| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Malwarebytes findet Trojan.Agent, jedoch lässt sich dieser nicht löschen!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
11.05.2014, 16:33
| #1 |
| |  Windows 7: Malwarebytes findet Trojan.Agent, jedoch lässt sich dieser nicht löschen! Hallo, http://www.trojaner-board.de/images/editor/redo.gif da ich keine Romane schreiben soll komm ich gleich zur Sache: Ich habe nun mehrmals versucht einen Trojan.Agent mittels Malwarebytes zu löschen. Malwarebytes forder mich jedes mal zum neustart auf damit der Trojaner gelöscht werden kann. Leider vergeblich. Bitte um Hilfe dazu. Vielen Dank  Anhang 66827 |
|
11.05.2014, 17:31
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 7: Malwarebytes findet Trojan.Agent, jedoch lässt sich dieser nicht löschen! Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
11.05.2014, 17:48
| #3 |
| | Windows 7: Malwarebytes findet Trojan.Agent, jedoch lässt sich dieser nicht löschen! Ich hatte es als Anhang eingefügt eben weil es zu viele Zeichen waren.
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014
Ran by Benito (administrator) on PC on 11-05-2014 16:54:18
Running from C:\Users\Benito\Desktop\operation
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Bdrive Inc.) C:\Program Files\NetDrive\ndsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Users\Benito\AppData\Local\Viber\Viber.exe
(wifimouse.necta.us) C:\Program Files (x86)\MouseServer\MouseServer.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(TeamViewer GmbH) C:\Program Files (x86)\Teamviewer\Version9\TeamViewer_Service.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Bdrive Inc.) C:\Program Files\NetDrive\netdrive.exe
(Dropbox, Inc.) C:\Users\Benito\AppData\Roaming\Dropbox\bin\Dropbox.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe
(Creative Technology Ltd.) C:\Windows\V0770Mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(JAP-Team) C:\Program Files (x86)\JonDo\JonDo.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\javaw.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe
(Adobe Systems Incorporated ) C:\Program Files (x86)\Common Files\Adobe\dynamiclink\CS6\dynamiclinkmanager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
() C:\Users\Benito\Desktop\operation\01 Defogger.exe
(Farbar) C:\Users\Benito\Desktop\operation\02 FRST64.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [5889816 2011-12-07] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1171088 2013-10-06] (Highresolution Enterprises)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-11-04] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2013-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [RoccatKonePure] => C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.EXE [561152 2013-06-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [V0770Mon.exe] => C:\Windows\V0770Mon.exe [32884 2012-06-01] (Creative Technology Ltd.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM-x32\...\Run: [Driver Genius] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Policies\Explorer\Run: [43061] => C:\PROGRA~3\LOCALS~1\Temp\msvrmv.cmd No File
HKU\S-1-5-21-4015719053-3797219543-3078460475-1000\...\Run: [Viber] => C:\Users\Benito\AppData\Local\Viber\Viber.exe [912904 2013-07-31] ()
HKU\S-1-5-21-4015719053-3797219543-3078460475-1000\...\Run: [MouseServer] => C:\Program Files (x86)\MouseServer\MouseServer.exe [244736 2013-08-26] (wifimouse.necta.us)
HKU\S-1-5-21-4015719053-3797219543-3078460475-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-4015719053-3797219543-3078460475-1000\...\Run: [Facebook Update] => C:\Users\Benito\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-01-25] (Facebook Inc.)
HKU\S-1-5-21-4015719053-3797219543-3078460475-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4015719053-3797219543-3078460475-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-4015719053-3797219543-3078460475-1000\...\Run: [NetDrive] => C:\Program Files\NetDrive\netdrive.exe [3620864 2014-05-08] (Bdrive Inc.)
HKU\S-1-5-21-4015719053-3797219543-3078460475-1000\...\MountPoints2: {06c28c38-6349-11e1-9609-bc05430602d9} - "J:\Adobe CS5\Set-up.exe"
HKU\S-1-5-21-4015719053-3797219543-3078460475-1000\...\MountPoints2: {df0df845-6325-11e1-a4ec-806e6f6e6963} - D:\Bin\assetup.exe
HKU\S-1-5-21-4015719053-3797219543-3078460475-1000\...\MountPoints2: {df0df8d8-6325-11e1-a4ec-c03463dc972f} - I:\pushinst.exe
HKU\S-1-5-21-4015719053-3797219543-3078460475-1004\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-4015719053-3797219543-3078460475-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-4015719053-3797219543-3078460475-1004\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4015719053-3797219543-3078460475-1004\...\Run: [Viber] => C:\Users\Benito\AppData\Local\Viber\Viber.exe [912904 2013-07-31] ()
HKU\S-1-5-21-4015719053-3797219543-3078460475-1004\...\Run: [MouseServer] => C:\Program Files (x86)\MouseServer\MouseServer.exe [244736 2013-08-26] (wifimouse.necta.us)
HKU\S-1-5-21-4015719053-3797219543-3078460475-1004\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-4015719053-3797219543-3078460475-1004\...\MountPoints2: {06c28c38-6349-11e1-9609-bc05430602d9} - "J:\Adobe CS5\Set-up.exe"
HKU\S-1-5-21-4015719053-3797219543-3078460475-1004\...\MountPoints2: {528f5207-84ef-11e1-be37-bc05430602d9} - I:\Autorun.exe
HKU\S-1-5-21-4015719053-3797219543-3078460475-1004\...\MountPoints2: {df0df845-6325-11e1-a4ec-806e6f6e6963} - D:\Bin\assetup.exe
HKU\S-1-5-21-4015719053-3797219543-3078460475-1004\...\MountPoints2: {df0df8d8-6325-11e1-a4ec-c03463dc972f} - I:\pushinst.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\JonDo.lnk
ShortcutTarget: JonDo.lnk -> C:\Program Files (x86)\JonDo\JonDo.exe (JAP-Team)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logo Calibration Loader.lnk
ShortcutTarget: Logo Calibration Loader.lnk -> C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ProfileReminder.lnk
ShortcutTarget: ProfileReminder.lnk -> C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\Users\Benito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Benito\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x462F1FD04AF7CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
URLSearchHook: HKCU - (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - No File
URLSearchHook: HKCU - (No Name) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {3C6E0C6D-87D1-4398-9E87-115D19F2B63B} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DE0522D4-BC58-40A7-A50A-6E2DA008BA92}: [NameServer]208.67.222.222,208.67.220.220
FireFox:
========
FF ProfilePath: C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox
FF NewTab: about:blank
FF DefaultSearchEngine: Startpage HTTPS
FF SelectedSearchEngine: Startpage HTTPS
FF Homepage: about:home
FF NetworkProxy: "ftp", "127.0.0.1"
FF NetworkProxy: "ftp_port", 4001
FF NetworkProxy: "gopher", "127.0.0.1"
FF NetworkProxy: "gopher_port", 4001
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 4001
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 4001
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 4001
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Benito\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\blekko-ssl.xml
FF SearchPlugin: C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\duckduckgo-ssl-javascript-free.xml
FF SearchPlugin: C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-de-ssl.xml
FF SearchPlugin: C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-encrypted-no-personalization.xml
FF SearchPlugin: C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick---deutsch.xml
FF SearchPlugin: C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---deutsch.xml
FF SearchPlugin: C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---english.xml
FF SearchPlugin: C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick.xml
FF SearchPlugin: C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-eng-ger.xml
FF SearchPlugin: C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-esp-ale.xml
FF SearchPlugin: C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-fra-all.xml
FF SearchPlugin: C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\metager2.xml
FF SearchPlugin: C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-deutsch.xml
FF SearchPlugin: C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-english.xml
FF SearchPlugin: C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https---deutsch.xml
FF SearchPlugin: C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HTTPS-Everywhere - C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\https-everywhere@eff.org [2014-05-11]
FF Extension: No Name - C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\staged [2014-05-11]
FF Extension: Cookie Monster - C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{45d8ff86-d909-11db-9705-005056c00008} [2014-05-11]
FF Extension: DownloadHelper - C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-05-11]
FF Extension: JonDoFox - C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{437be45a-4114-11dd-b9ab-71d256d89593}.xpi [2014-04-29]
FF Extension: NoScript - C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-04-29]
FF Extension: Adblock Plus - C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-19]
FF Extension: ProfileSwitcher - C:\Users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}.xpi [2014-03-19]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-05-11]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-09-15]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Easy Auto Refresh) - C:\Users\Benito\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2013-11-03]
CHR Extension: (Web Developer) - C:\Users\Benito\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2013-11-03]
CHR Extension: (YouTube) - C:\Users\Benito\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-03]
CHR Extension: (Firebug Lite for Google Chromeâ„¢) - C:\Users\Benito\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2013-11-03]
CHR Extension: (Adblock Plus) - C:\Users\Benito\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-03]
CHR Extension: (Hide My Ass! Web Proxy) - C:\Users\Benito\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd [2014-01-28]
CHR Extension: (Google Wallet) - C:\Users\Benito\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKCU\...\Chrome\Extension: [nlafpokblfobdnjhhggocaanijghemnd] - C:\Users\Benito\AppData\Local\CRE\nlafpokblfobdnjhhggocaanijghemnd.crx [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-04-09]
CHR HKLM-x32\...\Chrome\Extension: [nlafpokblfobdnjhhggocaanijghemnd] - C:\Users\Benito\AppData\Local\CRE\nlafpokblfobdnjhhggocaanijghemnd.crx [2012-04-09]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 ndsvc; C:\Program Files\NetDrive\ndsvc.exe [2789376 2013-02-25] (Bdrive Inc.)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2014-05-02] (The OpenVPN Project)
R2 postgresql-8.4; C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe [66048 2014-01-29] (PostgreSQL Global Development Group)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S2 UPDATESRV; "C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe" /service [X]
S2 VSSERV; "C:\Program Files\Bitdefender\Bitdefender\vsserv.exe" /service [X]
S2 WinDefend; %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [X]
==================== Drivers (Whitelisted) ====================
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-04] (AVM Berlin)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2014-02-07] (Bitdefender SRL)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-13] (DT Soft Ltd)
S3 EyeOneDisplay; C:\Windows\System32\Drivers\i1display_x64.sys [7808 2005-12-14] (GretagMacbeth LLC)
S3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [1293824 2010-10-04] (AVM GmbH)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2014-02-07] (BitDefender LLC)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
S1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 ndfs; C:\Program Files\NetDrive\ndfs.sys [63712 2013-02-01] (Bdrive Inc.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2012-01-18] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2012-01-18] ()
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [204568 2013-08-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 V0770Vid; C:\Windows\System32\DRIVERS\V0770Vid.sys [379776 2012-06-01] (Creative Technology Ltd.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113936 2013-12-18] (Oracle Corporation)
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S2 PDIHWCTL; \??\C:\Windows\system32\drivers\pdihwctl.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-11 16:53 - 2014-05-11 16:54 - 00000000 ____D () C:\FRST
2014-05-11 16:36 - 2014-05-11 16:40 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\JonDo
2014-05-11 16:36 - 2014-05-11 16:36 - 00000967 _____ () C:\Users\Public\Desktop\JonDo.lnk
2014-05-11 16:33 - 2014-05-11 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JonDo
2014-05-11 16:33 - 2014-05-11 16:33 - 00000000 ____D () C:\Program Files (x86)\JonDo
2014-05-11 16:26 - 2014-05-11 16:28 - 29682832 _____ (JonDos GmbH) C:\Users\Benito\Downloads\JonDoFox.paf.exe
2014-05-11 16:15 - 2014-05-11 16:15 - 00109338 _____ () C:\Users\Benito\Downloads\flashblock-1.5.17-fx.xpi
2014-05-11 16:03 - 2014-05-11 15:19 - 00002359 _____ () C:\Users\Benito\Desktop\Google Chrome.lnk
2014-05-11 16:01 - 2014-04-03 04:20 - 00001111 _____ () C:\Users\Benito\Desktop\SRWare Iron (2).lnk
2014-05-11 15:29 - 2014-05-11 15:29 - 00707723 _____ () C:\Users\Benito\Downloads\https-everywhere-3.5.1.zip
2014-05-11 15:29 - 2014-05-11 15:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-11 15:29 - 2014-04-28 13:59 - 00724341 _____ () C:\Users\Benito\Desktop\https-everywhere-3.5.1.xpi
2014-05-11 15:27 - 2014-05-11 15:27 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\Wireshark
2014-05-11 15:12 - 2014-05-11 15:12 - 00629584 _____ (Chip Digital GmbH) C:\Users\Benito\Downloads\UnChrome - CHIP-Downloader.exe
2014-05-11 15:01 - 2014-05-11 15:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-05-11 15:01 - 2014-05-11 15:01 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-05-11 14:59 - 2014-05-11 15:01 - 00000000 ____D () C:\Program Files\Wireshark
2014-05-11 14:59 - 2014-05-11 14:59 - 00001545 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2014-05-11 14:58 - 2014-05-11 14:59 - 28001672 _____ (Wireshark development team) C:\Users\Benito\Downloads\Wireshark-win64-1.10.7.exe
2014-05-11 14:48 - 2014-05-11 14:48 - 00000314 _____ () C:\Windows\PFRO.log
2014-05-11 14:41 - 2014-05-11 14:47 - 00000000 ____D () C:\AdwCleaner
2014-05-11 14:41 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-11 14:40 - 2014-05-11 14:40 - 00000168 _____ () C:\Users\Benito\defogger_reenable
2014-05-11 14:39 - 2014-05-11 14:39 - 00629584 _____ (Chip Digital GmbH) C:\Users\Benito\Downloads\AdwCleaner - CHIP-Downloader.exe
2014-05-11 14:29 - 2014-05-11 16:54 - 00000000 ____D () C:\Users\Benito\Desktop\operation
2014-05-11 06:40 - 2014-05-11 06:40 - 00000068 _____ () C:\Users\Benito\Desktop\Hans Zimmer - Time (Inception) - YouTube.url
2014-05-11 01:20 - 2014-05-11 01:20 - 00000000 ____D () C:\Users\Benito\Desktop\Satire
2014-05-11 01:09 - 2014-05-11 01:09 - 23770280 _____ (APOWERSOFT LIMITED ) C:\Users\Benito\Downloads\video-download-capture (1).exe
2014-05-11 01:08 - 2014-05-11 01:08 - 00000000 ____D () C:\Users\Benito\Documents\Video Download Capture
2014-05-11 01:08 - 2014-05-11 01:08 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\Apowersoft
2014-05-11 01:08 - 2014-04-09 21:05 - 00031920 _____ (Wondershare) C:\Windows\system32\Drivers\Apowersoft_AudioDevice.sys
2014-05-11 01:07 - 2014-05-11 01:07 - 23770280 _____ (APOWERSOFT LIMITED ) C:\Users\Benito\Downloads\video-download-capture.exe
2014-05-11 01:03 - 2014-05-11 01:23 - 00000000 ____D () C:\Users\Benito\Desktop\Ukaine
2014-05-10 03:06 - 2014-05-11 14:48 - 00000327 _____ () C:\Windows\setupact.log
2014-05-10 03:06 - 2014-05-10 03:06 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-09 08:31 - 2014-05-09 08:31 - 00001657 _____ () C:\Users\Benito\Downloads\Siauliai.zip
2014-05-09 08:27 - 2014-05-09 08:27 - 00001659 _____ () C:\Users\Benito\Downloads\Bucharest (1).zip
2014-05-09 08:01 - 2014-05-09 10:33 - 00000000 ____D () C:\Users\Benito\Desktop\ds
2014-05-09 03:50 - 2014-05-09 03:50 - 00001658 _____ () C:\Users\Benito\Downloads\Manassas.zip
2014-05-09 03:31 - 2014-05-09 03:31 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-09 03:29 - 2014-05-09 03:29 - 00921512 _____ (Oracle Corporation) C:\Users\Benito\Downloads\chromeinstall-7u55.exe
2014-05-09 02:00 - 2014-05-09 02:00 - 00001662 _____ () C:\Users\Benito\Downloads\Providence (1).zip
2014-05-08 09:36 - 2014-05-08 09:36 - 00001659 _____ () C:\Users\Benito\Downloads\Bucharest.zip
2014-05-08 08:37 - 2014-05-08 08:37 - 00001662 _____ () C:\Users\Benito\Downloads\Providence.zip
2014-05-08 08:36 - 2014-05-09 12:04 - 00000952 _____ () C:\Users\Public\Desktop\OpenVPN GUI.lnk
2014-05-08 08:36 - 2014-05-08 08:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2014-05-08 08:36 - 2014-05-08 08:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2014-05-08 08:36 - 2014-05-08 08:36 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-05-08 08:36 - 2014-05-08 08:36 - 00000000 ____D () C:\Program Files\OpenVPN
2014-05-08 08:35 - 2014-05-08 08:35 - 01758624 _____ () C:\Users\Benito\Downloads\openvpn-install-2.3.4-I001-x86_64.exe
2014-05-08 03:39 - 2014-05-08 03:39 - 00003210 _____ () C:\Windows\System32\Tasks\RunAsStdUser Task
2014-05-08 02:33 - 2014-05-08 02:33 - 00000000 ____D () C:\Users\Benito\Desktop\gx
2014-05-08 01:54 - 2014-05-08 01:54 - 107394336 _____ (Oracle Corporation) C:\Users\Benito\Downloads\VirtualBox-4.3.10-93012-Win (2).exe
2014-05-08 01:53 - 2014-05-08 01:53 - 10432166 _____ () C:\Users\Benito\Downloads\Oracle_VM_VirtualBox_Extension_Pack-4.3.10-93012.vbox-extpack
2014-05-08 01:51 - 2014-05-08 01:51 - 12404740 _____ () C:\Users\Benito\Downloads\Oracle_VM_VirtualBox_Extension_Pack-4.2.24-92790.vbox-extpack
2014-05-08 01:24 - 2014-05-08 01:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2014-05-08 01:24 - 2014-03-26 19:01 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-05-08 01:23 - 2014-03-26 19:00 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-05-08 01:14 - 2014-05-08 01:14 - 00000000 ____D () C:\Users\Benito\Desktop\themes
2014-05-07 20:26 - 2014-05-07 20:27 - 107394336 _____ (Oracle Corporation) C:\Users\Benito\Downloads\VirtualBox-4.3.10-93012-Win (1).exe
2014-05-07 03:10 - 2014-05-07 03:10 - 00000066 _____ () C:\Users\Benito\Desktop\Fotolia ProPix Kesu.url
2014-05-06 15:22 - 2014-05-06 15:22 - 00000104 _____ () C:\Users\Benito\Desktop\Bonnie Rotten is a girl who loves cum.url
2014-05-06 11:21 - 2014-05-06 11:21 - 00000000 ____D () C:\Users\Benito\Desktop\dLink
2014-05-06 06:59 - 2014-05-06 06:59 - 00000078 _____ () C:\Users\Benito\Desktop\So deaktivieren Sie IPv6 oder bestimmte IPv6-Komponenten in Windows.url
2014-05-05 21:00 - 2014-05-05 21:33 - 103696215 _____ () C:\Users\Benito\Downloads\DIR-615_sw_revd_DCCUtility400b04_ALL_multi.zip
2014-05-05 20:51 - 2014-05-05 20:58 - 00000000 ____D () C:\Users\Benito\Documents\Wohnungsmaklerin
2014-05-05 20:08 - 2014-05-05 20:19 - 00000000 ____D () C:\Users\Benito\Desktop\Laminat
2014-05-05 03:02 - 2014-05-05 03:02 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\Apple Computer
2014-05-04 21:30 - 2014-05-04 22:26 - 00000000 ____D () C:\Users\Benito\Desktop\h
2014-05-04 21:30 - 2014-05-04 21:30 - 00146944 _____ () C:\Users\Benito\Downloads\start.exe
2014-05-04 20:56 - 2014-05-04 20:56 - 00000549 _____ () C:\Users\Benito\Documents\MalewareBytes.txt
2014-05-03 13:17 - 2014-05-03 21:30 - 00000471 _____ () C:\Users\Benito\Documents\Ohne Namen2.info
2014-05-03 13:17 - 2014-05-03 13:17 - 00000000 ____D () C:\Users\Benito\Documents\Ohne Namen2-data
2014-05-02 19:39 - 2014-05-02 19:39 - 09330257 _____ () C:\Users\Benito\Downloads\tele (1).apk
2014-05-02 19:30 - 2014-05-02 19:30 - 09330257 _____ () C:\Users\Benito\Downloads\tele.apk
2014-05-02 15:44 - 2014-05-02 15:46 - 107394336 _____ (Oracle Corporation) C:\Users\Benito\Downloads\VirtualBox-4.3.10-93012-Win.exe
2014-05-02 15:09 - 2014-05-03 21:30 - 00000490 _____ () C:\Users\Benito\Documents\three.info
2014-05-02 15:09 - 2014-05-02 15:09 - 00000000 ____D () C:\Users\Benito\Documents\three-data
2014-05-01 18:32 - 2014-05-03 21:30 - 00000339 _____ () C:\Users\Benito\Documents\two.info
2014-05-01 18:32 - 2014-05-01 18:32 - 00000000 ____D () C:\Users\Benito\Documents\two-data
2014-05-01 15:17 - 2014-05-03 21:30 - 00000484 _____ () C:\Users\Benito\Documents\ttt.info
2014-05-01 15:17 - 2014-05-01 15:17 - 00000000 ____D () C:\Users\Benito\Documents\ttt-data
2014-05-01 15:16 - 2014-05-01 15:16 - 08935640 _____ () C:\Users\Benito\Downloads\multibit-0.5.18-windows-setup.exe
2014-05-01 15:16 - 2014-05-01 15:16 - 00001817 _____ () C:\Users\Public\Desktop\MultiBit 0.5.18.lnk
2014-05-01 15:16 - 2014-05-01 15:16 - 00000000 ____D () C:\Program Files (x86)\MultiBit-0.5.18
2014-04-30 19:53 - 2014-04-30 20:46 - 00000000 ____D () C:\Users\Benito\Desktop\ggggg
2014-04-30 14:12 - 2014-04-30 14:13 - 00000000 ____D () C:\Users\Benito\Desktop\Montagsdemo
2014-04-29 13:21 - 2014-04-29 13:21 - 00000000 ____D () C:\Users\Benito\AppData\Local\Apple Computer
2014-04-29 12:55 - 2014-04-29 12:55 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-04-29 12:55 - 2014-04-29 12:55 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-04-29 12:55 - 2014-04-29 12:55 - 00000000 ____D () C:\Users\Benito\AppData\Local\Apple
2014-04-29 12:55 - 2014-04-29 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-04-29 12:55 - 2014-04-29 12:55 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-04-29 12:55 - 2014-04-29 12:55 - 00000000 ____D () C:\ProgramData\Apple
2014-04-29 12:55 - 2014-04-29 12:55 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-04-29 12:54 - 2014-04-29 12:54 - 41945432 _____ (Apple Inc.) C:\Users\Benito\Downloads\QuickTimeInstaller.exe
2014-04-29 12:39 - 2014-04-29 12:39 - 00000000 ____D () C:\Windows\de
2014-04-29 12:38 - 2014-04-29 12:38 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-04-29 12:38 - 2014-04-29 12:38 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-04-29 12:38 - 2014-04-29 12:38 - 00000020 _____ () C:\Windows\€ôŒ
2014-04-29 12:38 - 2014-04-29 12:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-04-29 12:37 - 2014-04-29 12:37 - 01245384 _____ (Microsoft Corporation) C:\Users\Benito\Downloads\wlsetup-web.exe
2014-04-29 03:47 - 2014-04-29 03:47 - 00000000 ____D () C:\Users\Benito\AppData\Local\{2BD9986F-4847-4FFA-95C3-00E8663A8453}
2014-04-28 15:46 - 2014-04-28 15:47 - 00000000 ____D () C:\Users\Benito\AppData\Local\{942148B4-A03C-4B36-9224-AFF504EF5CCB}
2014-04-28 12:48 - 2014-04-28 12:48 - 00087370 _____ () C:\Users\Benito\Downloads\bickleyscriptplain (1).ttf
2014-04-28 12:43 - 2014-04-28 12:43 - 00087370 _____ () C:\Users\Benito\Downloads\bickleyscriptplain.ttf
2014-04-28 12:30 - 2014-04-28 12:30 - 00052561 _____ () C:\Users\Benito\Downloads\adine-kirnberg.zip
2014-04-28 12:12 - 2014-04-28 12:12 - 00103488 _____ () C:\Users\Benito\Downloads\11509.ttf
2014-04-28 12:09 - 2014-04-28 12:09 - 00012658 _____ () C:\Users\Benito\Downloads\coronet.zip
2014-04-28 11:06 - 2014-04-28 11:07 - 22913908 _____ () C:\Users\Benito\Downloads\torbrowser-install-3.5.4_en-US.exe
2014-04-28 10:43 - 2014-04-28 10:43 - 00000066 _____ () C:\Users\Benito\Desktop\FOTOLIA Jag_cz Fotograph für Cocktails und Themen.url
2014-04-28 02:02 - 2014-04-28 02:02 - 00000000 ____D () C:\Users\Benito\AppData\Local\{0BC7DE71-1DA1-4A69-9FCD-181E8F65A143}
2014-04-27 15:26 - 2014-04-27 15:26 - 01002126 _____ () C:\Users\Benito\Downloads\Fotolia_48607340_Subscription_Monthly_V.zip
2014-04-27 14:46 - 2014-04-27 14:46 - 00276553 _____ () C:\Users\Benito\Downloads\bstyle.zip
2014-04-27 14:39 - 2014-04-27 14:39 - 00015590 _____ () C:\Users\Benito\Downloads\block-gothic-rr-extra-bold-extra-condensed.zip
2014-04-27 14:31 - 2014-04-27 14:31 - 00010128 _____ () C:\Users\Benito\Downloads\afcamberwell-one.zip
2014-04-27 09:05 - 2014-04-27 09:05 - 00000000 ____D () C:\Users\Benito\AppData\Local\{4FBD2959-81C7-4E2B-B1C8-D9C0C57959CD}
2014-04-27 00:42 - 2014-04-27 00:42 - 00000000 ____D () C:\Users\Benito\AppData\Local\{0B0CB995-405D-4DA4-88C9-C2C837DCF300}
2014-04-26 20:19 - 2014-04-26 20:19 - 00000049 _____ () C:\Users\Benito\Desktop\LaRouchePAC.url
2014-04-26 12:41 - 2014-04-26 12:41 - 04745984 _____ (Piriform Ltd) C:\Users\Benito\Downloads\ccsetup413.exe
2014-04-26 02:08 - 2014-04-26 02:08 - 00000000 ____D () C:\Users\Benito\AppData\Local\{F9A409CA-0F6F-4BD5-AA47-AA66611FFEB9}
2014-04-25 19:02 - 2014-04-25 19:02 - 00025469 _____ () C:\Users\Benito\Downloads\metakorrespondenz_italic.zip
2014-04-25 19:00 - 2014-04-25 19:00 - 00026008 _____ () C:\Users\Benito\Downloads\metakorrespondenz_bold.zip
2014-04-25 12:37 - 2014-04-25 12:37 - 00000000 ____D () C:\Users\Benito\AppData\Local\{B32EC965-F774-465B-BE25-0825073F374D}
2014-04-25 06:32 - 2014-04-25 06:32 - 00054206 _____ () C:\Users\Benito\Downloads\metakorrespondenz-roman.ttf
2014-04-25 05:08 - 2014-04-25 05:08 - 00058920 _____ () C:\Users\Benito\Downloads\Vivaldi Italic.ttf
2014-04-25 05:08 - 2014-04-25 05:08 - 00023764 _____ () C:\Users\Benito\Downloads\Vivala.ttf
2014-04-25 05:03 - 2014-04-25 05:03 - 00058920 _____ () C:\Users\Benito\Downloads\27992.ttf
2014-04-25 05:03 - 2014-04-25 05:03 - 00058920 _____ () C:\Users\Benito\Downloads\27992 (1).ttf
2014-04-24 10:42 - 2014-04-24 10:42 - 17410183 _____ () C:\Users\Benito\Downloads\eci_offset_2009.zip
2014-04-24 07:50 - 2014-04-24 07:50 - 00000000 ____D () C:\Users\Benito\AppData\Local\{8923352A-32E5-437E-A532-BFA5A8F352D7}
2014-04-23 22:42 - 2014-04-23 22:42 - 00036284 _____ () C:\Users\Benito\Downloads\Bahamas Bold.ttf
2014-04-23 17:53 - 2014-04-23 17:53 - 00000000 ____D () C:\Users\Benito\AppData\Local\{8515CB41-D500-480D-B6B1-6DD9C7E587E0}
2014-04-23 04:27 - 2014-04-23 04:27 - 00000000 ____D () C:\Program Files (x86)\X-Rite
2014-04-23 04:27 - 2007-02-08 13:48 - 00051600 _____ (Thesycon GmbH, Germany) C:\Windows\system32\Drivers\i1_x64.sys
2014-04-23 04:27 - 2005-12-14 00:53 - 00007808 _____ (GretagMacbeth LLC) C:\Windows\system32\Drivers\i1display_x64.sys
2014-04-23 04:24 - 2014-04-23 04:24 - 23785848 _____ (GretagMacbeth ) C:\Users\Benito\Downloads\i1Match_3.6.2_Win7.exe
2014-04-23 04:17 - 2014-04-23 04:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GretagMacbeth
2014-04-23 04:17 - 2007-02-08 13:48 - 00051600 _____ (Thesycon GmbH, Germany) C:\Windows\system32\Drivers\i1iO2_x64.sys
2014-04-23 04:17 - 2006-05-18 16:13 - 00047104 _____ (Thesycon GmbH, Germany) C:\Windows\system32\Drivers\EyeOneX64.sys
2014-04-23 04:17 - 2006-05-18 16:13 - 00007808 _____ (GretagMacbeth LLC) C:\Windows\system32\Drivers\SeqCal.sys
2014-04-23 04:16 - 2014-04-23 04:16 - 00000000 ____D () C:\Program Files (x86)\GretagMacbeth
2014-04-23 04:15 - 2014-04-23 04:15 - 00000034 _____ () C:\Windows\AutoRun.ini
2014-04-23 01:52 - 2014-04-23 01:52 - 00000000 ____D () C:\Users\Benito\AppData\Local\{35A83F96-9634-4992-B7A9-E21934AFDB0B}
2014-04-22 10:38 - 2014-04-22 10:39 - 00000000 ____D () C:\Users\Benito\AppData\Local\{2D9139A4-A6C6-4D38-A920-B2D8D47BB3FA}
2014-04-21 22:38 - 2014-04-21 22:38 - 00000000 ____D () C:\Users\Benito\AppData\Local\{19D408E9-0183-41E0-9CCA-23F0C5CCAAD0}
2014-04-21 10:38 - 2014-04-21 10:38 - 00000000 ____D () C:\Users\Benito\AppData\Local\{159DFA3F-4360-4827-A740-3790B67B5899}
2014-04-20 22:38 - 2014-04-20 22:38 - 00000000 ____D () C:\Users\Benito\AppData\Local\{AAB5E7FA-CEE2-40D6-ABE8-95824E19BF80}
2014-04-20 07:02 - 2014-04-20 07:03 - 00000000 ____D () C:\Users\Benito\AppData\Local\{F67B0002-D56E-42EE-9FC5-B5EB939C2790}
2014-04-20 05:50 - 2014-04-20 05:50 - 00000000 ____D () C:\Users\Benito\Documents\Hunger.de
2014-04-19 18:21 - 2014-04-19 18:21 - 00000000 ____D () C:\Users\Benito\AppData\Local\{899A2578-ABC4-416F-B6BC-4D5F2C424F19}
2014-04-18 19:50 - 2014-04-18 19:50 - 00000000 ____D () C:\Users\Benito\AppData\Local\{7D4769B4-5CF9-43C7-AEB1-1943877F7195}
2014-04-18 08:14 - 2014-04-18 08:14 - 00051209 _____ () C:\Users\Benito\Downloads\phone-icon-clip-art.zip
2014-04-18 04:34 - 2014-04-18 04:34 - 00000000 ____D () C:\Users\Benito\Downloads\trade-winds
2014-04-18 04:33 - 2014-04-18 04:33 - 00049706 _____ () C:\Users\Benito\Downloads\trade-winds.zip
2014-04-18 01:15 - 2014-04-18 01:15 - 00000000 ____D () C:\Users\Benito\AppData\Local\{39273768-7C76-498C-B319-65A3F3AC09AC}
2014-04-17 14:15 - 2014-04-17 14:15 - 00000000 __SHD () C:\Windows\ftpcache
2014-04-17 12:43 - 2014-04-17 12:43 - 00000000 ____D () C:\Users\Benito\AppData\Local\{C89561AC-9430-487E-8337-AAC546320492}
2014-04-16 22:11 - 2014-04-16 22:12 - 00000000 ____D () C:\Users\Benito\AppData\Local\{3EFFF4CE-4642-4255-B3B7-2AE82F00C35B}
2014-04-16 10:11 - 2014-04-16 10:11 - 00000000 ____D () C:\Users\Benito\AppData\Local\{1D3B3B29-4538-4421-9DC7-95BF5322A9F9}
2014-04-15 20:06 - 2014-04-15 20:06 - 00000000 ____D () C:\Users\Benito\AppData\Local\{7DE2FF07-FF4C-4D41-BDDE-E5D47A2A403C}
2014-04-15 08:50 - 2014-04-15 08:50 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-15 08:06 - 2014-04-15 08:06 - 00000000 ____D () C:\Users\Benito\AppData\Local\{5EF490BA-5178-47E1-9E87-2929FE809CE2}
2014-04-14 19:04 - 2014-04-14 19:04 - 00000000 ____D () C:\Users\Benito\AppData\Local\{AD304668-8173-420A-BB06-7A72CF4CB1D3}
2014-04-14 18:57 - 2014-04-14 18:57 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\DropboxMaster
2014-04-14 18:55 - 2014-04-14 18:55 - 00316288 _____ (Dropbox, Inc.) C:\Users\Benito\Downloads\DropboxInstaller.exe
2014-04-14 07:03 - 2014-04-14 07:04 - 00000000 ____D () C:\Users\Benito\AppData\Local\{6F02A7C9-C363-4366-B825-2C7CB9857DE8}
2014-04-13 19:03 - 2014-04-13 19:03 - 00000000 ____D () C:\Users\Benito\AppData\Local\{6B70F4FF-2A1E-4BE0-A855-70969D05CE15}
2014-04-13 16:02 - 2014-04-13 16:02 - 00000000 ____D () C:\Users\Benito\AppData\Local\{5C90BCED-7345-45ED-A497-5D0744C88F5D}
2014-04-12 15:48 - 2014-04-12 15:48 - 00000000 ____D () C:\Users\Benito\AppData\Local\{B39CBFB8-2D9F-452B-A572-25B8C35BAF8E}
2014-04-12 03:47 - 2014-04-12 03:47 - 00000000 ____D () C:\Users\Benito\AppData\Local\{4D8BE65C-A88F-4FC3-B529-962B3A15391D}
2014-04-11 13:13 - 2014-04-11 13:13 - 00000000 ____D () C:\Users\Benito\AppData\Local\{D2C8217D-F459-43B7-90F5-87A6978BDC64}
2014-04-11 08:05 - 2014-04-11 08:05 - 00000000 __SHD () C:\Users\Benito\AppData\Local\EmieUserList
2014-04-11 08:05 - 2014-04-11 08:05 - 00000000 __SHD () C:\Users\Benito\AppData\Local\EmieSiteList
2014-04-11 00:30 - 2014-04-11 00:30 - 00000000 ____D () C:\Users\Benito\AppData\Local\{958DBB88-6CEA-4E84-9668-BB8E66042422}
==================== One Month Modified Files and Folders =======
2014-05-11 16:54 - 2014-05-11 16:53 - 00000000 ____D () C:\FRST
2014-05-11 16:54 - 2014-05-11 14:29 - 00000000 ____D () C:\Users\Benito\Desktop\operation
2014-05-11 16:52 - 2013-09-15 10:32 - 00001456 _____ () C:\Users\Benito\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-05-11 16:52 - 2012-03-01 02:25 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\Skype
2014-05-11 16:40 - 2014-05-11 16:36 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\JonDo
2014-05-11 16:36 - 2014-05-11 16:36 - 00000967 _____ () C:\Users\Public\Desktop\JonDo.lnk
2014-05-11 16:36 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-11 16:33 - 2014-05-11 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JonDo
2014-05-11 16:33 - 2014-05-11 16:33 - 00000000 ____D () C:\Program Files (x86)\JonDo
2014-05-11 16:28 - 2014-05-11 16:26 - 29682832 _____ (JonDos GmbH) C:\Users\Benito\Downloads\JonDoFox.paf.exe
2014-05-11 16:28 - 2012-03-05 16:05 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JonDoFox
2014-05-11 16:23 - 2012-11-09 23:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-11 16:16 - 2012-09-04 08:36 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4015719053-3797219543-3078460475-1000UA.job
2014-05-11 16:15 - 2014-05-11 16:15 - 00109338 _____ () C:\Users\Benito\Downloads\flashblock-1.5.17-fx.xpi
2014-05-11 16:05 - 2012-12-21 03:59 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-11 15:29 - 2014-05-11 15:29 - 00707723 _____ () C:\Users\Benito\Downloads\https-everywhere-3.5.1.zip
2014-05-11 15:29 - 2014-05-11 15:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-11 15:29 - 2012-06-14 05:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-11 15:27 - 2014-05-11 15:27 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\Wireshark
2014-05-11 15:19 - 2014-05-11 16:03 - 00002359 _____ () C:\Users\Benito\Desktop\Google Chrome.lnk
2014-05-11 15:12 - 2014-05-11 15:12 - 00629584 _____ (Chip Digital GmbH) C:\Users\Benito\Downloads\UnChrome - CHIP-Downloader.exe
2014-05-11 15:01 - 2014-05-11 15:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-05-11 15:01 - 2014-05-11 15:01 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-05-11 15:01 - 2014-05-11 14:59 - 00000000 ____D () C:\Program Files\Wireshark
2014-05-11 14:59 - 2014-05-11 14:59 - 00001545 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2014-05-11 14:59 - 2014-05-11 14:58 - 28001672 _____ (Wireshark development team) C:\Users\Benito\Downloads\Wireshark-win64-1.10.7.exe
2014-05-11 14:57 - 2009-07-14 19:58 - 00700486 _____ () C:\Windows\system32\perfh007.dat
2014-05-11 14:57 - 2009-07-14 19:58 - 00150124 _____ () C:\Windows\system32\perfc007.dat
2014-05-11 14:57 - 2009-07-14 07:13 - 01624178 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-11 14:53 - 2009-07-14 06:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-11 14:53 - 2009-07-14 06:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-11 14:52 - 2012-03-01 00:39 - 01505167 _____ () C:\Windows\WindowsUpdate.log
2014-05-11 14:49 - 2012-03-01 05:20 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\Dropbox
2014-05-11 14:48 - 2014-05-11 14:48 - 00000314 _____ () C:\Windows\PFRO.log
2014-05-11 14:48 - 2014-05-10 03:06 - 00000327 _____ () C:\Windows\setupact.log
2014-05-11 14:48 - 2013-09-22 18:04 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\ViberPC
2014-05-11 14:48 - 2013-09-22 18:04 - 00000000 ____D () C:\Users\Benito\AppData\Local\Viber
2014-05-11 14:48 - 2013-06-22 01:00 - 00086436 _____ () C:\ndsvc.log
2014-05-11 14:48 - 2012-12-21 03:59 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-11 14:48 - 2012-03-01 05:21 - 00000000 ___RD () C:\Users\Benito\Dropbox
2014-05-11 14:48 - 2012-03-01 02:48 - 00000000 ____D () C:\Users\postgres
2014-05-11 14:48 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-11 14:47 - 2014-05-11 14:41 - 00000000 ____D () C:\AdwCleaner
2014-05-11 14:47 - 2013-08-04 22:04 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RemoteControl for Winamp
2014-05-11 14:47 - 2013-02-01 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-11 14:47 - 2012-03-05 16:00 - 00001065 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-11 14:47 - 2012-03-01 00:50 - 00000997 _____ () C:\Users\Benito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-11 14:40 - 2014-05-11 14:40 - 00000168 _____ () C:\Users\Benito\defogger_reenable
2014-05-11 14:40 - 2012-03-01 00:49 - 00000000 ____D () C:\Users\Benito
2014-05-11 14:39 - 2014-05-11 14:39 - 00629584 _____ (Chip Digital GmbH) C:\Users\Benito\Downloads\AdwCleaner - CHIP-Downloader.exe
2014-05-11 14:21 - 2013-10-23 17:24 - 00000000 ____D () C:\Users\Benito\.VirtualBox
2014-05-11 06:40 - 2014-05-11 06:40 - 00000068 _____ () C:\Users\Benito\Desktop\Hans Zimmer - Time (Inception) - YouTube.url
2014-05-11 02:00 - 2012-03-01 05:44 - 00000000 ____D () C:\Users\Benito\AppData\Local\Adobe
2014-05-11 01:23 - 2014-05-11 01:03 - 00000000 ____D () C:\Users\Benito\Desktop\Ukaine
2014-05-11 01:20 - 2014-05-11 01:20 - 00000000 ____D () C:\Users\Benito\Desktop\Satire
2014-05-11 01:18 - 2012-10-01 20:46 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-05-11 01:16 - 2012-09-04 08:36 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4015719053-3797219543-3078460475-1000Core.job
2014-05-11 01:09 - 2014-05-11 01:09 - 23770280 _____ (APOWERSOFT LIMITED ) C:\Users\Benito\Downloads\video-download-capture (1).exe
2014-05-11 01:08 - 2014-05-11 01:08 - 00000000 ____D () C:\Users\Benito\Documents\Video Download Capture
2014-05-11 01:08 - 2014-05-11 01:08 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\Apowersoft
2014-05-11 01:08 - 2012-03-01 03:34 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-05-11 01:07 - 2014-05-11 01:07 - 23770280 _____ (APOWERSOFT LIMITED ) C:\Users\Benito\Downloads\video-download-capture.exe
2014-05-10 03:06 - 2014-05-10 03:06 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-10 03:06 - 2013-06-22 01:00 - 00000000 ____D () C:\Program Files\NetDrive
2014-05-09 12:04 - 2014-05-08 08:36 - 00000952 _____ () C:\Users\Public\Desktop\OpenVPN GUI.lnk
2014-05-09 10:33 - 2014-05-09 08:01 - 00000000 ____D () C:\Users\Benito\Desktop\ds
2014-05-09 08:31 - 2014-05-09 08:31 - 00001657 _____ () C:\Users\Benito\Downloads\Siauliai.zip
2014-05-09 08:27 - 2014-05-09 08:27 - 00001659 _____ () C:\Users\Benito\Downloads\Bucharest (1).zip
2014-05-09 03:50 - 2014-05-09 03:50 - 00001658 _____ () C:\Users\Benito\Downloads\Manassas.zip
2014-05-09 03:48 - 2012-11-09 23:48 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-09 03:48 - 2012-11-09 23:48 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-09 03:48 - 2012-11-09 23:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-09 03:31 - 2014-05-09 03:31 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-09 03:31 - 2013-09-29 17:57 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-09 03:31 - 2012-03-01 03:16 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-09 03:29 - 2014-05-09 03:29 - 00921512 _____ (Oracle Corporation) C:\Users\Benito\Downloads\chromeinstall-7u55.exe
2014-05-09 02:00 - 2014-05-09 02:00 - 00001662 _____ () C:\Users\Benito\Downloads\Providence (1).zip
2014-05-08 12:11 - 2014-02-28 03:16 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\Telegram Win (Unofficial)
2014-05-08 12:11 - 2012-10-13 20:21 - 00000000 ____D () C:\Users\Benito\AppData\Local\CrashDumps
2014-05-08 09:36 - 2014-05-08 09:36 - 00001659 _____ () C:\Users\Benito\Downloads\Bucharest.zip
2014-05-08 08:37 - 2014-05-08 08:37 - 00001662 _____ () C:\Users\Benito\Downloads\Providence.zip
2014-05-08 08:36 - 2014-05-08 08:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2014-05-08 08:36 - 2014-05-08 08:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2014-05-08 08:36 - 2014-05-08 08:36 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-05-08 08:36 - 2014-05-08 08:36 - 00000000 ____D () C:\Program Files\OpenVPN
2014-05-08 08:35 - 2014-05-08 08:35 - 01758624 _____ () C:\Users\Benito\Downloads\openvpn-install-2.3.4-I001-x86_64.exe
2014-05-08 03:59 - 2012-12-21 03:59 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 03:59 - 2012-12-21 03:59 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 03:42 - 2012-03-01 02:58 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\Winamp
2014-05-08 03:39 - 2014-05-08 03:39 - 00003210 _____ () C:\Windows\System32\Tasks\RunAsStdUser Task
2014-05-08 03:11 - 2012-03-02 02:09 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\HoldemManager
2014-05-08 02:52 - 2012-12-29 20:41 - 00008514 _____ () C:\blitzerr.txt
2014-05-08 02:36 - 2013-06-22 22:28 - 00000000 ____D () C:\Users\Benito\AppData\Local\PokerStars.EU
2014-05-08 02:33 - 2014-05-08 02:33 - 00000000 ____D () C:\Users\Benito\Desktop\gx
2014-05-08 01:58 - 2014-05-08 01:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2014-05-08 01:54 - 2014-05-08 01:54 - 107394336 _____ (Oracle Corporation) C:\Users\Benito\Downloads\VirtualBox-4.3.10-93012-Win (2).exe
2014-05-08 01:53 - 2014-05-08 01:53 - 10432166 _____ () C:\Users\Benito\Downloads\Oracle_VM_VirtualBox_Extension_Pack-4.3.10-93012.vbox-extpack
2014-05-08 01:51 - 2014-05-08 01:51 - 12404740 _____ () C:\Users\Benito\Downloads\Oracle_VM_VirtualBox_Extension_Pack-4.2.24-92790.vbox-extpack
2014-05-08 01:14 - 2014-05-08 01:14 - 00000000 ____D () C:\Users\Benito\Desktop\themes
2014-05-07 20:27 - 2014-05-07 20:26 - 107394336 _____ (Oracle Corporation) C:\Users\Benito\Downloads\VirtualBox-4.3.10-93012-Win (1).exe
2014-05-07 03:10 - 2014-05-07 03:10 - 00000066 _____ () C:\Users\Benito\Desktop\Fotolia ProPix Kesu.url
2014-05-06 15:22 - 2014-05-06 15:22 - 00000104 _____ () C:\Users\Benito\Desktop\Bonnie Rotten is a girl who loves cum.url
2014-05-06 12:48 - 2013-10-22 15:13 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\MyPhoneExplorer
2014-05-06 11:21 - 2014-05-06 11:21 - 00000000 ____D () C:\Users\Benito\Desktop\dLink
2014-05-06 09:36 - 2014-01-20 13:35 - 00000000 ____D () C:\Users\Benito\Documents\' W O R K z
2014-05-06 07:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-06 07:13 - 2013-01-29 20:35 - 00000000 ____D () C:\Program Files (x86)\Holdem Manager 2
2014-05-06 06:59 - 2014-05-06 06:59 - 00000078 _____ () C:\Users\Benito\Desktop\So deaktivieren Sie IPv6 oder bestimmte IPv6-Komponenten in Windows.url
2014-05-05 21:33 - 2014-05-05 21:00 - 103696215 _____ () C:\Users\Benito\Downloads\DIR-615_sw_revd_DCCUtility400b04_ALL_multi.zip
2014-05-05 20:58 - 2014-05-05 20:51 - 00000000 ____D () C:\Users\Benito\Documents\Wohnungsmaklerin
2014-05-05 20:19 - 2014-05-05 20:08 - 00000000 ____D () C:\Users\Benito\Desktop\Laminat
2014-05-05 03:02 - 2014-05-05 03:02 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\Apple Computer
2014-05-05 03:02 - 2009-07-14 06:45 - 05363160 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-05 01:01 - 2013-08-28 00:40 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\TableNinja.v2
2014-05-04 22:26 - 2014-05-04 21:30 - 00000000 ____D () C:\Users\Benito\Desktop\h
2014-05-04 22:24 - 2014-03-10 06:39 - 00000888 _____ () C:\Users\Benito\Downloads\Config.xml
2014-05-04 21:30 - 2014-05-04 21:30 - 00146944 _____ () C:\Users\Benito\Downloads\start.exe
2014-05-04 20:56 - 2014-05-04 20:56 - 00000549 _____ () C:\Users\Benito\Documents\MalewareBytes.txt
2014-05-03 21:30 - 2014-05-03 13:17 - 00000471 _____ () C:\Users\Benito\Documents\Ohne Namen2.info
2014-05-03 21:30 - 2014-05-02 15:09 - 00000490 _____ () C:\Users\Benito\Documents\three.info
2014-05-03 21:30 - 2014-05-01 18:32 - 00000339 _____ () C:\Users\Benito\Documents\two.info
2014-05-03 21:30 - 2014-05-01 15:17 - 00000484 _____ () C:\Users\Benito\Documents\ttt.info
2014-05-03 21:30 - 2014-02-08 02:26 - 00000374 _____ () C:\Users\Benito\Documents\dn.info
2014-05-03 21:30 - 2014-02-08 02:14 - 00000483 _____ () C:\Users\Benito\Documents\Ohne Namen.info
2014-05-03 13:17 - 2014-05-03 13:17 - 00000000 ____D () C:\Users\Benito\Documents\Ohne Namen2-data
2014-05-02 19:45 - 2012-04-12 11:22 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\FileZilla
2014-05-02 19:39 - 2014-05-02 19:39 - 09330257 _____ () C:\Users\Benito\Downloads\tele (1).apk
2014-05-02 19:30 - 2014-05-02 19:30 - 09330257 _____ () C:\Users\Benito\Downloads\tele.apk
2014-05-02 18:20 - 2012-03-01 01:47 - 00088424 _____ () C:\Users\Benito\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-02 15:46 - 2014-05-02 15:44 - 107394336 _____ (Oracle Corporation) C:\Users\Benito\Downloads\VirtualBox-4.3.10-93012-Win.exe
2014-05-02 15:09 - 2014-05-02 15:09 - 00000000 ____D () C:\Users\Benito\Documents\three-data
2014-05-02 15:05 - 2014-01-22 15:59 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\MultiBit
2014-05-01 18:32 - 2014-05-01 18:32 - 00000000 ____D () C:\Users\Benito\Documents\two-data
2014-05-01 15:17 - 2014-05-01 15:17 - 00000000 ____D () C:\Users\Benito\Documents\ttt-data
2014-05-01 15:16 - 2014-05-01 15:16 - 08935640 _____ () C:\Users\Benito\Downloads\multibit-0.5.18-windows-setup.exe
2014-05-01 15:16 - 2014-05-01 15:16 - 00001817 _____ () C:\Users\Public\Desktop\MultiBit 0.5.18.lnk
2014-05-01 15:16 - 2014-05-01 15:16 - 00000000 ____D () C:\Program Files (x86)\MultiBit-0.5.18
2014-05-01 15:16 - 2014-01-22 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiBit
2014-04-30 20:46 - 2014-04-30 19:53 - 00000000 ____D () C:\Users\Benito\Desktop\ggggg
2014-04-30 14:13 - 2014-04-30 14:12 - 00000000 ____D () C:\Users\Benito\Desktop\Montagsdemo
2014-04-29 13:21 - 2014-04-29 13:21 - 00000000 ____D () C:\Users\Benito\AppData\Local\Apple Computer
2014-04-29 12:55 - 2014-04-29 12:55 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-04-29 12:55 - 2014-04-29 12:55 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-04-29 12:55 - 2014-04-29 12:55 - 00000000 ____D () C:\Users\Benito\AppData\Local\Apple
2014-04-29 12:55 - 2014-04-29 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-04-29 12:55 - 2014-04-29 12:55 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-04-29 12:55 - 2014-04-29 12:55 - 00000000 ____D () C:\ProgramData\Apple
2014-04-29 12:55 - 2014-04-29 12:55 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-04-29 12:54 - 2014-04-29 12:54 - 41945432 _____ (Apple Inc.) C:\Users\Benito\Downloads\QuickTimeInstaller.exe
2014-04-29 12:39 - 2014-04-29 12:39 - 00000000 ____D () C:\Windows\de
2014-04-29 12:39 - 2012-03-01 04:57 - 00000000 ____D () C:\Users\Benito\AppData\Local\Windows Live
2014-04-29 12:38 - 2014-04-29 12:38 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-04-29 12:38 - 2014-04-29 12:38 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-04-29 12:38 - 2014-04-29 12:38 - 00000020 _____ () C:\Windows\€ôŒ
2014-04-29 12:38 - 2014-04-29 12:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-04-29 12:38 - 2012-03-06 03:43 - 00002486 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-04-29 12:38 - 2012-03-01 05:04 - 00001458 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-04-29 12:37 - 2014-04-29 12:37 - 01245384 _____ (Microsoft Corporation) C:\Users\Benito\Downloads\wlsetup-web.exe
2014-04-29 06:01 - 2012-03-01 05:20 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-29 06:01 - 2012-03-01 00:50 - 00000000 ___RD () C:\Users\Benito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-29 03:47 - 2014-04-29 03:47 - 00000000 ____D () C:\Users\Benito\AppData\Local\{2BD9986F-4847-4FFA-95C3-00E8663A8453}
2014-04-28 15:47 - 2014-04-28 15:46 - 00000000 ____D () C:\Users\Benito\AppData\Local\{942148B4-A03C-4B36-9224-AFF504EF5CCB}
2014-04-28 13:59 - 2014-05-11 15:29 - 00724341 _____ () C:\Users\Benito\Desktop\https-everywhere-3.5.1.xpi
2014-04-28 12:48 - 2014-04-28 12:48 - 00087370 _____ () C:\Users\Benito\Downloads\bickleyscriptplain (1).ttf
2014-04-28 12:43 - 2014-04-28 12:43 - 00087370 _____ () C:\Users\Benito\Downloads\bickleyscriptplain.ttf
2014-04-28 12:30 - 2014-04-28 12:30 - 00052561 _____ () C:\Users\Benito\Downloads\adine-kirnberg.zip
2014-04-28 12:12 - 2014-04-28 12:12 - 00103488 _____ () C:\Users\Benito\Downloads\11509.ttf
2014-04-28 12:09 - 2014-04-28 12:09 - 00012658 _____ () C:\Users\Benito\Downloads\coronet.zip
2014-04-28 11:07 - 2014-04-28 11:06 - 22913908 _____ () C:\Users\Benito\Downloads\torbrowser-install-3.5.4_en-US.exe
2014-04-28 10:43 - 2014-04-28 10:43 - 00000066 _____ () C:\Users\Benito\Desktop\FOTOLIA Jag_cz Fotograph für Cocktails und Themen.url
2014-04-28 02:02 - 2014-04-28 02:02 - 00000000 ____D () C:\Users\Benito\AppData\Local\{0BC7DE71-1DA1-4A69-9FCD-181E8F65A143}
2014-04-27 15:26 - 2014-04-27 15:26 - 01002126 _____ () C:\Users\Benito\Downloads\Fotolia_48607340_Subscription_Monthly_V.zip
2014-04-27 14:46 - 2014-04-27 14:46 - 00276553 _____ () C:\Users\Benito\Downloads\bstyle.zip
2014-04-27 14:39 - 2014-04-27 14:39 - 00015590 _____ () C:\Users\Benito\Downloads\block-gothic-rr-extra-bold-extra-condensed.zip
2014-04-27 14:31 - 2014-04-27 14:31 - 00010128 _____ () C:\Users\Benito\Downloads\afcamberwell-one.zip
2014-04-27 09:05 - 2014-04-27 09:05 - 00000000 ____D () C:\Users\Benito\AppData\Local\{4FBD2959-81C7-4E2B-B1C8-D9C0C57959CD}
2014-04-27 00:42 - 2014-04-27 00:42 - 00000000 ____D () C:\Users\Benito\AppData\Local\{0B0CB995-405D-4DA4-88C9-C2C837DCF300}
2014-04-27 00:37 - 2013-01-29 20:40 - 00000000 ____D () C:\HM2Archive
2014-04-26 20:19 - 2014-04-26 20:19 - 00000049 _____ () C:\Users\Benito\Desktop\LaRouchePAC.url
2014-04-26 12:42 - 2012-03-07 13:02 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-26 12:41 - 2014-04-26 12:41 - 04745984 _____ (Piriform Ltd) C:\Users\Benito\Downloads\ccsetup413.exe
2014-04-26 02:08 - 2014-04-26 02:08 - 00000000 ____D () C:\Users\Benito\AppData\Local\{F9A409CA-0F6F-4BD5-AA47-AA66611FFEB9}
2014-04-25 19:02 - 2014-04-25 19:02 - 00025469 _____ () C:\Users\Benito\Downloads\metakorrespondenz_italic.zip
2014-04-25 19:00 - 2014-04-25 19:00 - 00026008 _____ () C:\Users\Benito\Downloads\metakorrespondenz_bold.zip
2014-04-25 12:37 - 2014-04-25 12:37 - 00000000 ____D () C:\Users\Benito\AppData\Local\{B32EC965-F774-465B-BE25-0825073F374D}
2014-04-25 06:32 - 2014-04-25 06:32 - 00054206 _____ () C:\Users\Benito\Downloads\metakorrespondenz-roman.ttf
2014-04-25 05:08 - 2014-04-25 05:08 - 00058920 _____ () C:\Users\Benito\Downloads\Vivaldi Italic.ttf
2014-04-25 05:08 - 2014-04-25 05:08 - 00023764 _____ () C:\Users\Benito\Downloads\Vivala.ttf
2014-04-25 05:03 - 2014-04-25 05:03 - 00058920 _____ () C:\Users\Benito\Downloads\27992.ttf
2014-04-25 05:03 - 2014-04-25 05:03 - 00058920 _____ () C:\Users\Benito\Downloads\27992 (1).ttf
2014-04-24 10:42 - 2014-04-24 10:42 - 17410183 _____ () C:\Users\Benito\Downloads\eci_offset_2009.zip
2014-04-24 07:50 - 2014-04-24 07:50 - 00000000 ____D () C:\Users\Benito\AppData\Local\{8923352A-32E5-437E-A532-BFA5A8F352D7}
2014-04-23 22:42 - 2014-04-23 22:42 - 00036284 _____ () C:\Users\Benito\Downloads\Bahamas Bold.ttf
2014-04-23 17:53 - 2014-04-23 17:53 - 00000000 ____D () C:\Users\Benito\AppData\Local\{8515CB41-D500-480D-B6B1-6DD9C7E587E0}
2014-04-23 04:27 - 2014-04-23 04:27 - 00000000 ____D () C:\Program Files (x86)\X-Rite
2014-04-23 04:27 - 2014-04-23 04:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GretagMacbeth
2014-04-23 04:24 - 2014-04-23 04:24 - 23785848 _____ (GretagMacbeth ) C:\Users\Benito\Downloads\i1Match_3.6.2_Win7.exe
2014-04-23 04:16 - 2014-04-23 04:16 - 00000000 ____D () C:\Program Files (x86)\GretagMacbeth
2014-04-23 04:15 - 2014-04-23 04:15 - 00000034 _____ () C:\Windows\AutoRun.ini
2014-04-23 01:52 - 2014-04-23 01:52 - 00000000 ____D () C:\Users\Benito\AppData\Local\{35A83F96-9634-4992-B7A9-E21934AFDB0B}
2014-04-22 10:39 - 2014-04-22 10:38 - 00000000 ____D () C:\Users\Benito\AppData\Local\{2D9139A4-A6C6-4D38-A920-B2D8D47BB3FA}
2014-04-21 22:38 - 2014-04-21 22:38 - 00000000 ____D () C:\Users\Benito\AppData\Local\{19D408E9-0183-41E0-9CCA-23F0C5CCAAD0}
2014-04-21 10:38 - 2014-04-21 10:38 - 00000000 ____D () C:\Users\Benito\AppData\Local\{159DFA3F-4360-4827-A740-3790B67B5899}
2014-04-20 22:38 - 2014-04-20 22:38 - 00000000 ____D () C:\Users\Benito\AppData\Local\{AAB5E7FA-CEE2-40D6-ABE8-95824E19BF80}
2014-04-20 07:03 - 2014-04-20 07:02 - 00000000 ____D () C:\Users\Benito\AppData\Local\{F67B0002-D56E-42EE-9FC5-B5EB939C2790}
2014-04-20 05:59 - 2014-02-27 02:55 - 00000000 ____D () C:\Users\Benito\Desktop\dropbox
2014-04-20 05:50 - 2014-04-20 05:50 - 00000000 ____D () C:\Users\Benito\Documents\Hunger.de
2014-04-19 18:21 - 2014-04-19 18:21 - 00000000 ____D () C:\Users\Benito\AppData\Local\{899A2578-ABC4-416F-B6BC-4D5F2C424F19}
2014-04-18 19:50 - 2014-04-18 19:50 - 00000000 ____D () C:\Users\Benito\AppData\Local\{7D4769B4-5CF9-43C7-AEB1-1943877F7195}
2014-04-18 08:14 - 2014-04-18 08:14 - 00051209 _____ () C:\Users\Benito\Downloads\phone-icon-clip-art.zip
2014-04-18 04:34 - 2014-04-18 04:34 - 00000000 ____D () C:\Users\Benito\Downloads\trade-winds
2014-04-18 04:33 - 2014-04-18 04:33 - 00049706 _____ () C:\Users\Benito\Downloads\trade-winds.zip
2014-04-18 01:15 - 2014-04-18 01:15 - 00000000 ____D () C:\Users\Benito\AppData\Local\{39273768-7C76-498C-B319-65A3F3AC09AC}
2014-04-17 14:15 - 2014-04-17 14:15 - 00000000 __SHD () C:\Windows\ftpcache
2014-04-17 12:43 - 2014-04-17 12:43 - 00000000 ____D () C:\Users\Benito\AppData\Local\{C89561AC-9430-487E-8337-AAC546320492}
2014-04-16 22:12 - 2014-04-16 22:11 - 00000000 ____D () C:\Users\Benito\AppData\Local\{3EFFF4CE-4642-4255-B3B7-2AE82F00C35B}
2014-04-16 10:11 - 2014-04-16 10:11 - 00000000 ____D () C:\Users\Benito\AppData\Local\{1D3B3B29-4538-4421-9DC7-95BF5322A9F9}
2014-04-15 20:06 - 2014-04-15 20:06 - 00000000 ____D () C:\Users\Benito\AppData\Local\{7DE2FF07-FF4C-4D41-BDDE-E5D47A2A403C}
2014-04-15 08:50 - 2014-04-15 08:50 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-15 08:06 - 2014-04-15 08:06 - 00000000 ____D () C:\Users\Benito\AppData\Local\{5EF490BA-5178-47E1-9E87-2929FE809CE2}
2014-04-14 20:13 - 2013-09-29 17:57 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2013-02-21 03:51 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2013-01-30 10:26 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2013-01-30 10:26 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 19:04 - 2014-04-14 19:04 - 00000000 ____D () C:\Users\Benito\AppData\Local\{AD304668-8173-420A-BB06-7A72CF4CB1D3}
2014-04-14 18:57 - 2014-04-14 18:57 - 00000000 ____D () C:\Users\Benito\AppData\Roaming\DropboxMaster
2014-04-14 18:55 - 2014-04-14 18:55 - 00316288 _____ (Dropbox, Inc.) C:\Users\Benito\Downloads\DropboxInstaller.exe
2014-04-14 07:04 - 2014-04-14 07:03 - 00000000 ____D () C:\Users\Benito\AppData\Local\{6F02A7C9-C363-4366-B825-2C7CB9857DE8}
2014-04-13 19:03 - 2014-04-13 19:03 - 00000000 ____D () C:\Users\Benito\AppData\Local\{6B70F4FF-2A1E-4BE0-A855-70969D05CE15}
2014-04-13 16:02 - 2014-04-13 16:02 - 00000000 ____D () C:\Users\Benito\AppData\Local\{5C90BCED-7345-45ED-A497-5D0744C88F5D}
2014-04-12 15:48 - 2014-04-12 15:48 - 00000000 ____D () C:\Users\Benito\AppData\Local\{B39CBFB8-2D9F-452B-A572-25B8C35BAF8E}
2014-04-12 03:47 - 2014-04-12 03:47 - 00000000 ____D () C:\Users\Benito\AppData\Local\{4D8BE65C-A88F-4FC3-B529-962B3A15391D}
2014-04-11 13:13 - 2014-04-11 13:13 - 00000000 ____D () C:\Users\Benito\AppData\Local\{D2C8217D-F459-43B7-90F5-87A6978BDC64}
2014-04-11 08:05 - 2014-04-11 08:05 - 00000000 __SHD () C:\Users\Benito\AppData\Local\EmieUserList
2014-04-11 08:05 - 2014-04-11 08:05 - 00000000 __SHD () C:\Users\Benito\AppData\Local\EmieSiteList
2014-04-11 00:30 - 2014-04-11 00:30 - 00000000 ____D () C:\Users\Benito\AppData\Local\{958DBB88-6CEA-4E84-9668-BB8E66042422}
Some content of TEMP:
====================
C:\Users\Benito\AppData\Local\Temp\avgnt.exe
C:\Users\Benito\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0o2gmb.dll
C:\Users\Benito\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-09 13:17
==================== End Of Log ============================
--- --- --- |
|
11.05.2014, 17:50
| #4 |
| | Windows 7: Malwarebytes findet Trojan.Agent, jedoch lässt sich dieser nicht löschen!Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2014
Ran by Benito at 2014-05-11 16:54:40
Running from C:\Users\Benito\Desktop\operation
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
888poker (HKLM-x32\...\888poker) (Version: - )
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.9 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1280 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.1.2.232 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.3.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated) Hidden
Advanced PDF Password Recovery (HKCU\...\Advanced PDF Password Recovery) (Version: 4.0 - ElcomSoft Co. Ltd.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - )
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{C8807716-1F6F-5C43-3C32-7295A45CF060}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
CamStudio OSS Desktop Recorder (HKLM-x32\...\{FD9C31B6-F572-414D-81E3-89368C97A125}_is1) (Version: 2.6 Beta r294 - CamStudio Open Source Dev Team)
Camtasia Studio 8 (HKLM-x32\...\{CB2B4C2B-0805-4E06-873D-CECB046A5BE8}) (Version: 8.0.2.964 - TechSmith Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4214 - CDBurnerXP)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
Driver Genius Professional Edition (HKLM-x32\...\Driver Genius Professional Edition_is1) (Version: 11.0 - Driver-Soft Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.31 - Dropbox, Inc.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
Eye-One Match 3.6.2 (HKLM-x32\...\Eye-One Match_is1) (Version: 3.6.2 - GretagMacbeth)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Freemake Video Converter Version 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation)
Full Tilt Poker.Eu (HKLM-x32\...\{127BEFB3-24B2-4B44-8E99-AD22C2A5A8ED}) (Version: 4.63.10.WIN.FullTilt.EU - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version: - )
i1_driver_installer_utility_i1Match version 1.0 (HKLM-x32\...\i1_driver_installer_utility_i1Match_is1) (Version: - X-Rite)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.26.242.3 - Intel Corporation) Hidden
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JonDo (HKLM-x32\...\JonDoUninstall) (Version: - )
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version: - )
Ladbrokes Poker (HKLM-x32\...\Ladbrokes Poker) (Version: - )
Live! Cam Sync HD VF0770 Driver (1.00.02.00) (HKLM\...\Creative VF0770) (Version: - Creative Technology Ltd.)
Logitech Gaming Software (Version: 8.20.74 - Logitech Inc.) Hidden
Logitech Gaming Software 8.20 (HKLM\...\Logitech Gaming Software) (Version: 8.20.74 - Logitech Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Speech SDK 5.1 (HKLM-x32\...\{A403D88E-ED7D-48E3-91FD-B8C8A720EDA1}) (Version: 5.1.4324.0 - Microsoft)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MilkDrop for Winamp 2x (remove only) (HKLM-x32\...\vis_milk.dllWinamp) (Version: - )
MouseServer Version 1.5.0.0 (HKLM-x32\...\{E13018F5-FFC7-4729-9C1B-1A85807D03E6}_is1) (Version: 1.5.0.0 - Necta Co.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MultiBit 0.5.16 (HKLM-x32\...\MultiBit 0.5.16) (Version: 0.5.16 - )
MultiBit 0.5.18 (HKLM-x32\...\MultiBit 0.5.18) (Version: 0.5.18 - )
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
MysticThumbs (HKLM\...\{ED321628-843E-4319-8C6D-CB3C919323AC}) (Version: 1.9.8 - MysticCoder)
NetDrive (HKLM-x32\...\NetDrive) (Version: 1.3.4.0 - Bdrive Inc.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
OpenVPN 2.3.4-I001 (HKLM\...\OpenVPN) (Version: 2.3.4-I001 - )
Oracle VM VirtualBox 4.3.10 (HKLM\...\{5632714F-6A48-4BF2-89E0-F8B6CE9FE6D1}) (Version: 4.3.10 - Oracle Corporation)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
PokerStars.it (HKLM-x32\...\PokerStars.it) (Version: - PokerStars.it)
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
RemoteControl for Winamp (HKLM-x32\...\RemoteControl for Winamp1.00) (Version: 1.00 - Martin Schlodinski)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version: - Roccat GmbH)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.9.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.11.9874 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SRWare Iron Version SRWare Iron 31.0.1700.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 31.0.1700.0 - SRWare)
Streamripper (Remove only) (HKLM-x32\...\Streamripper) (Version: - )
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version: - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
Telegram Win (Unofficial) version 0.4.15 (HKCU\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.4.15 - Telegram (Unofficial))
Titan Poker (HKCU\...\Titan Poker) (Version: - )
TN2 (HKLM-x32\...\{DB47D68F-30E1-4A52-9041-8B010FBC65BE}) (Version: 2.2.231 - PASG)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Viber (HKCU\...\Viber) (Version: 3.0.0.133634 - Viber Media Inc)
Visual C++ 2008 Runtime (x64) (x32 Version: 1.0.1 - Highresolution Enterprises) Hidden
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WinZip 16.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}) (Version: 16.0.9715 - WinZip Computing, S.L. )
Wireshark 1.10.7 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.7 - The Wireshark developer community, hxxp://www.wireshark.org)
X-Mouse Button Control 2.6.2 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.6.2 - Highresolution Enterprises)
==================== Restore Points =========================
10-05-2014 02:14:37 Geplanter Prüfpunkt
10-05-2014 23:08:27 Gerätetreiber-Paketinstallation: Apowersoft Audio-, Video- und Gamecontroller
11-05-2014 12:22:32 OTL Restore Point - 11.05.2014 14:22:31
==================== Hosts content: ==========================
2009-07-14 04:34 - 2013-09-15 08:09 - 00001070 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 informationliberation.com
127.0.0.1 activation.cloud.techsmith.com
127.0.0.1 oscount.techsmith.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 practivate.adobe.com
==================== Scheduled Tasks (whitelisted) =============
Task: {17E1BFDC-DFD2-4B44-876D-47B6B78E559C} - System32\Tasks\RunAsStdUser Task => C:\Program Files\NetDrive\netdrive.exe [2014-05-08] (Bdrive Inc.) <==== ATTENTION
Task: {180AD206-A204-4608-84D8-0CAB021208D6} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {3423C533-2017-41D7-A43E-F9DA47BA14FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {434F06DA-65BF-42E1-B3FD-CF92AB06D279} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-09] (Adobe Systems Incorporated)
Task: {597A5B51-4F11-453D-BD60-0DA7947A0685} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {73E09C6D-BC1D-49DA-B632-3071BF915C7B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4015719053-3797219543-3078460475-1000UA => C:\Users\Benito\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-25] (Facebook Inc.)
Task: {81D8E678-89CD-484B-A5B7-752976F8BFDA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {94709258-F59C-4CD6-B9B6-3F55CD198EAC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A28D0447-C0B2-4056-86DD-09EBE077DDFE} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {BA5552C0-3EB9-4C1F-9F6B-C6F1AA5ED318} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4015719053-3797219543-3078460475-1000Core => C:\Users\Benito\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-25] (Facebook Inc.)
Task: {C790AA59-F971-41E2-9C36-C60FD5A90607} - System32\Tasks\AdobeAAMUpdater-1.0-PC-Benito => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {D929C1D9-EBB5-42CD-B9E8-04BFAF945212} - System32\Tasks\{86B46075-03F8-47DF-9209-1D2BD93997F7} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/abandoninstall?page=tsProgressBar
Task: {E404B1D6-1EE4-48A7-B96A-F17B6CB87D9A} - System32\Tasks\{07981FC3-BD36-4E0C-9A6E-AAA1F98DB690} => C:\Program Files (x86)\Azureus\Azureus.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4015719053-3797219543-3078460475-1000Core.job => C:\Users\Benito\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4015719053-3797219543-3078460475-1000UA.job => C:\Users\Benito\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-08-30 10:01 - 2013-08-30 10:01 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-03-01 03:42 - 2012-02-17 21:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2011-03-22 10:08 - 2011-03-22 10:08 - 00161280 _____ () C:\Program Files\NetDrive\libexpat.dll
2013-09-22 18:04 - 2013-07-31 21:07 - 00912904 _____ () C:\Users\Benito\AppData\Local\Viber\Viber.exe
2014-01-20 13:30 - 2007-09-02 14:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2007-11-11 10:58 - 2007-11-11 10:58 - 00180736 _____ () C:\Program Files\NetDrive\libmcrypt.dll
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-05-11 14:28 - 2014-05-11 14:28 - 00050477 _____ () C:\Users\Benito\Desktop\operation\01 Defogger.exe
2014-02-09 21:56 - 2013-12-09 12:37 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-02-09 21:43 - 2014-01-29 23:58 - 00172032 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\LIBPQ.dll
2014-02-09 21:43 - 2012-08-14 15:19 - 00999424 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\libxml2.dll
2014-03-14 06:10 - 2014-03-14 06:10 - 14442496 _____ () C:\Users\Benito\AppData\Local\Viber\4.1.0.1703\libViber.dll
2014-03-14 06:10 - 2014-03-14 06:10 - 00729088 _____ () C:\Users\Benito\AppData\Local\Viber\4.1.0.1703\libGLESv2.dll
2014-03-14 06:10 - 2014-03-14 06:10 - 00098304 _____ () C:\Users\Benito\AppData\Local\Viber\4.1.0.1703\qfacebook.dll
2014-03-14 06:10 - 2014-03-14 06:10 - 00049152 _____ () C:\Users\Benito\AppData\Local\Viber\4.1.0.1703\libEGL.dll
2014-03-14 06:10 - 2014-03-14 06:10 - 00835584 _____ () C:\Users\Benito\AppData\Local\Viber\4.1.0.1703\platforms\qwindows.dll
2014-03-14 06:10 - 2014-03-14 06:10 - 00024576 _____ () C:\Users\Benito\AppData\Local\Viber\4.1.0.1703\imageformats\qgif.dll
2014-03-14 06:10 - 2014-03-14 06:10 - 00024576 _____ () C:\Users\Benito\AppData\Local\Viber\4.1.0.1703\imageformats\qico.dll
2014-03-14 06:10 - 2014-03-14 06:10 - 00212992 _____ () C:\Users\Benito\AppData\Local\Viber\4.1.0.1703\imageformats\qjpeg.dll
2014-03-14 06:10 - 2014-03-14 06:10 - 00221184 _____ () C:\Users\Benito\AppData\Local\Viber\4.1.0.1703\imageformats\qmng.dll
2014-03-14 06:10 - 2014-03-14 06:10 - 00016384 _____ () C:\Users\Benito\AppData\Local\Viber\4.1.0.1703\imageformats\qsvg.dll
2014-03-14 06:10 - 2014-03-14 06:10 - 00016384 _____ () C:\Users\Benito\AppData\Local\Viber\4.1.0.1703\imageformats\qtga.dll
2014-03-14 06:10 - 2014-03-14 06:10 - 00278528 _____ () C:\Users\Benito\AppData\Local\Viber\4.1.0.1703\imageformats\qtiff.dll
2014-03-14 06:10 - 2014-03-14 06:10 - 00016384 _____ () C:\Users\Benito\AppData\Local\Viber\4.1.0.1703\imageformats\qwbmp.dll
2014-03-14 06:10 - 2014-03-14 06:10 - 00622592 _____ () C:\Users\Benito\AppData\Local\Viber\4.1.0.1703\sqldrivers\qsqlite.dll
2014-03-14 06:10 - 2014-03-14 06:10 - 00032768 _____ () C:\Users\Benito\AppData\Local\Viber\4.1.0.1703\iconengines\qsvgicon.dll
2014-01-20 13:30 - 2007-09-02 14:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2014-05-11 14:48 - 2014-05-11 14:48 - 00041984 _____ () c:\users\benito\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0o2gmb.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Benito\AppData\Roaming\Dropbox\bin\libcef.dll
2013-12-18 20:43 - 2013-12-18 20:43 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu
2013-11-05 18:09 - 2012-06-23 15:54 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\hiddriver.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-02-13 17:04 - 2014-02-13 17:04 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\e0cca00b42165c0b882a7ef23368c6ac\PSIClient.ni.dll
2013-02-05 10:04 - 2012-10-22 15:22 - 01199648 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2011-07-18 23:07 - 2011-07-18 23:07 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2011-09-21 22:46 - 2011-09-21 22:46 - 01673728 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
2013-05-26 14:15 - 2013-05-26 14:15 - 00035608 _____ () C:\Program Files (x86)\JonDo\JAPDll.dll
2014-03-28 11:35 - 2014-03-28 11:35 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-01-23 11:06 - 2013-11-18 22:20 - 00880128 _____ () C:\Program Files (x86)\SRWare Iron\libglesv2.dll
2014-01-23 11:06 - 2013-11-18 22:30 - 00102912 _____ () C:\Program Files (x86)\SRWare Iron\libegl.dll
2014-01-23 11:06 - 2013-11-18 21:42 - 00873472 _____ () C:\Program Files (x86)\SRWare Iron\ffmpegsumo.dll
2012-03-09 16:26 - 2013-04-25 03:50 - 00108128 _____ () C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Benito\Lokale Einstellungen:8HukbcbWyVYbf5tOb7iJi
AlternateDataStreams: C:\Users\Benito\AppData\Local:8HukbcbWyVYbf5tOb7iJi
AlternateDataStreams: C:\Users\Benito\AppData\Local\Anwendungsdaten:8HukbcbWyVYbf5tOb7iJi
AlternateDataStreams: C:\Users\Benito\AppData\Local\Temporary Internet Files:08I6S8Cx2wZSXvOR0wF0GY2
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: Freemake Improver => 2
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Benito\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: AVMWlanClient => C:\Program Files (x86)\avmwlanstick\wlangui.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EPSON Stylus DX4800 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIADE.EXE /F "C:\Windows\TEMP\E_SA784.tmp" /EF "HKLM"
MSCONFIG\startupreg: Facebook Update => "C:\Users\Benito\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\Benito\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: IntelliPoint => "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NetDrive => "C:\Program Files\NetDrive\netdrive.exe" -tray
MSCONFIG\startupreg: OODefragTray => C:\Program Files\OO Software\Defrag\oodtray.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
==================== Faulty Device Manager Devices =============
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: GT-I8190
Description: GT-I8190
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: SAMSUNG Electronics Co. Ltd.
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Kaspersky Anti-Virus NDIS 6 Filter
Description: Kaspersky Anti-Virus NDIS 6 Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KLIM6
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/08/2014 00:11:04 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: Telegram.exe, Version: 0.4.15.0, Zeitstempel: 0x535f9d58
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x75006b00
ID des fehlerhaften Prozesses: 0x2480
Startzeit der fehlerhaften Anwendung: 0xTelegram.exe0
Pfad der fehlerhaften Anwendung: Telegram.exe1
Pfad des fehlerhaften Moduls: Telegram.exe2
Berichtskennung: Telegram.exe3
Error: (05/08/2014 09:22:39 AM) (Source: RasClient) (User: ) (EventID: 20227)
Description: CoID={0910F071-68C6-49C1-9B4E-100926E8188E}: Der Benutzer "PC\Benito" hat eine Verbindung mit dem Namen "ROMANIA L2" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.
Error: (05/08/2014 09:22:28 AM) (Source: RasClient) (User: ) (EventID: 20227)
Description: CoID={0515E766-C86C-4B45-8D58-B94AF845B097}: Der Benutzer "PC\Benito" hat eine Verbindung mit dem Namen "ROMANIA L2" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.
Error: (05/08/2014 07:54:51 AM) (Source: RasClient) (User: ) (EventID: 20227)
Description: CoID={0897A5E4-C2AF-41E8-BC8B-D9B446EE2BBC}: Der Benutzer "PC\Benito" hat eine Verbindung mit dem Namen "USA1 VPN L2" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 766.
Error: (05/08/2014 07:54:39 AM) (Source: RasClient) (User: ) (EventID: 20227)
Description: CoID={93DAF300-3E2A-4ADB-8505-128CAEDEAEDD}: Der Benutzer "PC\Benito" hat eine Verbindung mit dem Namen "USA1 VPN L2" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 766.
Error: (05/08/2014 07:32:48 AM) (Source: RasClient) (User: ) (EventID: 20227)
Description: CoID={F15B7FF5-1522-4547-85DE-1280689668A5}: Der Benutzer "PC\Benito" hat eine Verbindung mit dem Namen "USA VPN IKE" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.
Error: (05/08/2014 02:34:45 AM) (Source: PostgreSQL) (User: ) (EventID: 0)
Description: 2014-05-08 02:34:45 CESTERROR: prepared statement "insertplayer" already exists
2014-05-08 02:34:45 CESTSTATEMENT: PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id;
PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,
integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer)
as
Update CompiledPlayerResults set totalhands = totalhands + $6
, TotalAmountWonincents = TotalAmountWonincents + $7
, TotalRakeincents = TotalRakeincents + $8
, TotalBBsWon = TotalBBsWon + $9
, VPIPHands = VPIPHands + $10
, PFRHands = PFRHands + $11
, CouldColdCall = CouldColdCall + $12
, DidColdCall = DidColdCall + $13
, CouldThreeBet = CouldThreeBet + $14
, DidThreeBet = DidThreeBet + $15
, CouldSqueeze = CouldSqueeze + $16
, DidSqueeze = DidSqueeze + $17
, FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18
, CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19
, RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20
, SmallBlindStealAttempted = SmallBlindStealAttempted + $21
, SmallBlindStealDefended = SmallBlindStealDefended + $22
, SmallBlindStealReraised = SmallBlindStealReraised + $23
, BigBlindStealAttempted = BigBlindStealAttempted + $24
, BigBlindStealDefended = BigBlindStealDefended + $25
, BigBlindStealReraised = BigBlindStealReraised + $26
, SawNonSmallShowdown = SawNonSmallShowdown + $27
, WonNonSmallShowdown = WonNonSmallShowdown + $28
, SawLargeShowdown = SawLargeShowdown + $29
, WonLargeShowdown = WonLargeShowdown + $30
, SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31
, WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32
, SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33
, WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34
, WonHand = WonHand + $35
, WonHandWhenSawFlop = WonHandWhenSawFlop + $36
, WonHandWhenSawTurn = WonHandWhenSawTurn + $37
, WonHandWhenSawRiver = WonHandWhenSawRiver + $38
, FacedThreeBetPreflop = FacedThreeBetPreflop + $39
, FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40
, CalledThreeBetPreflop = CalledThreeBetPreflop + $41
, RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42
, FacedFourBetPreflop = FacedFourBetPreflop + $43
, FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44
, CalledFourBetPreflop = CalledFourBetPreflop + $45
, RaisedFourBetPreflop = RaisedFourBetPreflop + $46
, TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47
, TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48
, TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49
, RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50
, RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51
, RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52
, SawFlop = SawFlop + $53
, SawShowdown = SawShowdown + $54
, WonShowdown = WonShowdown + $55
, TotalBets = TotalBets + $56
, TotalCalls = TotalCalls + $57
, FlopContinuationBetPossible = FlopContinuationBetPossible + $58
, FlopContinuationBetMade = FlopContinuationBetMade + $59
, TurnContinuationBetPossible = TurnContinuationBetPossible + $60
, TurnContinuationBetMade = TurnContinuationBetMade + $61
, RiverContinuationBetPossible = RiverContinuationBetPossible + $62
, RiverContinuationBetMade = RiverContinuationBetMade + $63
, FacingFlopContinuationBet = FacingFlopContinuationBet + $64
, FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65
, CalledFlopContinuationBet = CalledFlopContinuationBet + $66
, RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67
, FacingTurnContinuationBet = FacingTurnContinuationBet + $68
, FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69
, CalledTurnContinuationBet = CalledTurnContinuationBet + $70
, RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71
, FacingRiverContinuationBet = FacingRiverContinuationBet + $72
, FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73
, CalledRiverContinuationBet = CalledRiverContinuationBet + $74
, RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75
, TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76
, totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77
where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1
and playedyearandmonth = $2
and numberofplayers = $3
and gametype_id = $4
and bbgroup_id = $5 limit 1);
Error: (05/08/2014 02:34:30 AM) (Source: PostgreSQL) (User: ) (EventID: 0)
Description: 2014-05-08 02:34:30 CESTERROR: prepared statement "insertplayer" already exists
2014-05-08 02:34:30 CESTSTATEMENT: PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id;
PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,
integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer)
as
Update CompiledPlayerResults set totalhands = totalhands + $6
, TotalAmountWonincents = TotalAmountWonincents + $7
, TotalRakeincents = TotalRakeincents + $8
, TotalBBsWon = TotalBBsWon + $9
, VPIPHands = VPIPHands + $10
, PFRHands = PFRHands + $11
, CouldColdCall = CouldColdCall + $12
, DidColdCall = DidColdCall + $13
, CouldThreeBet = CouldThreeBet + $14
, DidThreeBet = DidThreeBet + $15
, CouldSqueeze = CouldSqueeze + $16
, DidSqueeze = DidSqueeze + $17
, FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18
, CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19
, RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20
, SmallBlindStealAttempted = SmallBlindStealAttempted + $21
, SmallBlindStealDefended = SmallBlindStealDefended + $22
, SmallBlindStealReraised = SmallBlindStealReraised + $23
, BigBlindStealAttempted = BigBlindStealAttempted + $24
, BigBlindStealDefended = BigBlindStealDefended + $25
, BigBlindStealReraised = BigBlindStealReraised + $26
, SawNonSmallShowdown = SawNonSmallShowdown + $27
, WonNonSmallShowdown = WonNonSmallShowdown + $28
, SawLargeShowdown = SawLargeShowdown + $29
, WonLargeShowdown = WonLargeShowdown + $30
, SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31
, WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32
, SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33
, WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34
, WonHand = WonHand + $35
, WonHandWhenSawFlop = WonHandWhenSawFlop + $36
, WonHandWhenSawTurn = WonHandWhenSawTurn + $37
, WonHandWhenSawRiver = WonHandWhenSawRiver + $38
, FacedThreeBetPreflop = FacedThreeBetPreflop + $39
, FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40
, CalledThreeBetPreflop = CalledThreeBetPreflop + $41
, RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42
, FacedFourBetPreflop = FacedFourBetPreflop + $43
, FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44
, CalledFourBetPreflop = CalledFourBetPreflop + $45
, RaisedFourBetPreflop = RaisedFourBetPreflop + $46
, TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47
, TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48
, TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49
, RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50
, RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51
, RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52
, SawFlop = SawFlop + $53
, SawShowdown = SawShowdown + $54
, WonShowdown = WonShowdown + $55
, TotalBets = TotalBets + $56
, TotalCalls = TotalCalls + $57
, FlopContinuationBetPossible = FlopContinuationBetPossible + $58
, FlopContinuationBetMade = FlopContinuationBetMade + $59
, TurnContinuationBetPossible = TurnContinuationBetPossible + $60
, TurnContinuationBetMade = TurnContinuationBetMade + $61
, RiverContinuationBetPossible = RiverContinuationBetPossible + $62
, RiverContinuationBetMade = RiverContinuationBetMade + $63
, FacingFlopContinuationBet = FacingFlopContinuationBet + $64
, FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65
, CalledFlopContinuationBet = CalledFlopContinuationBet + $66
, RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67
, FacingTurnContinuationBet = FacingTurnContinuationBet + $68
, FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69
, CalledTurnContinuationBet = CalledTurnContinuationBet + $70
, RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71
, FacingRiverContinuationBet = FacingRiverContinuationBet + $72
, FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73
, CalledRiverContinuationBet = CalledRiverContinuationBet + $74
, RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75
, TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76
, totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77
where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1
and playedyearandmonth = $2
and numberofplayers = $3
and gametype_id = $4
and bbgroup_id = $5 limit 1);
Error: (05/08/2014 02:34:05 AM) (Source: PostgreSQL) (User: ) (EventID: 0)
Description: 2014-05-08 02:34:05 CESTERROR: prepared statement "insertplayer" already exists
2014-05-08 02:34:05 CESTSTATEMENT: PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id;
PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,
integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer)
as
Update CompiledPlayerResults set totalhands = totalhands + $6
, TotalAmountWonincents = TotalAmountWonincents + $7
, TotalRakeincents = TotalRakeincents + $8
, TotalBBsWon = TotalBBsWon + $9
, VPIPHands = VPIPHands + $10
, PFRHands = PFRHands + $11
, CouldColdCall = CouldColdCall + $12
, DidColdCall = DidColdCall + $13
, CouldThreeBet = CouldThreeBet + $14
, DidThreeBet = DidThreeBet + $15
, CouldSqueeze = CouldSqueeze + $16
, DidSqueeze = DidSqueeze + $17
, FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18
, CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19
, RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20
, SmallBlindStealAttempted = SmallBlindStealAttempted + $21
, SmallBlindStealDefended = SmallBlindStealDefended + $22
, SmallBlindStealReraised = SmallBlindStealReraised + $23
, BigBlindStealAttempted = BigBlindStealAttempted + $24
, BigBlindStealDefended = BigBlindStealDefended + $25
, BigBlindStealReraised = BigBlindStealReraised + $26
, SawNonSmallShowdown = SawNonSmallShowdown + $27
, WonNonSmallShowdown = WonNonSmallShowdown + $28
, SawLargeShowdown = SawLargeShowdown + $29
, WonLargeShowdown = WonLargeShowdown + $30
, SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31
, WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32
, SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33
, WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34
, WonHand = WonHand + $35
, WonHandWhenSawFlop = WonHandWhenSawFlop + $36
, WonHandWhenSawTurn = WonHandWhenSawTurn + $37
, WonHandWhenSawRiver = WonHandWhenSawRiver + $38
, FacedThreeBetPreflop = FacedThreeBetPreflop + $39
, FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40
, CalledThreeBetPreflop = CalledThreeBetPreflop + $41
, RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42
, FacedFourBetPreflop = FacedFourBetPreflop + $43
, FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44
, CalledFourBetPreflop = CalledFourBetPreflop + $45
, RaisedFourBetPreflop = RaisedFourBetPreflop + $46
, TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47
, TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48
, TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49
, RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50
, RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51
, RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52
, SawFlop = SawFlop + $53
, SawShowdown = SawShowdown + $54
, WonShowdown = WonShowdown + $55
, TotalBets = TotalBets + $56
, TotalCalls = TotalCalls + $57
, FlopContinuationBetPossible = FlopContinuationBetPossible + $58
, FlopContinuationBetMade = FlopContinuationBetMade + $59
, TurnContinuationBetPossible = TurnContinuationBetPossible + $60
, TurnContinuationBetMade = TurnContinuationBetMade + $61
, RiverContinuationBetPossible = RiverContinuationBetPossible + $62
, RiverContinuationBetMade = RiverContinuationBetMade + $63
, FacingFlopContinuationBet = FacingFlopContinuationBet + $64
, FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65
, CalledFlopContinuationBet = CalledFlopContinuationBet + $66
, RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67
, FacingTurnContinuationBet = FacingTurnContinuationBet + $68
, FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69
, CalledTurnContinuationBet = CalledTurnContinuationBet + $70
, RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71
, FacingRiverContinuationBet = FacingRiverContinuationBet + $72
, FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73
, CalledRiverContinuationBet = CalledRiverContinuationBet + $74
, RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75
, TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76
, totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77
where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1
and playedyearandmonth = $2
and numberofplayers = $3
and gametype_id = $4
and bbgroup_id = $5 limit 1);
Error: (05/08/2014 02:33:24 AM) (Source: PostgreSQL) (User: ) (EventID: 0)
Description: 2014-05-08 02:33:24 CESTERROR: prepared statement "insertplayer" already exists
2014-05-08 02:33:24 CESTSTATEMENT: PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id;
PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,
integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer)
as
Update CompiledPlayerResults set totalhands = totalhands + $6
, TotalAmountWonincents = TotalAmountWonincents + $7
, TotalRakeincents = TotalRakeincents + $8
, TotalBBsWon = TotalBBsWon + $9
, VPIPHands = VPIPHands + $10
, PFRHands = PFRHands + $11
, CouldColdCall = CouldColdCall + $12
, DidColdCall = DidColdCall + $13
, CouldThreeBet = CouldThreeBet + $14
, DidThreeBet = DidThreeBet + $15
, CouldSqueeze = CouldSqueeze + $16
, DidSqueeze = DidSqueeze + $17
, FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18
, CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19
, RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20
, SmallBlindStealAttempted = SmallBlindStealAttempted + $21
, SmallBlindStealDefended = SmallBlindStealDefended + $22
, SmallBlindStealReraised = SmallBlindStealReraised + $23
, BigBlindStealAttempted = BigBlindStealAttempted + $24
, BigBlindStealDefended = BigBlindStealDefended + $25
, BigBlindStealReraised = BigBlindStealReraised + $26
, SawNonSmallShowdown = SawNonSmallShowdown + $27
, WonNonSmallShowdown = WonNonSmallShowdown + $28
, SawLargeShowdown = SawLargeShowdown + $29
, WonLargeShowdown = WonLargeShowdown + $30
, SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31
, WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32
, SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33
, WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34
, WonHand = WonHand + $35
, WonHandWhenSawFlop = WonHandWhenSawFlop + $36
, WonHandWhenSawTurn = WonHandWhenSawTurn + $37
, WonHandWhenSawRiver = WonHandWhenSawRiver + $38
, FacedThreeBetPreflop = FacedThreeBetPreflop + $39
, FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40
, CalledThreeBetPreflop = CalledThreeBetPreflop + $41
, RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42
, FacedFourBetPreflop = FacedFourBetPreflop + $43
, FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44
, CalledFourBetPreflop = CalledFourBetPreflop + $45
, RaisedFourBetPreflop = RaisedFourBetPreflop + $46
, TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47
, TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48
, TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49
, RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50
, RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51
, RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52
, SawFlop = SawFlop + $53
, SawShowdown = SawShowdown + $54
, WonShowdown = WonShowdown + $55
, TotalBets = TotalBets + $56
, TotalCalls = TotalCalls + $57
, FlopContinuationBetPossible = FlopContinuationBetPossible + $58
, FlopContinuationBetMade = FlopContinuationBetMade + $59
, TurnContinuationBetPossible = TurnContinuationBetPossible + $60
, TurnContinuationBetMade = TurnContinuationBetMade + $61
, RiverContinuationBetPossible = RiverContinuationBetPossible + $62
, RiverContinuationBetMade = RiverContinuationBetMade + $63
, FacingFlopContinuationBet = FacingFlopContinuationBet + $64
, FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65
, CalledFlopContinuationBet = CalledFlopContinuationBet + $66
, RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67
, FacingTurnContinuationBet = FacingTurnContinuationBet + $68
, FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69
, CalledTurnContinuationBet = CalledTurnContinuationBet + $70
, RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71
, FacingRiverContinuationBet = FacingRiverContinuationBet + $72
, FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73
, CalledRiverContinuationBet = CalledRiverContinuationBet + $74
, RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75
, TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76
, totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77
where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1
and playedyearandmonth = $2
and numberofplayers = $3
and gametype_id = $4
and bbgroup_id = $5 limit 1);
System errors:
=============
Error: (05/11/2014 02:51:07 PM) (Source: Service Control Manager) (User: ) (EventID: 7023)
Description: Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet:
%%126
Error: (05/11/2014 02:49:05 PM) (Source: Service Control Manager) (User: ) (EventID: 7026)
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
KLIM6
Error: (05/11/2014 02:48:45 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "Bitdefender Desktop Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/11/2014 02:48:44 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "PDIHWCTL" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/11/2014 02:48:43 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "Bitdefender Virus Shield" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/10/2014 03:08:54 AM) (Source: Service Control Manager) (User: ) (EventID: 7023)
Description: Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet:
%%126
Error: (05/10/2014 03:06:52 AM) (Source: Service Control Manager) (User: ) (EventID: 7026)
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
KLIM6
Error: (05/10/2014 03:06:07 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "Bitdefender Desktop Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/10/2014 03:06:07 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "PDIHWCTL" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/10/2014 03:06:05 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "Bitdefender Virus Shield" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (05/08/2014 00:11:04 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Telegram.exe0.4.15.0535f9d58unknown0.0.0.000000000c000000575006b00248001cf6aa5cebf0af7C:\Users\Benito\AppData\Roaming\Telegram Win (Unofficial)\Telegram.exeunknown0fb853f1-d699-11e3-ad17-14dae9ec1129
Error: (05/08/2014 09:22:39 AM) (Source: RasClient) (User: ) (EventID: 20227)
Description: {0910F071-68C6-49C1-9B4E-100926E8188E}PC\BenitoROMANIA L20
Error: (05/08/2014 09:22:28 AM) (Source: RasClient) (User: ) (EventID: 20227)
Description: {0515E766-C86C-4B45-8D58-B94AF845B097}PC\BenitoROMANIA L20
Error: (05/08/2014 07:54:51 AM) (Source: RasClient) (User: ) (EventID: 20227)
Description: {0897A5E4-C2AF-41E8-BC8B-D9B446EE2BBC}PC\BenitoUSA1 VPN L2766
Error: (05/08/2014 07:54:39 AM) (Source: RasClient) (User: ) (EventID: 20227)
Description: {93DAF300-3E2A-4ADB-8505-128CAEDEAEDD}PC\BenitoUSA1 VPN L2766
Error: (05/08/2014 07:32:48 AM) (Source: RasClient) (User: ) (EventID: 20227)
Description: {F15B7FF5-1522-4547-85DE-1280689668A5}PC\BenitoUSA VPN IKE0
Error: (05/08/2014 02:34:45 AM) (Source: PostgreSQL) (User: ) (EventID: 0)
Description: 2014-05-08 02:34:45 CESTERROR: prepared statement "insertplayer" already exists
2014-05-08 02:34:45 CESTSTATEMENT: PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id;
PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,
integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer)
as
Update CompiledPlayerResults set totalhands = totalhands + $6
, TotalAmountWonincents = TotalAmountWonincents + $7
, TotalRakeincents = TotalRakeincents + $8
, TotalBBsWon = TotalBBsWon + $9
, VPIPHands = VPIPHands + $10
, PFRHands = PFRHands + $11
, CouldColdCall = CouldColdCall + $12
, DidColdCall = DidColdCall + $13
, CouldThreeBet = CouldThreeBet + $14
, DidThreeBet = DidThreeBet + $15
, CouldSqueeze = CouldSqueeze + $16
, DidSqueeze = DidSqueeze + $17
, FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18
, CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19
, RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20
, SmallBlindStealAttempted = SmallBlindStealAttempted + $21
, SmallBlindStealDefended = SmallBlindStealDefended + $22
, SmallBlindStealReraised = SmallBlindStealReraised + $23
, BigBlindStealAttempted = BigBlindStealAttempted + $24
, BigBlindStealDefended = BigBlindStealDefended + $25
, BigBlindStealReraised = BigBlindStealReraised + $26
, SawNonSmallShowdown = SawNonSmallShowdown + $27
, WonNonSmallShowdown = WonNonSmallShowdown + $28
, SawLargeShowdown = SawLargeShowdown + $29
, WonLargeShowdown = WonLargeShowdown + $30
, SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31
, WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32
, SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33
, WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34
, WonHand = WonHand + $35
, WonHandWhenSawFlop = WonHandWhenSawFlop + $36
, WonHandWhenSawTurn = WonHandWhenSawTurn + $37
, WonHandWhenSawRiver = WonHandWhenSawRiver + $38
, FacedThreeBetPreflop = FacedThreeBetPreflop + $39
, FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40
, CalledThreeBetPreflop = CalledThreeBetPreflop + $41
, RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42
, FacedFourBetPreflop = FacedFourBetPreflop + $43
, FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44
, CalledFourBetPreflop = CalledFourBetPreflop + $45
, RaisedFourBetPreflop = RaisedFourBetPreflop + $46
, TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47
, TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48
, TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49
, RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50
, RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51
, RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52
, SawFlop = SawFlop + $53
, SawShowdown = SawShowdown + $54
, WonShowdown = WonShowdown + $55
, TotalBets = TotalBets + $56
, TotalCalls = TotalCalls + $57
, FlopContinuationBetPossible = FlopContinuationBetPossible + $58
, FlopContinuationBetMade = FlopContinuationBetMade + $59
, TurnContinuationBetPossible = TurnContinuationBetPossible + $60
, TurnContinuationBetMade = TurnContinuationBetMade + $61
, RiverContinuationBetPossible = RiverContinuationBetPossible + $62
, RiverContinuationBetMade = RiverContinuationBetMade + $63
, FacingFlopContinuationBet = FacingFlopContinuationBet + $64
, FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65
, CalledFlopContinuationBet = CalledFlopContinuationBet + $66
, RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67
, FacingTurnContinuationBet = FacingTurnContinuationBet + $68
, FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69
, CalledTurnContinuationBet = CalledTurnContinuationBet + $70
, RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71
, FacingRiverContinuationBet = FacingRiverContinuationBet + $72
, FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73
, CalledRiverContinuationBet = CalledRiverContinuationBet + $74
, RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75
, TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76
, totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77
where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1
and playedyearandmonth = $2
and numberofplayers = $3
and gametype_id = $4
and bbgroup_id = $5 limit 1);
Error: (05/08/2014 02:34:30 AM) (Source: PostgreSQL) (User: ) (EventID: 0)
Description: 2014-05-08 02:34:30 CESTERROR: prepared statement "insertplayer" already exists
2014-05-08 02:34:30 CESTSTATEMENT: PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id;
PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,
integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer)
as
Update CompiledPlayerResults set totalhands = totalhands + $6
, TotalAmountWonincents = TotalAmountWonincents + $7
, TotalRakeincents = TotalRakeincents + $8
, TotalBBsWon = TotalBBsWon + $9
, VPIPHands = VPIPHands + $10
, PFRHands = PFRHands + $11
, CouldColdCall = CouldColdCall + $12
, DidColdCall = DidColdCall + $13
, CouldThreeBet = CouldThreeBet + $14
, DidThreeBet = DidThreeBet + $15
, CouldSqueeze = CouldSqueeze + $16
, DidSqueeze = DidSqueeze + $17
, FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18
, CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19
, RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20
, SmallBlindStealAttempted = SmallBlindStealAttempted + $21
, SmallBlindStealDefended = SmallBlindStealDefended + $22
, SmallBlindStealReraised = SmallBlindStealReraised + $23
, BigBlindStealAttempted = BigBlindStealAttempted + $24
, BigBlindStealDefended = BigBlindStealDefended + $25
, BigBlindStealReraised = BigBlindStealReraised + $26
, SawNonSmallShowdown = SawNonSmallShowdown + $27
, WonNonSmallShowdown = WonNonSmallShowdown + $28
, SawLargeShowdown = SawLargeShowdown + $29
, WonLargeShowdown = WonLargeShowdown + $30
, SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31
, WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32
, SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33
, WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34
, WonHand = WonHand + $35
, WonHandWhenSawFlop = WonHandWhenSawFlop + $36
, WonHandWhenSawTurn = WonHandWhenSawTurn + $37
, WonHandWhenSawRiver = WonHandWhenSawRiver + $38
, FacedThreeBetPreflop = FacedThreeBetPreflop + $39
, FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40
, CalledThreeBetPreflop = CalledThreeBetPreflop + $41
, RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42
, FacedFourBetPreflop = FacedFourBetPreflop + $43
, FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44
, CalledFourBetPreflop = CalledFourBetPreflop + $45
, RaisedFourBetPreflop = RaisedFourBetPreflop + $46
, TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47
, TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48
, TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49
, RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50
, RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51
, RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52
, SawFlop = SawFlop + $53
, SawShowdown = SawShowdown + $54
, WonShowdown = WonShowdown + $55
, TotalBets = TotalBets + $56
, TotalCalls = TotalCalls + $57
, FlopContinuationBetPossible = FlopContinuationBetPossible + $58
, FlopContinuationBetMade = FlopContinuationBetMade + $59
, TurnContinuationBetPossible = TurnContinuationBetPossible + $60
, TurnContinuationBetMade = TurnContinuationBetMade + $61
, RiverContinuationBetPossible = RiverContinuationBetPossible + $62
, RiverContinuationBetMade = RiverContinuationBetMade + $63
, FacingFlopContinuationBet = FacingFlopContinuationBet + $64
, FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65
, CalledFlopContinuationBet = CalledFlopContinuationBet + $66
, RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67
, FacingTurnContinuationBet = FacingTurnContinuationBet + $68
, FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69
, CalledTurnContinuationBet = CalledTurnContinuationBet + $70
, RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71
, FacingRiverContinuationBet = FacingRiverContinuationBet + $72
, FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73
, CalledRiverContinuationBet = CalledRiverContinuationBet + $74
, RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75
, TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76
, totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77
where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1
and playedyearandmonth = $2
and numberofplayers = $3
and gametype_id = $4
and bbgroup_id = $5 limit 1);
Error: (05/08/2014 02:34:05 AM) (Source: PostgreSQL) (User: ) (EventID: 0)
Description: 2014-05-08 02:34:05 CESTERROR: prepared statement "insertplayer" already exists
2014-05-08 02:34:05 CESTSTATEMENT: PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id;
PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,
integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer)
as
Update CompiledPlayerResults set totalhands = totalhands + $6
, TotalAmountWonincents = TotalAmountWonincents + $7
, TotalRakeincents = TotalRakeincents + $8
, TotalBBsWon = TotalBBsWon + $9
, VPIPHands = VPIPHands + $10
, PFRHands = PFRHands + $11
, CouldColdCall = CouldColdCall + $12
, DidColdCall = DidColdCall + $13
, CouldThreeBet = CouldThreeBet + $14
, DidThreeBet = DidThreeBet + $15
, CouldSqueeze = CouldSqueeze + $16
, DidSqueeze = DidSqueeze + $17
, FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18
, CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19
, RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20
, SmallBlindStealAttempted = SmallBlindStealAttempted + $21
, SmallBlindStealDefended = SmallBlindStealDefended + $22
, SmallBlindStealReraised = SmallBlindStealReraised + $23
, BigBlindStealAttempted = BigBlindStealAttempted + $24
, BigBlindStealDefended = BigBlindStealDefended + $25
, BigBlindStealReraised = BigBlindStealReraised + $26
, SawNonSmallShowdown = SawNonSmallShowdown + $27
, WonNonSmallShowdown = WonNonSmallShowdown + $28
, SawLargeShowdown = SawLargeShowdown + $29
, WonLargeShowdown = WonLargeShowdown + $30
, SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31
, WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32
, SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33
, WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34
, WonHand = WonHand + $35
, WonHandWhenSawFlop = WonHandWhenSawFlop + $36
, WonHandWhenSawTurn = WonHandWhenSawTurn + $37
, WonHandWhenSawRiver = WonHandWhenSawRiver + $38
, FacedThreeBetPreflop = FacedThreeBetPreflop + $39
, FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40
, CalledThreeBetPreflop = CalledThreeBetPreflop + $41
, RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42
, FacedFourBetPreflop = FacedFourBetPreflop + $43
, FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44
, CalledFourBetPreflop = CalledFourBetPreflop + $45
, RaisedFourBetPreflop = RaisedFourBetPreflop + $46
, TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47
, TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48
, TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49
, RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50
, RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51
, RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52
, SawFlop = SawFlop + $53
, SawShowdown = SawShowdown + $54
, WonShowdown = WonShowdown + $55
, TotalBets = TotalBets + $56
, TotalCalls = TotalCalls + $57
, FlopContinuationBetPossible = FlopContinuationBetPossible + $58
, FlopContinuationBetMade = FlopContinuationBetMade + $59
, TurnContinuationBetPossible = TurnContinuationBetPossible + $60
, TurnContinuationBetMade = TurnContinuationBetMade + $61
, RiverContinuationBetPossible = RiverContinuationBetPossible + $62
, RiverContinuationBetMade = RiverContinuationBetMade + $63
, FacingFlopContinuationBet = FacingFlopContinuationBet + $64
, FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65
, CalledFlopContinuationBet = CalledFlopContinuationBet + $66
, RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67
, FacingTurnContinuationBet = FacingTurnContinuationBet + $68
, FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69
, CalledTurnContinuationBet = CalledTurnContinuationBet + $70
, RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71
, FacingRiverContinuationBet = FacingRiverContinuationBet + $72
, FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73
, CalledRiverContinuationBet = CalledRiverContinuationBet + $74
, RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75
, TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76
, totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77
where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1
and playedyearandmonth = $2
and numberofplayers = $3
and gametype_id = $4
and bbgroup_id = $5 limit 1);
Error: (05/08/2014 02:33:24 AM) (Source: PostgreSQL) (User: ) (EventID: 0)
Description: 2014-05-08 02:33:24 CESTERROR: prepared statement "insertplayer" already exists
2014-05-08 02:33:24 CESTSTATEMENT: PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id;
PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,
integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer,integer,integer,integer,
integer,integer)
as
Update CompiledPlayerResults set totalhands = totalhands + $6
, TotalAmountWonincents = TotalAmountWonincents + $7
, TotalRakeincents = TotalRakeincents + $8
, TotalBBsWon = TotalBBsWon + $9
, VPIPHands = VPIPHands + $10
, PFRHands = PFRHands + $11
, CouldColdCall = CouldColdCall + $12
, DidColdCall = DidColdCall + $13
, CouldThreeBet = CouldThreeBet + $14
, DidThreeBet = DidThreeBet + $15
, CouldSqueeze = CouldSqueeze + $16
, DidSqueeze = DidSqueeze + $17
, FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18
, CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19
, RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20
, SmallBlindStealAttempted = SmallBlindStealAttempted + $21
, SmallBlindStealDefended = SmallBlindStealDefended + $22
, SmallBlindStealReraised = SmallBlindStealReraised + $23
, BigBlindStealAttempted = BigBlindStealAttempted + $24
, BigBlindStealDefended = BigBlindStealDefended + $25
, BigBlindStealReraised = BigBlindStealReraised + $26
, SawNonSmallShowdown = SawNonSmallShowdown + $27
, WonNonSmallShowdown = WonNonSmallShowdown + $28
, SawLargeShowdown = SawLargeShowdown + $29
, WonLargeShowdown = WonLargeShowdown + $30
, SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31
, WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32
, SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33
, WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34
, WonHand = WonHand + $35
, WonHandWhenSawFlop = WonHandWhenSawFlop + $36
, WonHandWhenSawTurn = WonHandWhenSawTurn + $37
, WonHandWhenSawRiver = WonHandWhenSawRiver + $38
, FacedThreeBetPreflop = FacedThreeBetPreflop + $39
, FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40
, CalledThreeBetPreflop = CalledThreeBetPreflop + $41
, RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42
, FacedFourBetPreflop = FacedFourBetPreflop + $43
, FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44
, CalledFourBetPreflop = CalledFourBetPreflop + $45
, RaisedFourBetPreflop = RaisedFourBetPreflop + $46
, TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47
, TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48
, TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49
, RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50
, RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51
, RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52
, SawFlop = SawFlop + $53
, SawShowdown = SawShowdown + $54
, WonShowdown = WonShowdown + $55
, TotalBets = TotalBets + $56
, TotalCalls = TotalCalls + $57
, FlopContinuationBetPossible = FlopContinuationBetPossible + $58
, FlopContinuationBetMade = FlopContinuationBetMade + $59
, TurnContinuationBetPossible = TurnContinuationBetPossible + $60
, TurnContinuationBetMade = TurnContinuationBetMade + $61
, RiverContinuationBetPossible = RiverContinuationBetPossible + $62
, RiverContinuationBetMade = RiverContinuationBetMade + $63
, FacingFlopContinuationBet = FacingFlopContinuationBet + $64
, FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65
, CalledFlopContinuationBet = CalledFlopContinuationBet + $66
, RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67
, FacingTurnContinuationBet = FacingTurnContinuationBet + $68
, FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69
, CalledTurnContinuationBet = CalledTurnContinuationBet + $70
, RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71
, FacingRiverContinuationBet = FacingRiverContinuationBet + $72
, FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73
, CalledRiverContinuationBet = CalledRiverContinuationBet + $74
, RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75
, TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76
, totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77
where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1
and playedyearandmonth = $2
and numberofplayers = $3
and gametype_id = $4
and bbgroup_id = $5 limit 1);
CodeIntegrity Errors:
===================================
Date: 2014-02-09 20:19:39.394
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-09 20:19:39.393
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-09 20:19:39.392
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-09 20:19:39.391
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-23 09:10:25.078
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\EqualizerAPO\EqualizerAPO.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 43%
Total physical RAM: 8174.3 MB
Available physical RAM: 4630.82 MB
Total Pagefile: 16346.79 MB
Available Pagefile: 9314.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:238.47 GB) (Free:46.79 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 89EF89EF)
Partition 1: (Active) - (Size=238 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-05-11 17:04:00
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000071 ATA_____ rev.N101 238,47GB
Running: 03 Gmer-19357.exe; Driver: C:\Users\Benito\AppData\Local\Temp\pxldapow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800043ae000 54 bytes [2C, 44, 8B, 5C, 24, 24, 33, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 583 fffff800043ae037 78 bytes [8B, 74, 24, 50, 89, 45, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[1920] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075ea1465 2 bytes [EA, 75]
.text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[1920] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075ea14bb 2 bytes [EA, 75]
.text ... * 2
.text C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe[2320] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075ea1465 2 bytes [EA, 75]
.text C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe[2320] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075ea14bb 2 bytes [EA, 75]
.text ... * 2
.text C:\Program Files (x86)\MouseServer\MouseServer.exe[2476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075ea1465 2 bytes [EA, 75]
.text C:\Program Files (x86)\MouseServer\MouseServer.exe[2476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075ea14bb 2 bytes [EA, 75]
.text ... * 2
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[2484] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075ea1465 2 bytes [EA, 75]
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[2484] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075ea14bb 2 bytes [EA, 75]
.text ... * 2
.text C:\Users\Benito\AppData\Roaming\Dropbox\bin\Dropbox.exe[2784] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000075ea1465 2 bytes [EA, 75]
.text C:\Users\Benito\AppData\Roaming\Dropbox\bin\Dropbox.exe[2784] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 0000000075ea14bb 2 bytes [EA, 75]
.text ... * 2
.text C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe[3428] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075ea1465 2 bytes [EA, 75]
.text C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe[3428] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075ea14bb 2 bytes [EA, 75]
.text ... * 2
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3848] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075ea1465 2 bytes [EA, 75]
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3848] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075ea14bb 2 bytes [EA, 75]
.text ... * 2
? C:\Windows\system32\mssprxy.dll [3848] entry point in ".rdata" section 00000000733c71e6
.text C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[3640] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075ea1465 2 bytes [EA, 75]
.text C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[3640] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075ea14bb 2 bytes [EA, 75]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[6996] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075ea1465 2 bytes [EA, 75]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[6996] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075ea14bb 2 bytes [EA, 75]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4916] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075ea1465 2 bytes [EA, 75]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4916] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075ea14bb 2 bytes [EA, 75]
.text ... * 2
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[752] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075ea1465 2 bytes [EA, 75]
.text C:\Program Files (x86)\Java\jre7\bin\javaw.exe[752] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075ea14bb 2 bytes [EA, 75]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe[5392] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075ea1465 2 bytes [EA, 75]
.text C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe[5392] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075ea14bb 2 bytes [EA, 75]
.text ... * 2
.text C:\Users\Benito\Desktop\operation\01 Defogger.exe[6220] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075ea1465 2 bytes [EA, 75]
.text C:\Users\Benito\Desktop\operation\01 Defogger.exe[6220] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075ea14bb 2 bytes [EA, 75]
.text ... * 2
.text C:\Users\Benito\Desktop\operation\03 Gmer-19357.exe[6272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075ea1465 2 bytes [EA, 75]
.text C:\Users\Benito\Desktop\operation\03 Gmer-19357.exe[6272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075ea14bb 2 bytes [EA, 75]
.text ... * 2
---- Processes - GMER 2.1 ----
Library C:\Users\Benito\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\Benito\AppData\Roaming\Dropbox\bin\Dropbox.exe [2784](2014-01-03 03:42:50) 0000000003c90000
Library c:\users\benito\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0o2gmb.dll (*** suspicious ***) @ C:\Users\Benito\AppData\Roaming\Dropbox\bin\Dropbox.exe [2784](2014-05-11 12:48:49) 0000000004580000
Library C:\Users\Benito\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\Benito\AppData\Roaming\Dropbox\bin\Dropbox.exe [2784](2013-10-18 23:55:02) 0000000062510000
Library C:\Users\Benito\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\Benito\AppData\Roaming\Dropbox\bin\Dropbox.exe [2784] (ICU Data DLL/The ICU Project)(2013-10-18 23:55:00) 00000000674e0000
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\BDSandBox\Benito\machine\SOFTWARE\Microsoft\Cryptography\RNG
Reg HKLM\SYSTEM\BDSandBox\Benito\machine\SOFTWARE\Microsoft\Cryptography\RNG@ !shallow!
---- EOF - GMER 2.1 ----
|
|
12.05.2014, 13:50
| #5 | |
| /// the machine /// TB-Ausbilder | Windows 7: Malwarebytes findet Trojan.Agent, jedoch lässt sich dieser nicht löschen!Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.05.2014, 21:05
| #6 |
| | Windows 7: Malwarebytes findet Trojan.Agent, jedoch lässt sich dieser nicht löschen! Hallo Schnüffler  das steht schon seit mind. ein Jahr drinne, hatte es testweise installiert, anschließen hab ich mir die Lizenz geleast. Gruß ito |
|
13.05.2014, 15:38
| #7 | |
| /// the machine /// TB-Ausbilder | Windows 7: Malwarebytes findet Trojan.Agent, jedoch lässt sich dieser nicht löschen!Zitat:
Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.05.2014, 19:08
| #8 |
| | Windows 7: Malwarebytes findet Trojan.Agent, jedoch lässt sich dieser nicht löschen! ... verstehe Code:
ATTFilter ComboFix 14-05-13.01 - Benito 13.05.2014 19:50:29.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.8174.3573 [GMT 2:00]
ausgeführt von:: c:\users\Benito\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1384835606.bdinstall.bin
c:\programdata\1385551167.bdinstall.bin
c:\programdata\1385551441.bdinstall.bin
c:\programdata\1388487424.12388.bin
c:\programdata\1388487424.40612.bin
c:\programdata\1388487424.53768.bin
c:\programdata\1388533439.bdinstall.bin
c:\programdata\1388533807.bdinstall.bin
c:\programdata\1391794359.bdinstall.bin
c:\programdata\1391794574.bdinstall.bin
c:\programdata\1391964202.6392.bin
c:\programdata\1391964202.6436.bin
c:\programdata\1391964202.6440.bin
c:\programdata\1391964202.6604.bin
c:\programdata\1391965097.5488.bin
c:\programdata\1391965097.bdinstall.bin
c:\programdata\1391965252.bdinstall.bin
c:\programdata\Local Settings\Temp
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\auth.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\burnlib.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\dsp_sps.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\enc_fhgaac.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\enc_flac.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\enc_lame.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\enc_vorbis.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\enc_wav.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\enc_wma.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\gen_classicart.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\gen_crasher.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\gen_ff.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\gen_find_on_disk.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\gen_hotkeys.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\gen_jumpex.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\gen_jumpex_original.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\gen_ml.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\gen_nopro.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\gen_orgler.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\gen_play_remove.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\gen_skinmanager.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\gen_timerestore.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\gen_tray.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\gen_undo.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\in_avi.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\in_cdda.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\in_dshow.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\in_flac.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\in_flv.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\in_linein.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\in_midi.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\in_mkv.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\in_mod.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\in_mp3.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\in_mp4.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\in_nsv.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\in_swf.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\in_vorbis.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\in_wav.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\in_wave.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\in_wm.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\in_wv.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ml_addons.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ml_autotag.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ml_bookmarks.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ml_devices.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ml_disc.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ml_downloads.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ml_enqplay.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ml_history.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ml_impex.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ml_local.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ml_nowplaying.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ml_online.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ml_orb.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ml_playlists.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ml_plg.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ml_pmp.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ml_rg.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ml_transcode.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ml_wire.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\ombrowser.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\out_disk.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\out_ds.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\out_wave.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\playlist.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\pmp_activesync.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\pmp_android.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\pmp_ipod.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\pmp_njb.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\pmp_p4s.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\pmp_usb.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\pmp_wifi.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\tagz.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\vis_avs.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\vis_milk2.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\vis_nsfs.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\winamp.lng
c:\users\Benito\AppData\Local\Temp\WLZ745F.tmp\winampa.lng
c:\users\Benito\AppData\Roaming\KW
c:\users\Benito\AppData\Roaming\KW\update.ini
c:\users\Benito\AppData\Roaming\Roaming
c:\users\Benito\AppData\Roaming\Roaming\HoldemManager\config\FTPRushTables.xml
c:\users\Benito\AppData\Roaming\Roaming\HoldemManager\Importing\Work Folder\Thumbs.db
c:\windows\AutoRun.ini
c:\windows\wininit.ini
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-04-13 bis 2014-05-13 ))))))))))))))))))))))))))))))
.
.
2014-05-13 17:55 . 2014-05-13 17:55 -------- d-----w- c:\users\postgres\AppData\Local\temp
2014-05-13 03:34 . 2014-03-26 17:01 254240 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2014-05-13 03:34 . 2014-03-26 17:00 128288 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2014-05-11 14:53 . 2014-05-11 14:55 -------- d-----w- C:\FRST
2014-05-11 14:36 . 2014-05-11 14:40 -------- d-----w- c:\users\Benito\AppData\Roaming\JonDo
2014-05-11 14:33 . 2014-05-11 14:33 -------- d-----w- c:\program files (x86)\JonDo
2014-05-11 13:27 . 2014-05-11 13:27 -------- d-----w- c:\users\Benito\AppData\Roaming\Wireshark
2014-05-11 13:01 . 2014-05-11 13:01 -------- d-----w- c:\program files (x86)\WinPcap
2014-05-11 12:59 . 2014-05-11 13:01 -------- d-----w- c:\program files\Wireshark
2014-05-11 12:41 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-05-11 12:41 . 2014-05-11 12:47 -------- d-----w- C:\AdwCleaner
2014-05-10 23:08 . 2014-05-10 23:08 -------- d-----w- c:\users\Benito\AppData\Roaming\Apowersoft
2014-05-10 23:08 . 2014-04-09 19:05 31920 ----a-w- c:\windows\system32\drivers\Apowersoft_AudioDevice.sys
2014-05-08 06:36 . 2014-05-08 06:36 -------- d-----w- c:\program files\TAP-Windows
2014-05-08 06:36 . 2014-05-08 06:36 -------- d-----w- c:\program files\OpenVPN
2014-05-05 01:02 . 2014-05-05 01:02 -------- d-----w- c:\users\Benito\AppData\Roaming\Apple Computer
2014-05-01 13:16 . 2014-05-01 13:16 -------- d-----w- c:\program files (x86)\MultiBit-0.5.18
2014-04-29 11:21 . 2014-04-29 11:21 -------- d-----w- c:\users\Benito\AppData\Local\Apple Computer
2014-04-29 10:55 . 2014-04-29 10:55 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2014-04-29 10:55 . 2014-04-29 10:55 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2014-04-29 10:55 . 2014-04-29 10:55 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2014-04-29 10:55 . 2014-04-29 10:55 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2014-04-29 10:55 . 2014-04-29 10:55 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2014-04-29 10:55 . 2014-04-29 10:55 -------- d-----w- c:\programdata\Apple Computer
2014-04-29 10:55 . 2014-04-29 10:55 -------- d-----w- c:\program files (x86)\Common Files\Apple
2014-04-29 10:55 . 2014-04-29 10:55 -------- d-----w- c:\users\Benito\AppData\Local\Apple
2014-04-29 10:55 . 2014-04-29 10:55 -------- d-----w- c:\programdata\Apple
2014-04-29 10:55 . 2014-04-29 10:55 -------- d-----w- c:\program files (x86)\Apple Software Update
2014-04-29 10:39 . 2014-04-29 10:39 -------- d-----w- c:\windows\de
2014-04-29 10:38 . 2014-04-29 10:38 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2014-04-29 10:37 . 2014-04-29 10:37 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\11b8d5031cf639705\DXSETUP.exe
2014-04-29 10:37 . 2014-04-29 10:37 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\11b8d5031cf639705\dsetup32.dll
2014-04-29 10:37 . 2014-04-29 10:37 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\11b8d5031cf639705\DSETUP.dll
2014-04-29 10:37 . 2014-04-29 10:37 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1059b50f1cf639704\DSETUP.dll
2014-04-29 10:37 . 2014-04-29 10:37 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1059b50f1cf639704\DXSETUP.exe
2014-04-29 10:37 . 2014-04-29 10:37 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1059b50f1cf639704\dsetup32.dll
2014-04-29 10:37 . 2014-04-29 10:37 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\fa41df81cf639702\DSETUP.dll
2014-04-29 10:37 . 2014-04-29 10:37 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\fa41df81cf639702\DXSETUP.exe
2014-04-29 10:37 . 2014-04-29 10:37 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\fa41df81cf639702\dsetup32.dll
2014-04-23 02:27 . 2014-04-23 02:27 -------- d-----w- c:\program files (x86)\X-Rite
2014-04-23 02:27 . 2007-02-08 11:48 51600 ----a-w- c:\windows\system32\drivers\i1_x64.sys
2014-04-23 02:27 . 2005-12-13 22:53 7808 ----a-w- c:\windows\system32\drivers\i1display_x64.sys
2014-04-23 02:17 . 2007-02-08 11:48 51600 ----a-w- c:\windows\system32\drivers\i1iO2_x64.sys
2014-04-23 02:17 . 2006-05-18 14:13 7808 ----a-w- c:\windows\system32\drivers\SeqCal.sys
2014-04-23 02:17 . 2006-05-18 14:13 47104 ----a-w- c:\windows\system32\drivers\EyeOneX64.sys
2014-04-23 02:16 . 2014-04-23 02:16 -------- d-----w- c:\program files (x86)\GretagMacbeth
2014-04-17 12:15 . 2014-04-17 12:15 -------- d-sh--w- c:\windows\ftpcache
2014-04-14 16:57 . 2014-04-14 16:57 -------- d-----w- c:\users\Benito\AppData\Roaming\DropboxMaster
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-09 01:48 . 2012-11-09 21:48 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-09 01:48 . 2012-11-09 21:48 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-29 10:38 . 2011-03-28 17:36 23264 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-04-14 18:13 . 2013-09-29 15:57 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-10 07:42 . 2012-02-29 23:56 90655440 ----a-w- c:\windows\system32\MRT.exe
2014-03-31 19:41 . 2014-03-31 19:41 58568 ----a-w- c:\windows\SysWow64\sirenacm.dll
2014-03-31 19:34 . 2014-03-31 19:34 322248 ----a-w- c:\windows\WLXPGSS.SCR
2014-03-31 07:35 . 2012-02-29 23:13 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-26 17:00 . 2014-03-26 17:00 156448 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2014-03-26 17:00 . 2014-03-26 17:00 141600 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2014-03-26 16:58 . 2014-03-26 16:58 204064 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2014-03-17 08:16 . 2014-05-13 17:57 10521840 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{16A9530C-EA8E-4783-B316-2FADA9E18E45}\mpengine.dll
2014-03-17 08:16 . 2014-05-13 17:56 10521840 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ECBEF26C-5FAD-4308-95CB-E1FAFD4E225B}\mpengine.dll
2014-03-06 10:21 . 2014-04-10 07:49 23549440 ----a-w- c:\windows\system32\mshtml.dll
2014-03-06 09:32 . 2014-04-10 07:49 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-03-06 09:31 . 2014-04-10 07:49 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-06 08:59 . 2014-04-10 07:49 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-03-06 08:57 . 2014-04-10 07:49 548352 ----a-w- c:\windows\system32\vbscript.dll
2014-03-06 08:57 . 2014-04-10 07:49 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-06 08:53 . 2014-04-10 07:49 2767360 ----a-w- c:\windows\system32\iertutil.dll
2014-03-06 08:40 . 2014-04-10 07:49 51200 ----a-w- c:\windows\system32\jsproxy.dll
2014-03-06 08:39 . 2014-04-10 07:49 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-03-06 08:32 . 2014-04-10 07:49 574976 ----a-w- c:\windows\system32\ieui.dll
2014-03-06 08:32 . 2014-04-10 07:49 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-03-06 08:29 . 2014-04-10 07:49 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-06 08:29 . 2014-04-10 07:49 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-03-06 08:28 . 2014-04-10 07:49 752640 ----a-w- c:\windows\system32\jscript9diag.dll
2014-03-06 08:15 . 2014-04-10 07:49 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-06 08:11 . 2014-04-10 07:49 5784064 ----a-w- c:\windows\system32\jscript9.dll
2014-03-06 08:09 . 2014-04-10 07:49 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2014-03-06 08:03 . 2014-04-10 07:49 586240 ----a-w- c:\windows\system32\ie4uinit.exe
2014-03-06 08:02 . 2014-04-10 07:49 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-03-06 08:02 . 2014-04-10 07:49 455168 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-03-06 08:01 . 2014-04-10 07:49 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56 . 2014-04-10 07:49 38400 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-03-06 07:48 . 2014-04-10 07:49 195584 ----a-w- c:\windows\system32\msrating.dll
2014-03-06 07:46 . 2014-04-10 07:49 4254720 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-03-06 07:42 . 2014-04-10 07:49 296960 ----a-w- c:\windows\system32\dxtrans.dll
2014-03-06 07:38 . 2014-04-10 07:49 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-03-06 07:36 . 2014-04-10 07:49 592896 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-03-06 07:21 . 2014-04-10 07:49 628736 ----a-w- c:\windows\system32\msfeeds.dll
2014-03-06 07:13 . 2014-04-10 07:49 32256 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11 . 2014-04-10 07:49 2043904 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-06 06:53 . 2014-04-10 07:49 13551104 ----a-w- c:\windows\system32\ieframe.dll
2014-03-06 06:40 . 2014-04-10 07:49 1967104 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-03-06 06:22 . 2014-04-10 07:49 2260480 ----a-w- c:\windows\system32\wininet.dll
2014-03-06 05:58 . 2014-04-10 07:49 1400832 ----a-w- c:\windows\system32\urlmon.dll
2014-03-06 05:50 . 2014-04-10 07:49 846336 ----a-w- c:\windows\system32\ieapfltr.dll
2014-03-06 05:41 . 2014-04-10 07:49 1789440 ----a-w- c:\windows\SysWow64\wininet.dll
2014-03-04 09:44 . 2014-04-10 07:42 362496 ----a-w- c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-10 07:42 243712 ----a-w- c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-10 07:42 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-04-10 07:42 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-10 07:42 1163264 ----a-w- c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-04-10 07:42 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-10 07:42 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-10 07:42 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-10 07:42 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-10 07:42 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-10 07:42 2048 ----a-w- c:\windows\SysWow64\user.exe
2014-02-13 12:46 . 2014-02-13 12:46 354656 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Benito\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Benito\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Benito\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Viber"="c:\users\Benito\AppData\Local\Viber\Viber.exe" [2013-07-31 912904]
"MouseServer"="c:\program files (x86)\MouseServer\MouseServer.exe" [2013-08-26 244736]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
"NetDrive"="c:\program files\NetDrive\netdrive.exe" [2014-05-08 3620864]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2013-04-25 1075296]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2013-12-18 41336]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2013-12-18 840568]
"RoccatKonePure"="c:\program files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.EXE" [2013-06-10 561152]
"V0770Mon.exe"="c:\windows\V0770Mon.exe" [2012-06-01 32884]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2014-02-14 450560]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-02-20 689744]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2014-01-10 1861968]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
c:\users\Benito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Benito\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-4-18 33604728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
JonDo.lnk - c:\program files (x86)\JonDo\JonDo.exe -m -s [2013-8-29 99192]
Logo Calibration Loader.lnk - c:\program files (x86)\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe [2014-4-23 708608]
ProfileReminder.lnk - c:\program files (x86)\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe [2014-4-23 954368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage-Technologie;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 PDIHWCTL;PDIHWCTL;c:\windows\system32\drivers\pdihwctl.sys;c:\windows\SYSNATIVE\drivers\pdihwctl.sys [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender\updatesrv.exe;c:\program files\Bitdefender\Bitdefender\updatesrv.exe [x]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 bdfwfpf_pc;bdfwfpf_pc;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [x]
R3 DFX11_1;DFX Audio Enhancer 11.1;c:\windows\system32\drivers\dfx11_1x64.sys;c:\windows\SYSNATIVE\drivers\dfx11_1x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EyeOneDisplay;EyeOneDisplay;c:\windows\system32\Drivers\i1display_x64.sys;c:\windows\SYSNATIVE\Drivers\i1display_x64.sys [x]
R3 fwlanusb4;FRITZ!WLAN N/G;c:\windows\system32\DRIVERS\fwlanusb4.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb4.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys;c:\windows\SYSNATIVE\DRIVERS\lvpopf64.sys [x]
R3 LVUVC64;Logitech QuickCam Pro 5000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 ndfs;ndfs;c:\program files\NetDrive\ndfs.sys;c:\program files\NetDrive\ndfs.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 ndsvc;NetDrive Service;c:\program files\NetDrive\ndsvc.exe;c:\program files\NetDrive\ndsvc.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4;c:\program files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files (x86)/PostgreSQL/8.4/data -w;c:\program files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files (x86)/PostgreSQL/8.4/data -w [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 V0770Vid;Live! Cam Sync HD VF0770 Driver;c:\windows\system32\DRIVERS\V0770Vid.sys;c:\windows\SYSNATIVE\DRIVERS\V0770Vid.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-29 20:57 1078088 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-09 01:48]
.
2014-05-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4015719053-3797219543-3078460475-1000Core.job
- c:\users\Benito\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-25 00:11]
.
2014-05-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4015719053-3797219543-3078460475-1000UA.job
- c:\users\Benito\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-25 00:11]
.
2014-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 01:59]
.
2014-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 01:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-08-30 08:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-08-30 08:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-08-30 08:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Benito\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Benito\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Benito\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Benito\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-12-07 5889816]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-06-13 472984]
"XMouseButtonControl"="c:\program files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe" [2013-10-06 1171088]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-11-04 7204568]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = www.google.com
mDefault_Search_URL = www.google.com
uInternet Settings,ProxyOverride = <local>
IE: {{07BA1DA9-F501-4796-8728-74D1B91A6CD5} - c:\program files (x86)\PokerStars.EU\PokerStarsUpdate.exe
IE: {{C4046502-6524-4d87-896C-878F57D1FF07} - c:\program files (x86)\PokerStars.IT\PokerStarsUpdate.exe
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{DE0522D4-BC58-40A7-A50A-6E2DA008BA92}: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\Benito\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.enabled - false
FF - prefs.js: network.proxy.ftp - 127.0.0.1
FF - prefs.js: network.proxy.ftp_port - 4001
FF - prefs.js: network.proxy.gopher - 127.0.0.1
FF - prefs.js: network.proxy.gopher_port - 4001
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 4001
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 4001
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 4001
FF - prefs.js: network.proxy.type - 1
.
.
------- Dateityp-Verknüpfung -------
.
inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
JSEFile=c:\windows\SysWow64\WScript.exe "%1" %*
txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{7e111a5c-3d11-4f56-9463-5310c3c69025} - (no file)
URLSearchHooks-{64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-Driver Genius - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Explorer_Run-43061 - c:\progra~3\LOCALS~1\Temp\msvrmv.cmd
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{152C96EB-288E-4EDC-B7C6-D21F8250ADF3} - (no file)
ShellIconOverlayIdentifiers-{342DAA0B-D796-460D-8566-901E08A1CCAD} - (no file)
ShellIconOverlayIdentifiers-{57595DAE-1AE1-4D97-A49E-67CBB53B52DF} - (no file)
ShellIconOverlayIdentifiers-{33816773-98AE-4723-ADE0-EBE54C8B5A67} - (no file)
AddRemove-Driver Genius Professional Edition_is1 - c:\program files (x86)\Driver-Soft\DriverGenius\unins000.exe
AddRemove-PokerStars.it - c:\program files (x86)\PokerStars.IT\PokerStarsUninstall.exe
AddRemove-Titan Poker - c:\poker\Titan Poker\TitanPSetupUninstall1386726359841_da094e_de.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\postgresql-8.4]
"ImagePath"="\"c:\program files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe\" runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-4015719053-3797219543-3078460475-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-4015719053-3797219543-3078460475-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="E90DB7DB19CD7180605C92BDA5FD2A11AD65D1CE5B8E77507868A4353373F87D2E1B69DECE67FE1122D2260686E2B74179C4E23DB29E201CE449428E5922D62CB339F5291EECA9AB2859FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A9C6AECB7A5D1407BA7FD869164D6794C038D530D6EB3452B6F22AE5E2A58F55E19CA0BA6F2159649CCBC1718C65AA4101D32782F2D2BC3BCF655EDF80B0A4C860C1591B4CDF3C775F73358F96A2C35E632353AD7873E62FC66FB245F5EB06CB5E60B06F4B3A4EF5766404FB20282F0626DE17747AB00F356BC429B307A85C7B21CEC601B4F26876B8368745984891E6557FAAD1AA0F46B71F6075ADCEBB491CFD296BF8A650553793C24EE1425C855813C0F923931692C4D87E8099387F5F93E04AA4E9921DD59586AA1C2833BF96D014A3A4A70ED36D8D212066428451A3ED4957ABC340A89E1625CFE5565851466FA0EBFB06CB59C4E8188B7756491393584B356FE04745D6629959578B6E740A7398218A47503A7CCF7048B7666E2A1EA78C0D90FA16491BC39EB4CE4C09924A43EA908BD9F18FE861EEA3E16A3080A3D149CE6332EE8EF9AC058EDD028F9464E61E49EC8E5E76D35D6DAF603DA084FDF1D02B738967F5F8AE305ACB78BB6DA90B4B20521A958D7C2C5CC1549BA42676C6869AFCE869DF0F831A5013DF1C8D5E019F2C1497697C9456BB721329F35BCD32E1D3729A31B42A86CD6BE24D156FBBBD5BCA3E0202E94109241F246B9A9FB5BD6C58784F525DA8B6EBE99C38DB8CEE59569C8E3D5D031D183E69444EFBEE551247E6E89932CA5E3929CED77EFB659912F684F98D48F7377847B4E41F4ACA47FEA589D0F08AED94554D635E5E54FECFC73C2A271B697E10C394AB290F10B91CF64E87F231693D8677B331AEFC16DD9B7FB5FA72F5364E9E380BBAE93729C455119C6FC31A2F35E3AE4F867BE3CA1178638BA76B8D7BA4CC37A394B490477A6A09FE94ECCD14D1D0AFA178AB7F4B25D8BE74A355B75841F7C7ED2C48796EEBC73CFA8CCC559F9766D1C45C591EC6B022824025A72E42E9F1930C3C9B34F62E4A2E2531741AB00D3012E34FD27640492B454DAB8D0E7E678267B4C0D4678F5CC507AAA0286D77BD2D8E3F2F9B208E8A43BE917566D8AA0562B5B07CD19D361282904A3DE301FCB5D20CAC1F6996DB95AACA9887C6F3B69440955F722345C1F2B93856AD53ED18098873920726BB278D956CFDA875A965E9BC3E34EE0C31D9231B1437DA58AE77CE2BCEED11715343992EC7F165EEA54EDEEE10B37B86967C4D4AD869F309239DA108CF4F2D1E85D7E59024BB8FE0F9DE4EE08C77EABE10799F5DE1796BAD0E5F1F66C85B0FB15FDE214F7033B8301DD49A9159B053949D754A"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\06\04\07\09\06\10t"
.
[HKEY_LOCAL_MACHINE\SYSTEM\BDSandBox\Benito\machine\SOFTWARE\Microsoft\Cryptography\RNG*]
@="!shallow!"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\JonDo\JonDo.exe
c:\program files (x86)\Java\jre7\bin\javaw.exe
c:\users\Benito\AppData\Roaming\Dropbox\bin\Dropbox.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-05-13 19:58:25 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-05-13 17:58
.
Vor Suchlauf: 16 Verzeichnis(se), 51.798.765.568 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 54.889.758.720 Bytes frei
.
- - End Of File - - B9C5217A515A334F68BAD9B90DDBD0E9
A36C5E4F47E84449FF07ED3517B43A31
|
|
14.05.2014, 19:09
| #9 |
| /// the machine /// TB-Ausbilder | Windows 7: Malwarebytes findet Trojan.Agent, jedoch lässt sich dieser nicht löschen! Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.05.2014, 22:05
| #10 |
| |  Windows 7: Malwarebytes findet Trojan.Agent, jedoch lässt sich dieser nicht löschen! Hallo, es scheint alles wäre ich jetzt von der Malware befreit, die genannten Programme haben das Problem und noch ein paar Schädlinge erledigt. Vielen Danke für deine Mühen.  LG ito |
|
16.05.2014, 12:53
| #11 |
| /// the machine /// TB-Ausbilder | Windows 7: Malwarebytes findet Trojan.Agent, jedoch lässt sich dieser nicht löschen! Wir sind aber nicht fertig. Bitte alle 3 laufen lassen, Logs posten, dann geht es weiter 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.05.2014, 13:01
| #12 |
| | Windows 7: Malwarebytes findet Trojan.Agent, jedoch lässt sich dieser nicht löschen! Wieso sind wir noch nicht fertig, wenn doch die schad-ware wech is? |
|
17.05.2014, 13:20
| #13 |
| /// the machine /// TB-Ausbilder | Windows 7: Malwarebytes findet Trojan.Agent, jedoch lässt sich dieser nicht löschen! wer sagt sie is weg? nur weil die symptome weg sind?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7: Malwarebytes findet Trojan.Agent, jedoch lässt sich dieser nicht löschen! |
| bitte um hilfe, gelöscht, hilfe, löschen, malwarebytes, mehrmals, neustart, nicht löschen, sache, troja, trojan.agent, versuch, versucht, windows, windows 7 |
Linear-Darstellung
