10:55 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-05 10:55 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-05 10:55 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-05 10:55 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-05 10:55 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-05 10:55 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-05 10:54 - 2013-09-05 13:40 - 00000000 ____D C:\Qoobox
2013-09-05 10:51 - 2013-09-05 13:38 - 00000000 ____D C:\Windows\erdnt
2013-09-05 10:49 - 2013-09-05 10:51 - 05120804 ____R (Swearware) C:\Users\Juls\Downloads\ComboFix.exe
2013-09-02 22:42 - 2013-09-02 22:42 - 00185115 _____ C:\Users\Juls\Desktop\Gmer.log
2013-09-02 22:41 - 2013-09-02 22:41 - 00185115 _____ C:\Users\Juls\Downloads\Gmer.log
2013-09-02 22:41 - 2013-09-02 22:41 - 00000454 _____ C:\Users\Juls\Gmer.lnk
2013-09-02 22:21 - 2013-09-02 22:21 - 00460032 _____ C:\Users\Juls\Desktop\setupAVAST.txt
2013-09-02 22:15 - 2013-09-02 22:15 - 00046626 _____ C:\Users\Juls\Downloads\Addition3.txt
2013-09-02 22:06 - 2013-09-02 22:06 - 00377856 _____ C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe
2013-09-02 22:00 - 2013-09-02 22:00 - 333557075 _____ C:\Windows\MEMORY.DMP
2013-09-02 22:00 - 2013-09-02 22:00 - 00143704 _____ C:\Windows\Minidump\Mini090213-01.dmp
2013-09-02 22:00 - 2013-09-02 22:00 - 00000000 ____D C:\Windows\Minidump
2013-09-02 21:57 - 2013-09-02 21:57 - 00377856 _____ C:\Users\Juls\Downloads\gmer_2.1.19163.exe
2013-09-02 21:53 - 2013-09-02 21:53 - 00059300 _____ C:\Users\Juls\Desktop\FRST.txt
2013-09-02 21:53 - 2013-09-02 21:53 - 00046626 _____ C:\Users\Juls\Desktop\Addition.txt
2013-09-02 21:50 - 2013-09-02 21:52 - 00046626 _____ C:\Users\Juls\Downloads\Addition.txt
2013-09-02 21:48 - 2013-09-02 21:48 - 00000000 ____D C:\FRST
2013-09-02 21:45 - 2013-09-02 21:46 - 00000444 _____ C:\Users\Juls\Downloads\defogger_disable.log
2013-09-02 21:45 - 2013-09-02 21:45 - 00000000 _____ C:\Users\Juls\defogger_reenable
2013-09-02 21:44 - 2013-09-02 21:44 - 00050477 _____ C:\Users\Juls\Downloads\Defogger.exe
2013-09-02 21:43 - 2013-09-02 21:44 - 01085803 _____ (Farbar) C:\Users\Juls\Downloads\FRST.exe
2013-09-02 17:54 - 2013-09-02 17:54 - 00000000 ____D C:\Windows\system32\searchplugins
2013-09-02 17:54 - 2013-09-02 17:54 - 00000000 ____D C:\Windows\system32\Extensions
2013-09-02 16:04 - 2013-09-05 16:06 - 00000000 ____D C:\Users\Juls\AppData\Roaming\player
2013-09-02 16:00 - 2013-09-02 15:57 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-09-02 16:00 - 2013-09-02 15:57 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-09-02 15:57 - 2013-09-02 15:57 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-09-02 15:56 - 2013-09-02 15:57 - 00770344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-09-02 15:56 - 2013-09-02 15:57 - 00369584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-09-02 15:56 - 2013-09-02 15:57 - 00175176 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-09-02 15:56 - 2013-09-02 15:56 - 00001831 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-09-02 15:56 - 2013-05-09 10:59 - 00066336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-09-02 15:56 - 2013-05-09 10:59 - 00056080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-09-02 15:56 - 2013-05-09 10:59 - 00049760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2013-09-02 15:56 - 2013-05-09 10:59 - 00049376 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-09-02 15:56 - 2013-05-09 10:59 - 00029816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-09-02 15:56 - 2013-05-09 10:58 - 00229648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-09-02 15:53 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-09-02 15:51 - 2013-09-02 15:51 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-02 15:49 - 2013-09-02 15:51 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-02 15:47 - 2013-09-02 15:47 - 00000000 __SHD C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-09-02 15:43 - 2013-09-02 15:45 - 00000000 ____D C:\Users\Juls\Desktop\TuneUp Utilities 2012 (Download)
2013-09-02 15:38 - 2013-09-02 15:38 - 00000000 ____D C:\Program Files\Amazon
2013-09-02 14:58 - 2013-09-02 14:58 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-09-02 14:49 - 2013-09-02 14:49 - 00000556 _____ C:\Windows\KB893803v2.log
2013-08-29 17:53 - 2013-08-29 17:53 - 00000000 ____D C:\Program Files\EpsonNet
2013-08-29 17:53 - 2012-11-12 20:41 - 00458310 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppui.dll
2013-08-29 17:53 - 2012-11-12 20:41 - 00458310 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enppui.dll
2013-08-29 17:53 - 2012-11-12 15:15 - 00476027 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppmon.dll
2013-08-29 17:53 - 2012-11-12 15:15 - 00476027 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enppmon.dll
2013-08-29 17:53 - 2012-10-22 17:19 - 00218112 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enspres.dll
2013-08-29 17:53 - 2012-10-22 17:19 - 00218112 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enpres.dll
2013-08-29 17:52 - 2013-08-29 17:52 - 00000000 ____D C:\Users\Juls\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPSON Software
2013-08-29 17:48 - 2007-04-10 01:06 - 00008192 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_DCINST.DLL
2013-08-29 17:47 - 2011-03-15 03:03 - 00081408 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_FD4BILE.DLL
2013-08-29 17:44 - 2012-07-24 00:00 - 00342016 _____ (Seiko Epson Corporation) C:\Windows\system32\esw2ud.dll
2013-08-29 17:44 - 2011-12-12 00:00 - 00122000 _____ (Seiko Epson Corporation) C:\Windows\system32\escsvc.exe
2013-08-29 14:09 - 2013-09-02 18:23 - 00000000 ____D C:\Program Files\LyricsSeeker
2013-08-28 16:09 - 2013-08-28 16:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2013-08-28 16:07 - 2013-08-28 16:07 - 00000000 ____D C:\Program Files\HTC
2013-08-28 16:05 - 2013-08-28 16:05 - 00000000 ____D C:\Users\Juls\AppData\Local\Downloaded Installations
2013-08-28 16:02 - 2013-08-28 16:06 - 00008080 _____ C:\Windows\DPINST.LOG
2013-08-28 16:01 - 2013-08-28 16:01 - 00000000 ____D C:\ProgramData\HTC
2013-08-28 16:01 - 2009-06-10 09:49 - 00024576 _____ (HTC, Corporation) C:\Windows\system32\Drivers\ANDROIDUSB.sys
2013-08-28 16:01 - 2009-06-09 07:41 - 01122664 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2013-08-28 13:46 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-28 13:32 - 2013-08-28 13:32 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2013-08-25 16:18 - 2013-08-25 16:18 - 00000000 ____D C:\Users\Juls\AppData\Local\avgchrome
2013-08-25 16:09 - 2013-08-25 16:09 - 00000000 ____D C:\Program Files\Image Converter
2013-08-25 15:44 - 2013-08-25 15:44 - 00000847 _____ C:\Users\Juls\AppData\Local\recently-used.xbel
2013-08-25 15:34 - 2013-08-25 15:34 - 00000000 ____D C:\Users\Juls\.thumbnails
2013-08-25 15:30 - 2013-08-25 15:34 - 00000000 ____D C:\Users\Juls\.gimp-2.8
2013-08-25 15:29 - 2013-08-25 15:29 - 00000000 ____D C:\Users\Juls\AppData\Local\gegl-0.2
2013-08-25 14:48 - 2013-08-25 15:27 - 00000000 ____D C:\Users\Juls\Documents\Bluetooth Exchange Folder
2013-08-25 14:33 - 2013-08-25 15:09 - 00000000 ____D C:\Users\Juls\Documents\Fußball
2013-08-19 13:59 - 2013-08-19 14:02 - 00000000 ____D C:\Windows\system32\MRT
2013-08-19 13:53 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-19 13:53 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-19 13:53 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-19 13:53 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-19 13:53 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-19 13:53 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-19 13:53 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-19 13:53 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-19 13:53 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-19 13:53 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-19 13:53 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-19 13:53 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-19 13:53 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-19 13:53 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-19 13:53 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-19 13:53 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-15 11:53 - 2013-07-05 06:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 11:53 - 2013-06-15 15:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-15 11:53 - 2013-06-15 13:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-15 11:52 - 2013-07-17 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 11:52 - 2013-07-10 11:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 11:52 - 2013-07-09 14:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 11:52 - 2013-07-08 06:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-15 11:52 - 2013-07-08 06:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 11:47 - 2013-07-08 06:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 11:47 - 2013-07-08 06:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 11:47 - 2013-07-08 06:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 11:47 - 2013-07-08 06:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

==================== One Month Modified Files and Folders =======

2013-09-05 22:31 - 2013-09-05 22:31 - 01947160 _____ (Farbar) C:\Users\Juls\Downloads\FRST64.exe
2013-09-05 22:25 - 2013-09-05 22:25 - 00001737 _____ C:\Users\Juls\Desktop\JRT.txt
2013-09-05 22:20 - 2013-09-05 22:20 - 00000000 ____D C:\Windows\ERUNT
2013-09-05 22:19 - 2013-09-05 22:19 - 01028757 _____ (Thisisu) C:\Users\Juls\Downloads\JRT.exe
2013-09-05 22:12 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-05 22:12 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-05 22:12 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-05 22:11 - 2009-02-22 21:10 - 00005332 _____ C:\Windows\bthservsdp.dat
2013-09-05 22:11 - 2009-02-22 14:46 - 01721683 _____ C:\Windows\WindowsUpdate.log
2013-09-05 22:11 - 2006-11-02 15:01 - 00032530 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-05 22:10 - 2013-09-05 17:59 - 00000000 ____D C:\AdwCleaner
2013-09-05 22:10 - 2011-12-13 19:50 - 00001160 _____ C:\Users\Juls\Desktop\Google Chrome.lnk
2013-09-05 22:10 - 2011-12-13 19:50 - 00000000 ____D C:\Users\Juls\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-09-05 22:10 - 2009-03-03 18:34 - 00000975 _____ C:\Users\Juls\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-05 22:04 - 2013-03-30 16:09 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-05 21:52 - 2011-12-13 19:47 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343180365-3658905709-1398490034-1000UA.job
2013-09-05 18:01 - 2009-03-10 21:45 - 00000000 ____D C:\ProgramData\ICQ
2013-09-05 17:58 - 2013-09-05 17:58 - 01037222 _____ C:\Users\Juls\Downloads\adwcleaner.exe
2013-09-05 17:52 - 2011-12-13 19:47 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343180365-3658905709-1398490034-1000Core.job
2013-09-05 16:06 - 2013-09-02 16:04 - 00000000 ____D C:\Users\Juls\AppData\Roaming\player
2013-09-05 15:48 - 2013-09-05 15:48 - 00000908 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-05 15:48 - 2013-09-05 15:48 - 00000000 ____D C:\Users\Juls\AppData\Roaming\Malwarebytes
2013-09-05 15:48 - 2013-09-05 15:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-05 15:48 - 2013-09-05 15:48 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-05 15:47 - 2013-09-05 15:47 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Juls\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-05 13:40 - 2013-09-05 13:40 - 00016917 _____ C:\ComboFix.txt
2013-09-05 13:40 - 2013-09-05 10:54 - 00000000 ____D C:\Qoobox
2013-09-05 13:40 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Default
2013-09-05 13:40 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-09-05 13:38 - 2013-09-05 10:51 - 00000000 ____D C:\Windows\erdnt
2013-09-05 13:35 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2013-09-05 12:04 - 2008-01-21 04:47 - 00164202 _____ C:\Windows\PFRO.log
2013-09-05 12:03 - 2006-11-02 12:22 - 42729472 _____ C:\Windows\system32\config\software.bak
2013-09-05 12:03 - 2006-11-02 12:22 - 40632320 _____ C:\Windows\system32\config\COMPON~3.bak
2013-09-05 12:03 - 2006-11-02 12:22 - 31195136 _____ C:\Windows\system32\config\system.bak
2013-09-05 12:03 - 2006-11-02 12:22 - 00524288 _____ C:\Windows\system32\config\default.bak
2013-09-05 12:03 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\security.bak
2013-09-05 12:03 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\sam.bak
2013-09-05 12:00 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-05 10:57 - 2008-01-21 09:16 - 01649760 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-05 10:51 - 2013-09-05 10:49 - 05120804 ____R (Swearware) C:\Users\Juls\Downloads\ComboFix.exe
2013-09-05 10:43 - 2009-03-07 16:45 - 00006080 _____ C:\Users\Juls\AppData\Local\d3d9caps.dat
2013-09-04 13:49 - 2013-06-09 12:31 - 00000000 ____D C:\Users\Juls\Documents\TS GRUPPE 5
2013-09-02 22:42 - 2013-09-02 22:42 - 00185115 _____ C:\Users\Juls\Desktop\Gmer.log
2013-09-02 22:41 - 2013-09-02 22:41 - 00185115 _____ C:\Users\Juls\Downloads\Gmer.log
2013-09-02 22:41 - 2013-09-02 22:41 - 00000454 _____ C:\Users\Juls\Gmer.lnk
2013-09-02 22:41 - 2009-03-03 18:29 - 00000000 ____D C:\Users\Juls
2013-09-02 22:21 - 2013-09-02 22:21 - 00460032 _____ C:\Users\Juls\Desktop\setupAVAST.txt
2013-09-02 22:15 - 2013-09-02 22:15 - 00046626 _____ C:\Users\Juls\Downloads\Addition3.txt
2013-09-02 22:06 - 2013-09-02 22:06 - 00377856 _____ C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe
2013-09-02 22:00 - 2013-09-02 22:00 - 333557075 _____ C:\Windows\MEMORY.DMP
2013-09-02 22:00 - 2013-09-02 22:00 - 00143704 _____ C:\Windows\Minidump\Mini090213-01.dmp
2013-09-02 22:00 - 2013-09-02 22:00 - 00000000 ____D C:\Windows\Minidump
2013-09-02 21:57 - 2013-09-02 21:57 - 00377856 _____ C:\Users\Juls\Downloads\gmer_2.1.19163.exe
2013-09-02 21:53 - 2013-09-02 21:53 - 00059300 _____ C:\Users\Juls\Desktop\FRST.txt
2013-09-02 21:53 - 2013-09-02 21:53 - 00046626 _____ C:\Users\Juls\Desktop\Addition.txt
2013-09-02 21:52 - 2013-09-02 21:50 - 00046626 _____ C:\Users\Juls\Downloads\Addition.txt
2013-09-02 21:48 - 2013-09-02 21:48 - 00000000 ____D C:\FRST
2013-09-02 21:46 - 2013-09-02 21:45 - 00000444 _____ C:\Users\Juls\Downloads\defogger_disable.log
2013-09-02 21:45 - 2013-09-02 21:45 - 00000000 _____ C:\Users\Juls\defogger_reenable
2013-09-02 21:44 - 2013-09-02 21:44 - 00050477 _____ C:\Users\Juls\Downloads\Defogger.exe
2013-09-02 21:44 - 2013-09-02 21:43 - 01085803 _____ (Farbar) C:\Users\Juls\Downloads\FRST.exe
2013-09-02 18:23 - 2013-08-29 14:09 - 00000000 ____D C:\Program Files\LyricsSeeker
2013-09-02 17:54 - 2013-09-02 17:54 - 00000000 ____D C:\Windows\system32\searchplugins
2013-09-02 17:54 - 2013-09-02 17:54 - 00000000 ____D C:\Windows\system32\Extensions
2013-09-02 15:57 - 2013-09-02 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-09-02 15:57 - 2013-09-02 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-09-02 15:57 - 2013-09-02 15:57 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-09-02 15:57 - 2013-09-02 15:56 - 00770344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-09-02 15:57 - 2013-09-02 15:56 - 00369584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-09-02 15:57 - 2013-09-02 15:56 - 00175176 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-09-02 15:56 - 2013-09-02 15:56 - 00001831 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-09-02 15:56 - 2006-11-02 12:23 - 00002577 _____ C:\Windows\system32\config.nt
2013-09-02 15:51 - 2013-09-02 15:51 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-02 15:51 - 2013-09-02 15:49 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-02 15:47 - 2013-09-02 15:47 - 00000000 __SHD C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-09-02 15:45 - 2013-09-02 15:43 - 00000000 ____D C:\Users\Juls\Desktop\TuneUp Utilities 2012 (Download)
2013-09-02 15:38 - 2013-09-02 15:38 - 00000000 ____D C:\Program Files\Amazon
2013-09-02 14:58 - 2013-09-02 14:58 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-09-02 14:49 - 2013-09-02 14:49 - 00000556 _____ C:\Windows\KB893803v2.log
2013-08-29 18:20 - 2006-11-02 14:52 - 00273417 _____ C:\Windows\setupact.log
2013-08-29 18:00 - 2012-10-15 17:26 - 00000000 ____D C:\Program Files\ABBYY FineReader 9.0 Sprint
2013-08-29 17:58 - 2012-10-15 17:25 - 00000000 ____D C:\ProgramData\UDL
2013-08-29 17:57 - 2012-10-15 17:23 - 00000308 _____ C:\Windows\setup.iss
2013-08-29 17:57 - 2012-10-15 17:17 - 00000000 ____D C:\Program Files\EPSON Software
2013-08-29 17:57 - 2009-02-22 21:07 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-08-29 17:55 - 2012-10-15 17:10 - 00000000 ____D C:\Program Files\epson
2013-08-29 17:53 - 2013-08-29 17:53 - 00000000 ____D C:\Program Files\EpsonNet
2013-08-29 17:52 - 2013-08-29 17:52 - 00000000 ____D C:\Users\Juls\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPSON Software
2013-08-29 17:52 - 2012-10-15 17:17 - 00000000 ____D C:\Program Files\Common Files\EPSON
2013-08-29 17:47 - 2012-10-15 17:11 - 00000000 ____D C:\ProgramData\EPSON
2013-08-29 17:44 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\twain_32
2013-08-28 16:09 - 2013-08-28 16:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2013-08-28 16:07 - 2013-08-28 16:07 - 00000000 ____D C:\Program Files\HTC
2013-08-28 16:06 - 2013-08-28 16:02 - 00008080 _____ C:\Windows\DPINST.LOG
2013-08-28 16:05 - 2013-08-28 16:05 - 00000000 ____D C:\Users\Juls\AppData\Local\Downloaded Installations
2013-08-28 16:01 - 2013-08-28 16:01 - 00000000 ____D C:\ProgramData\HTC
2013-08-28 13:32 - 2013-08-28 13:32 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2013-08-25 16:19 - 2011-06-29 17:03 - 00072704 ____H C:\Users\Juls\Desktop\photothumb.db
2013-08-25 16:18 - 2013-08-25 16:18 - 00000000 ____D C:\Users\Juls\AppData\Local\avgchrome
2013-08-25 16:09 - 2013-08-25 16:09 - 00000000 ____D C:\Program Files\Image Converter
2013-08-25 15:44 - 2013-08-25 15:44 - 00000847 _____ C:\Users\Juls\AppData\Local\recently-used.xbel
2013-08-25 15:34 - 2013-08-25 15:34 - 00000000 ____D C:\Users\Juls\.thumbnails
2013-08-25 15:34 - 2013-08-25 15:30 - 00000000 ____D C:\Users\Juls\.gimp-2.8
2013-08-25 15:29 - 2013-08-25 15:29 - 00000000 ____D C:\Users\Juls\AppData\Local\gegl-0.2
2013-08-25 15:27 - 2013-08-25 14:48 - 00000000 ____D C:\Users\Juls\Documents\Bluetooth Exchange Folder
2013-08-25 15:09 - 2013-08-25 14:33 - 00000000 ____D C:\Users\Juls\Documents\Fußball
2013-08-25 14:17 - 2013-01-05 22:17 - 00000000 ____D C:\Users\Juls\Documents\KIGA
2013-08-25 14:04 - 2013-03-30 16:09 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-25 14:04 - 2013-03-30 16:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-23 17:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-19 14:02 - 2013-08-19 13:59 - 00000000 ____D C:\Windows\system32\MRT
2013-08-19 14:02 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-19 13:59 - 2006-11-02 12:24 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

Files to move or delete:
====================
C:\Users\Juls\AppData\Local\Temp\Quarantine.exe
C:\Users\Juls\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-05 22:19

==================== End Of Log ============================
--- --- ---

--- --- ---

Alt 06.09.2013, 09:49   #14
schrauber
/// the machine
/// TB-Ausbilder
 
VAF Player lässt sich nicht deinstallieren! - Standard

VAF Player lässt sich nicht deinstallieren!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.09.2013, 13:58   #15
Ju_Vo
 
VAF Player lässt sich nicht deinstallieren! - Standard

VAF Player lässt sich nicht deinstallieren!


Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=172a7f28f3006542a8707763ee9513fa
# engine=13131
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-06 12:38:47
# local_time=2013-09-06 02:38:47 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=774 16777213 85 91 340712 155180999 0 0
# compatibility_mode=1797 16774142 0 17 345173 50478162 0 0
# compatibility_mode=5892 16776574 100 100 187893 216003855 0 0
# scanned=211849
# found=0
# cleaned=0
# scan_time=11907
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.72  
 Windows Vista Service Pack 2 x86 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java(TM) 6 Update 7  
 Java version out of Date! 
 Adobe Flash Player 	11.8.800.94  
 Adobe Reader 9 Adobe Reader out of Date! 
 Adobe Reader 10.1.6 Adobe Reader out of Date!  
 Google Chrome 28.0.1500.72  
 Google Chrome 28.0.1500.95  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 windows defender MpCmdRun.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-09-2013 04
Ran by Juls (administrator) on JULS-PC on 06-09-2013 14:51:15
Running from C:\Users\Juls\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\bcmwltry.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Creative Technology Ltd.) C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Google Inc.) C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Google Inc.) C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe
(Google Inc.) C:\Users\Juls\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [200704 2008-09-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Windows\system32\WLTRAY.exe [3810304 2008-12-22] (Dell Inc.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-05-08] (Intel Corporation)
HKLM\...\Run: [Dell Webcam Central] - C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe [446635 2008-06-03] (Creative Technology Ltd.)
HKLM\...\Run: [PDVDDXSrv] - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128296 2008-05-23] (CyberLink Corp.)
HKLM\...\Run: [dellsupportcenter] - C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-06-03] (SupportSoft, Inc.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [483420 2008-12-15] (IDT, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKCU\...\Policies\Explorer: [NoDrives] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_6603f871e4f84b0d9376258dc35ca0bf_39_1006_20130902_DE_ie_sp_
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {4B7D934D-1DB8-4FED-B19B-8D5700C76D1B} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=DLCDF7&pc=MDDC&src=IE-SearchBox
SearchScopes: HKCU - {5042D780-0816-8CAF-69AC-06A54D832FE0} URL = hxxp://bwrk.startya.com/s/?q={searchTerms}&iesrc=IE-SearchBox&site=Yahoo&cfg=2-490-0-0
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -&Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Juls\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Juls\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default\Extensions\130
FF Extension: No Name - C:\Users\Juls\AppData\Roaming\Mozilla\Firefox\Profiles\0cr8zure.default\Extensions\131
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKCU\...\Firefox\Extensions: [{450ef4aa-3d18-4b12-8d9f-ecc17330b054}] C:\Program Files\LyricsSeeker\131.xpi
FF Extension: No Name - C:\Program Files\LyricsSeeker\131.xpi

Chrome: 
=======
CHR HomePage: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_cr_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_6603f871e4f84b0d9376258dc35ca0bf_39_1006_20130902_DE_cr_sp_
CHR RestoreOnStartup: "hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_cr_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_6603f871e4f84b0d9376258dc35ca0bf_39_1006_20130902_DE_cr_sp_"
CHR DefaultSearchURL: (qvo6) - hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=ST9160310AS_5SV3ZT31XXXX5SV3ZT31&ts=1378150426&type=default&q={searchTerms}
CHR DefaultSuggestURL: (qvo6) -       "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Users\Juls\AppData\Local\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Juls\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Juls\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Juls\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Lightning Newtab) - C:\Users\Juls\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\1.1.5.3_0
CHR Extension: (Amazon 1Button App for Chrome) - C:\Users\Juls\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\3.2013.715.0_0
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Juls\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM\...\Chrome\Extension: [lgoiojnjnacbjngolldkokokgpcjbgjj] - C:\Program Files\LyricsSeeker\131.crx

========================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe [81920 2008-12-15] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-09-24] (Stardock Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 sprtsvc_DellSupportCenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-10-04] (SupportSoft, Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe [241746 2008-12-15] (IDT, Inc.)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2809856 2008-12-22] (Dell Inc.)
R2 yksvc; RUNDLL32.EXE ykx32coinst,serviceStartProc [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-09-02] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-09-02] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-09-02] ()
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-12-22] (Broadcom Corporation)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [34248 2009-09-16] (McAfee, Inc.)
S3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [40552 2009-09-16] (McAfee, Inc.)
R3 OA009Ufd; C:\Windows\System32\DRIVERS\OA009Ufd.sys [144672 2008-09-03] (Creative Technology Ltd.)
R3 OA009Vid; C:\Windows\System32\DRIVERS\OA009Vid.sys [269216 2008-09-03] (Creative Technology Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-06 11:14 - 2013-09-06 11:14 - 02347384 _____ (ESET) C:\Users\Juls\Downloads\esetsmartinstaller_enu.exe
2013-09-05 22:31 - 2013-09-05 22:31 - 01947160 _____ (Farbar) C:\Users\Juls\Downloads\FRST64.exe
2013-09-05 22:25 - 2013-09-05 22:25 - 00001737 _____ C:\Users\Juls\Desktop\JRT.txt
2013-09-05 22:20 - 2013-09-05 22:20 - 00000000 ____D C:\Windows\ERUNT
2013-09-05 22:19 - 2013-09-05 22:19 - 01028757 _____ (Thisisu) C:\Users\Juls\Downloads\JRT.exe
2013-09-05 17:59 - 2013-09-05 22:10 - 00000000 ____D C:\AdwCleaner
2013-09-05 17:58 - 2013-09-05 17:58 - 01037222 _____ C:\Users\Juls\Downloads\adwcleaner.exe
2013-09-05 15:48 - 2013-09-05 15:48 - 00000908 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-05 15:48 - 2013-09-05 15:48 - 00000000 ____D C:\Users\Juls\AppData\Roaming\Malwarebytes
2013-09-05 15:48 - 2013-09-05 15:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-05 15:48 - 2013-09-05 15:48 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-05 15:48 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-05 15:47 - 2013-09-05 15:47 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Juls\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-05 13:40 - 2013-09-05 13:40 - 00016917 _____ C:\ComboFix.txt
2013-09-05 10:55 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-05 10:55 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-05 10:55 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-05 10:55 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-05 10:55 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-05 10:55 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-05 10:55 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-05 10:55 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-05 10:54 - 2013-09-05 13:40 - 00000000 ____D C:\Qoobox
2013-09-05 10:51 - 2013-09-05 13:38 - 00000000 ____D C:\Windows\erdnt
2013-09-05 10:49 - 2013-09-05 10:51 - 05120804 ____R (Swearware) C:\Users\Juls\Downloads\ComboFix.exe
2013-09-02 22:42 - 2013-09-02 22:42 - 00185115 _____ C:\Users\Juls\Desktop\Gmer.log
2013-09-02 22:41 - 2013-09-02 22:41 - 00185115 _____ C:\Users\Juls\Downloads\Gmer.log
2013-09-02 22:41 - 2013-09-02 22:41 - 00000454 _____ C:\Users\Juls\Gmer.lnk
2013-09-02 22:21 - 2013-09-02 22:21 - 00460032 _____ C:\Users\Juls\Desktop\setupAVAST.txt
2013-09-02 22:15 - 2013-09-02 22:15 - 00046626 _____ C:\Users\Juls\Downloads\Addition3.txt
2013-09-02 22:06 - 2013-09-02 22:06 - 00377856 _____ C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe
2013-09-02 22:00 - 2013-09-02 22:00 - 333557075 _____ C:\Windows\MEMORY.DMP
2013-09-02 22:00 - 2013-09-02 22:00 - 00143704 _____ C:\Windows\Minidump\Mini090213-01.dmp
2013-09-02 22:00 - 2013-09-02 22:00 - 00000000 ____D C:\Windows\Minidump
2013-09-02 21:57 - 2013-09-02 21:57 - 00377856 _____ C:\Users\Juls\Downloads\gmer_2.1.19163.exe
2013-09-02 21:53 - 2013-09-02 21:53 - 00059300 _____ C:\Users\Juls\Desktop\FRST.txt
2013-09-02 21:53 - 2013-09-02 21:53 - 00046626 _____ C:\Users\Juls\Desktop\Addition.txt
2013-09-02 21:50 - 2013-09-02 21:52 - 00046626 _____ C:\Users\Juls\Downloads\Addition.txt
2013-09-02 21:48 - 2013-09-02 21:48 - 00000000 ____D C:\FRST
2013-09-02 21:45 - 2013-09-02 21:46 - 00000444 _____ C:\Users\Juls\Downloads\defogger_disable.log
2013-09-02 21:45 - 2013-09-02 21:45 - 00000000 _____ C:\Users\Juls\defogger_reenable
2013-09-02 21:44 - 2013-09-02 21:44 - 00050477 _____ C:\Users\Juls\Downloads\Defogger.exe
2013-09-02 21:43 - 2013-09-02 21:44 - 01085803 _____ (Farbar) C:\Users\Juls\Downloads\FRST.exe
2013-09-02 17:54 - 2013-09-02 17:54 - 00000000 ____D C:\Windows\system32\searchplugins
2013-09-02 17:54 - 2013-09-02 17:54 - 00000000 ____D C:\Windows\system32\Extensions
2013-09-02 16:04 - 2013-09-05 16:06 - 00000000 ____D C:\Users\Juls\AppData\Roaming\player
2013-09-02 16:00 - 2013-09-02 15:57 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-09-02 16:00 - 2013-09-02 15:57 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-09-02 15:57 - 2013-09-02 15:57 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-09-02 15:56 - 2013-09-02 15:57 - 00770344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-09-02 15:56 - 2013-09-02 15:57 - 00369584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-09-02 15:56 - 2013-09-02 15:57 - 00175176 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-09-02 15:56 - 2013-09-02 15:56 - 00001831 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-09-02 15:56 - 2013-05-09 10:59 - 00066336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-09-02 15:56 - 2013-05-09 10:59 - 00056080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-09-02 15:56 - 2013-05-09 10:59 - 00049760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2013-09-02 15:56 - 2013-05-09 10:59 - 00049376 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-09-02 15:56 - 2013-05-09 10:59 - 00029816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-09-02 15:56 - 2013-05-09 10:58 - 00229648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-09-02 15:53 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-09-02 15:51 - 2013-09-02 15:51 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-02 15:49 - 2013-09-02 15:51 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-02 15:47 - 2013-09-02 15:47 - 00000000 __SHD C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-09-02 15:43 - 2013-09-02 15:45 - 00000000 ____D C:\Users\Juls\Desktop\TuneUp Utilities 2012 (Download)
2013-09-02 15:38 - 2013-09-02 15:38 - 00000000 ____D C:\Program Files\Amazon
2013-09-02 14:58 - 2013-09-02 14:58 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-09-02 14:49 - 2013-09-02 14:49 - 00000556 _____ C:\Windows\KB893803v2.log
2013-08-29 17:53 - 2013-08-29 17:53 - 00000000 ____D C:\Program Files\EpsonNet
2013-08-29 17:53 - 2012-11-12 20:41 - 00458310 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppui.dll
2013-08-29 17:53 - 2012-11-12 20:41 - 00458310 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enppui.dll
2013-08-29 17:53 - 2012-11-12 15:15 - 00476027 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppmon.dll
2013-08-29 17:53 - 2012-11-12 15:15 - 00476027 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enppmon.dll
2013-08-29 17:53 - 2012-10-22 17:19 - 00218112 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enspres.dll
2013-08-29 17:53 - 2012-10-22 17:19 - 00218112 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enpres.dll
2013-08-29 17:52 - 2013-08-29 17:52 - 00000000 ____D C:\Users\Juls\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPSON Software
2013-08-29 17:48 - 2007-04-10 01:06 - 00008192 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_DCINST.DLL
2013-08-29 17:47 - 2011-03-15 03:03 - 00081408 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_FD4BILE.DLL
2013-08-29 17:44 - 2012-07-24 00:00 - 00342016 _____ (Seiko Epson Corporation) C:\Windows\system32\esw2ud.dll
2013-08-29 17:44 - 2011-12-12 00:00 - 00122000 _____ (Seiko Epson Corporation) C:\Windows\system32\escsvc.exe
2013-08-29 14:09 - 2013-09-02 18:23 - 00000000 ____D C:\Program Files\LyricsSeeker
2013-08-28 16:09 - 2013-08-28 16:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2013-08-28 16:07 - 2013-08-28 16:07 - 00000000 ____D C:\Program Files\HTC
2013-08-28 16:05 - 2013-08-28 16:05 - 00000000 ____D C:\Users\Juls\AppData\Local\Downloaded Installations
2013-08-28 16:02 - 2013-08-28 16:06 - 00008080 _____ C:\Windows\DPINST.LOG
2013-08-28 16:01 - 2013-08-28 16:01 - 00000000 ____D C:\ProgramData\HTC
2013-08-28 16:01 - 2009-06-10 09:49 - 00024576 _____ (HTC, Corporation) C:\Windows\system32\Drivers\ANDROIDUSB.sys
2013-08-28 16:01 - 2009-06-09 07:41 - 01122664 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2013-08-28 13:46 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-28 13:32 - 2013-08-28 13:32 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2013-08-25 16:18 - 2013-08-25 16:18 - 00000000 ____D C:\Users\Juls\AppData\Local\avgchrome
2013-08-25 16:09 - 2013-08-25 16:09 - 00000000 ____D C:\Program Files\Image Converter
2013-08-25 15:44 - 2013-08-25 15:44 - 00000847 _____ C:\Users\Juls\AppData\Local\recently-used.xbel
2013-08-25 15:34 - 2013-08-25 15:34 - 00000000 ____D C:\Users\Juls\.thumbnails
2013-08-25 15:30 - 2013-08-25 15:34 - 00000000 ____D C:\Users\Juls\.gimp-2.8
2013-08-25 15:29 - 2013-08-25 15:29 - 00000000 ____D C:\Users\Juls\AppData\Local\gegl-0.2
2013-08-25 14:48 - 2013-08-25 15:27 - 00000000 ____D C:\Users\Juls\Documents\Bluetooth Exchange Folder
2013-08-25 14:33 - 2013-08-25 15:09 - 00000000 ____D C:\Users\Juls\Documents\Fußball
2013-08-19 13:59 - 2013-08-19 14:02 - 00000000 ____D C:\Windows\system32\MRT
2013-08-19 13:53 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-19 13:53 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-19 13:53 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-19 13:53 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-19 13:53 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-19 13:53 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-19 13:53 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-19 13:53 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-19 13:53 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-19 13:53 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-19 13:53 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-19 13:53 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-19 13:53 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-19 13:53 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-19 13:53 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-19 13:53 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-15 11:53 - 2013-07-05 06:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 11:53 - 2013-06-15 15:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-15 11:53 - 2013-06-15 13:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-15 11:52 - 2013-07-17 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 11:52 - 2013-07-10 11:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 11:52 - 2013-07-09 14:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 11:52 - 2013-07-08 06:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-15 11:52 - 2013-07-08 06:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 11:47 - 2013-07-08 06:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 11:47 - 2013-07-08 06:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 11:47 - 2013-07-08 06:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 11:47 - 2013-07-08 06:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

==================== One Month Modified Files and Folders =======

2013-09-06 14:52 - 2011-12-13 19:47 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343180365-3658905709-1398490034-1000UA.job
2013-09-06 14:43 - 2013-09-06 14:43 - 00891115 _____ C:\Users\Juls\Downloads\SecurityCheck.exe
2013-09-06 14:28 - 2009-02-22 14:46 - 01949911 _____ C:\Windows\WindowsUpdate.log
2013-09-06 14:04 - 2013-03-30 16:09 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-06 13:10 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-06 13:09 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-06 13:09 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-06 12:44 - 2008-01-21 09:16 - 01650980 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-06 11:14 - 2013-09-06 11:14 - 02347384 _____ (ESET) C:\Users\Juls\Downloads\esetsmartinstaller_enu.exe
2013-09-06 11:05 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-05 22:35 - 2009-02-22 21:10 - 00005332 _____ C:\Windows\bthservsdp.dat
2013-09-05 22:35 - 2006-11-02 15:01 - 00032530 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-05 22:31 - 2013-09-05 22:31 - 01947160 _____ (Farbar) C:\Users\Juls\Downloads\FRST64.exe
2013-09-05 22:25 - 2013-09-05 22:25 - 00001737 _____ C:\Users\Juls\Desktop\JRT.txt
2013-09-05 22:20 - 2013-09-05 22:20 - 00000000 ____D C:\Windows\ERUNT
2013-09-05 22:19 - 2013-09-05 22:19 - 01028757 _____ (Thisisu) C:\Users\Juls\Downloads\JRT.exe
2013-09-05 22:10 - 2013-09-05 17:59 - 00000000 ____D C:\AdwCleaner
2013-09-05 22:10 - 2011-12-13 19:50 - 00001160 _____ C:\Users\Juls\Desktop\Google Chrome.lnk
2013-09-05 22:10 - 2011-12-13 19:50 - 00000000 ____D C:\Users\Juls\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-09-05 22:10 - 2009-03-03 18:34 - 00000975 _____ C:\Users\Juls\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-05 18:01 - 2009-03-10 21:45 - 00000000 ____D C:\ProgramData\ICQ
2013-09-05 17:58 - 2013-09-05 17:58 - 01037222 _____ C:\Users\Juls\Downloads\adwcleaner.exe
2013-09-05 17:52 - 2011-12-13 19:47 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343180365-3658905709-1398490034-1000Core.job
2013-09-05 16:06 - 2013-09-02 16:04 - 00000000 ____D C:\Users\Juls\AppData\Roaming\player
2013-09-05 15:48 - 2013-09-05 15:48 - 00000908 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-05 15:48 - 2013-09-05 15:48 - 00000000 ____D C:\Users\Juls\AppData\Roaming\Malwarebytes
2013-09-05 15:48 - 2013-09-05 15:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-05 15:48 - 2013-09-05 15:48 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-05 15:47 - 2013-09-05 15:47 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Juls\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-05 13:40 - 2013-09-05 13:40 - 00016917 _____ C:\ComboFix.txt
2013-09-05 13:40 - 2013-09-05 10:54 - 00000000 ____D C:\Qoobox
2013-09-05 13:40 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Default
2013-09-05 13:40 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-09-05 13:38 - 2013-09-05 10:51 - 00000000 ____D C:\Windows\erdnt
2013-09-05 13:35 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2013-09-05 12:04 - 2008-01-21 04:47 - 00164202 _____ C:\Windows\PFRO.log
2013-09-05 12:03 - 2006-11-02 12:22 - 42729472 _____ C:\Windows\system32\config\software.bak
2013-09-05 12:03 - 2006-11-02 12:22 - 40632320 _____ C:\Windows\system32\config\COMPON~3.bak
2013-09-05 12:03 - 2006-11-02 12:22 - 31195136 _____ C:\Windows\system32\config\system.bak
2013-09-05 12:03 - 2006-11-02 12:22 - 00524288 _____ C:\Windows\system32\config\default.bak
2013-09-05 12:03 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\security.bak
2013-09-05 12:03 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\sam.bak
2013-09-05 10:51 - 2013-09-05 10:49 - 05120804 ____R (Swearware) C:\Users\Juls\Downloads\ComboFix.exe
2013-09-05 10:43 - 2009-03-07 16:45 - 00006080 _____ C:\Users\Juls\AppData\Local\d3d9caps.dat
2013-09-04 13:49 - 2013-06-09 12:31 - 00000000 ____D C:\Users\Juls\Documents\TS GRUPPE 5
2013-09-02 22:42 - 2013-09-02 22:42 - 00185115 _____ C:\Users\Juls\Desktop\Gmer.log
2013-09-02 22:41 - 2013-09-02 22:41 - 00185115 _____ C:\Users\Juls\Downloads\Gmer.log
2013-09-02 22:41 - 2013-09-02 22:41 - 00000454 _____ C:\Users\Juls\Gmer.lnk
2013-09-02 22:41 - 2009-03-03 18:29 - 00000000 ____D C:\Users\Juls
2013-09-02 22:21 - 2013-09-02 22:21 - 00460032 _____ C:\Users\Juls\Desktop\setupAVAST.txt
2013-09-02 22:15 - 2013-09-02 22:15 - 00046626 _____ C:\Users\Juls\Downloads\Addition3.txt
2013-09-02 22:06 - 2013-09-02 22:06 - 00377856 _____ C:\Users\Juls\Downloads\gmer_2.1.19163 (1).exe
2013-09-02 22:00 - 2013-09-02 22:00 - 333557075 _____ C:\Windows\MEMORY.DMP
2013-09-02 22:00 - 2013-09-02 22:00 - 00143704 _____ C:\Windows\Minidump\Mini090213-01.dmp
2013-09-02 22:00 - 2013-09-02 22:00 - 00000000 ____D C:\Windows\Minidump
2013-09-02 21:57 - 2013-09-02 21:57 - 00377856 _____ C:\Users\Juls\Downloads\gmer_2.1.19163.exe
2013-09-02 21:53 - 2013-09-02 21:53 - 00059300 _____ C:\Users\Juls\Desktop\FRST.txt
2013-09-02 21:53 - 2013-09-02 21:53 - 00046626 _____ C:\Users\Juls\Desktop\Addition.txt
2013-09-02 21:52 - 2013-09-02 21:50 - 00046626 _____ C:\Users\Juls\Downloads\Addition.txt
2013-09-02 21:48 - 2013-09-02 21:48 - 00000000 ____D C:\FRST
2013-09-02 21:46 - 2013-09-02 21:45 - 00000444 _____ C:\Users\Juls\Downloads\defogger_disable.log
2013-09-02 21:45 - 2013-09-02 21:45 - 00000000 _____ C:\Users\Juls\defogger_reenable
2013-09-02 21:44 - 2013-09-02 21:44 - 00050477 _____ C:\Users\Juls\Downloads\Defogger.exe
2013-09-02 21:44 - 2013-09-02 21:43 - 01085803 _____ (Farbar) C:\Users\Juls\Downloads\FRST.exe
2013-09-02 18:23 - 2013-08-29 14:09 - 00000000 ____D C:\Program Files\LyricsSeeker
2013-09-02 17:54 - 2013-09-02 17:54 - 00000000 ____D C:\Windows\system32\searchplugins
2013-09-02 17:54 - 2013-09-02 17:54 - 00000000 ____D C:\Windows\system32\Extensions
2013-09-02 15:57 - 2013-09-02 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-09-02 15:57 - 2013-09-02 16:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-09-02 15:57 - 2013-09-02 15:57 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-09-02 15:57 - 2013-09-02 15:56 - 00770344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-09-02 15:57 - 2013-09-02 15:56 - 00369584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-09-02 15:57 - 2013-09-02 15:56 - 00175176 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-09-02 15:56 - 2013-09-02 15:56 - 00001831 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-09-02 15:56 - 2006-11-02 12:23 - 00002577 _____ C:\Windows\system32\config.nt
2013-09-02 15:51 - 2013-09-02 15:51 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-02 15:51 - 2013-09-02 15:49 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-02 15:47 - 2013-09-02 15:47 - 00000000 __SHD C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-09-02 15:45 - 2013-09-02 15:43 - 00000000 ____D C:\Users\Juls\Desktop\TuneUp Utilities 2012 (Download)
2013-09-02 15:38 - 2013-09-02 15:38 - 00000000 ____D C:\Program Files\Amazon
2013-09-02 14:58 - 2013-09-02 14:58 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-09-02 14:49 - 2013-09-02 14:49 - 00000556 _____ C:\Windows\KB893803v2.log
2013-08-29 18:20 - 2006-11-02 14:52 - 00273417 _____ C:\Windows\setupact.log
2013-08-29 18:00 - 2012-10-15 17:26 - 00000000 ____D C:\Program Files\ABBYY FineReader 9.0 Sprint
2013-08-29 17:58 - 2012-10-15 17:25 - 00000000 ____D C:\ProgramData\UDL
2013-08-29 17:57 - 2012-10-15 17:23 - 00000308 _____ C:\Windows\setup.iss
2013-08-29 17:57 - 2012-10-15 17:17 - 00000000 ____D C:\Program Files\EPSON Software
2013-08-29 17:57 - 2009-02-22 21:07 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-08-29 17:55 - 2012-10-15 17:10 - 00000000 ____D C:\Program Files\epson
2013-08-29 17:53 - 2013-08-29 17:53 - 00000000 ____D C:\Program Files\EpsonNet
2013-08-29 17:52 - 2013-08-29 17:52 - 00000000 ____D C:\Users\Juls\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPSON Software
2013-08-29 17:52 - 2012-10-15 17:17 - 00000000 ____D C:\Program Files\Common Files\EPSON
2013-08-29 17:47 - 2012-10-15 17:11 - 00000000 ____D C:\ProgramData\EPSON
2013-08-29 17:44 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\twain_32
2013-08-28 16:09 - 2013-08-28 16:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2013-08-28 16:07 - 2013-08-28 16:07 - 00000000 ____D C:\Program Files\HTC
2013-08-28 16:06 - 2013-08-28 16:02 - 00008080 _____ C:\Windows\DPINST.LOG
2013-08-28 16:05 - 2013-08-28 16:05 - 00000000 ____D C:\Users\Juls\AppData\Local\Downloaded Installations
2013-08-28 16:01 - 2013-08-28 16:01 - 00000000 ____D C:\ProgramData\HTC
2013-08-28 13:32 - 2013-08-28 13:32 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2013-08-25 16:19 - 2011-06-29 17:03 - 00072704 ____H C:\Users\Juls\Desktop\photothumb.db
2013-08-25 16:18 - 2013-08-25 16:18 - 00000000 ____D C:\Users\Juls\AppData\Local\avgchrome
2013-08-25 16:09 - 2013-08-25 16:09 - 00000000 ____D C:\Program Files\Image Converter
2013-08-25 15:44 - 2013-08-25 15:44 - 00000847 _____ C:\Users\Juls\AppData\Local\recently-used.xbel
2013-08-25 15:34 - 2013-08-25 15:34 - 00000000 ____D C:\Users\Juls\.thumbnails
2013-08-25 15:34 - 2013-08-25 15:30 - 00000000 ____D C:\Users\Juls\.gimp-2.8
2013-08-25 15:29 - 2013-08-25 15:29 - 00000000 ____D C:\Users\Juls\AppData\Local\gegl-0.2
2013-08-25 15:27 - 2013-08-25 14:48 - 00000000 ____D C:\Users\Juls\Documents\Bluetooth Exchange Folder
2013-08-25 15:09 - 2013-08-25 14:33 - 00000000 ____D C:\Users\Juls\Documents\Fußball
2013-08-25 14:17 - 2013-01-05 22:17 - 00000000 ____D C:\Users\Juls\Documents\KIGA
2013-08-25 14:04 - 2013-03-30 16:09 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-25 14:04 - 2013-03-30 16:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-23 17:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-19 14:02 - 2013-08-19 13:59 - 00000000 ____D C:\Windows\system32\MRT
2013-08-19 14:02 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-19 13:59 - 2006-11-02 12:24 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

Files to move or delete:
====================
C:\Users\Juls\AppData\Local\Temp\Quarantine.exe
C:\Users\Juls\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-06 14:02

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Hallo,
war es das jetzt? :-) Kann ich jetzt versuchen, den VAP-Player zu deinstallieren?
Soll ich die anderen Programme, die ich hier runtergeladen habe, auch deinstallieren?

Schon mal VIELEN DANK!!!

*VAF

Antwort
Seite 1 von 2 1 2

Themen zu VAF Player lässt sich nicht deinstallieren!
behauptet, bluescree, bluescreen, compu, datei, dateien werden angeblich nicht gefunden, deinstalliere, deinstallieren, devices, einfach, entfern, entfernt, erklären, fenster, gefunde, gmer, keine deinstallation möglich, konnte, player, vap player, wirklich, zunächst, öffnet


« Windows 7: Webseiten werden nach Google Suche auf kommerzielle Seiten umgeleitet | https://gqs.donedrive.net popups öffnen ständig »


Ähnliche Themen: VAF Player lässt sich nicht deinstallieren!


  1. Spiel lässt sich nicht deinstallieren.
    Alles rund um Windows - 02.10.2015 (2)
  2. Treiber lässt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 10.02.2015 (17)
  3. Spyhunter 4 lässt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 09.02.2015 (16)
  4. snapdo lässt sich nicht deinstallieren
    Log-Analyse und Auswertung - 30.09.2014 (3)
  5. Skype lässt sich nicht deinstallieren.
    Plagegeister aller Art und deren Bekämpfung - 14.08.2014 (5)
  6. Savingsbull lässt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 07.04.2014 (1)
  7. VAF Player lässt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 28.02.2014 (3)
  8. RegClean Pro lässt sich nicht deinstallieren
    Log-Analyse und Auswertung - 09.02.2014 (8)
  9. yontoo 2.052 lässt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 07.02.2014 (5)
  10. Lookinglink lässt sich nicht deinstallieren
    Log-Analyse und Auswertung - 05.02.2014 (11)
  11. Spyhunter lässt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 06.12.2013 (7)
  12. Iminent lässt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 07.11.2013 (11)
  13. HDvid Codec V1 eingefangen, lässt sich nicht deinstallieren, Rechner hängt sich bei Beutzerwechsel auf
    Log-Analyse und Auswertung - 28.09.2013 (15)
  14. AntiVir lässt sich nicht deinstallieren
    Antiviren-, Firewall- und andere Schutzprogramme - 28.07.2011 (3)
  15. AVG lässt sich nicht deinstallieren
    Log-Analyse und Auswertung - 24.05.2011 (3)
  16. Antivir lässt sich nicht deinstallieren
    Antiviren-, Firewall- und andere Schutzprogramme - 22.02.2009 (7)
  17. AntiVir lässt sich nicht deinstallieren!
    Antiviren-, Firewall- und andere Schutzprogramme - 10.02.2006 (11)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema VAF Player lässt sich nicht deinstallieren! - Hallo, Der VAF Player lässt sich nicht deinstallieren. Es öffnet sich ein Fenster, welches behauptet, dass die Datei nicht gefunden werden kann... Ich bin nicht wirklich ein Computerchecker, bitte alles - VAF Player lässt sich nicht deinstallieren!...
Archiv
Du betrachtest: VAF Player lässt sich nicht deinstallieren! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129