Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Gleich Problem wie User (trauma)? Es öffnen sich selbstständig "Sponsorship" Tabs. Wie kann ich es entfernen.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 11.09.2013, 00:21   #1
Lars T
 
Gleich Problem wie User (trauma)? Es öffnen sich selbstständig "Sponsorship" Tabs. Wie kann ich es entfernen. - Standard

Gleich Problem wie User (trauma)? Es öffnen sich selbstständig "Sponsorship" Tabs. Wie kann ich es entfernen.



Hier ist der Logfile den ich nach Angaben von AdminBot, der das gleiche Problem bei user (trauma) behoben hat, befolgt habe. OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 11.09.2013 00:32:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lars\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000407 | Country: Alemania | Language: DEU | Date Format: dd.MM.yyyy
 
7,96 Gb Total Physical Memory | 5,44 Gb Available Physical Memory | 68,31% Memory free
15,92 Gb Paging File | 13,00 Gb Available in Paging File | 81,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,95 Gb Total Space | 342,16 Gb Free Space | 75,71% Space Free | Partition Type: NTFS
 
Computer Name: LARS-TOSH | User Name: Lars | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Lars\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe ()
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Tor\tor.exe ()
PRC - C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Windows Internet Name Service\wins.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\ProgramData\Browser Manager\2.6.1519.190\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
PRC - C:\Users\Lars\AppData\Local\GamersFirst\LIVE!\Live.exe (GamersFirst)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
PRC - C:\Windows\SysWOW64\jmdp\stij.exe ()
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
PRC - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - C:\Program Files (x86)\Trust Gaming Mouse\Gaming Driver.exe (Areson)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\SysWOW64\schtasks.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\f2f0e9a8703422ee27d0094e81170cca\System.ServiceProcess.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\876a6e3ad28ad8fb6303fd81630f4366\System.Xaml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1bfc8df8dc2076bf8bcb90ce32f33c18\PresentationFramework.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\13181bc68824ceefac1f8bbfd58f33e4\PresentationCore.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\55ab9d8d98053d26d1846b670c43821b\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\e8092f13b7a38dfd4c57e262d02e5212\System.Core.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\625ef7b392f799bdd0ebe0e364bc7b40\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\1c8c245b408e8c12f73757f7e25c405b\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b327d37044a48eb8ee9847f4e352b923\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ded1ce18badf565556806edd5572053e\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System\c0a67abed7df54004613628d9db92a68\System.ni.dll ()
MOD - C:\ProgramData\Browser Manager\2.6.1519.190\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
MOD - C:\ProgramData\Browser Manager\2.6.1519.190\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ddab8d958a389e0578db75ff35a5d772\mscorlib.ni.dll ()
MOD - C:\Windows\SysWOW64\jmdp\stij.exe ()
MOD - C:\Windows\SysWOW64\jmdp\lmrn.dll ()
MOD - C:\Windows\SysWOW64\jmdp\sqlite3.dll ()
MOD - C:\Users\Lars\AppData\Local\GamersFirst\LIVE!\libcef.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (IBUpdaterService) -- C:\Windows\SysNative\dmwu.exe ()
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (GFNEXSrv) -- C:\Windows\SysNative\GFNEXSrv.exe ()
SRV - (tor) -- C:\Program Files (x86)\Tor\tor.exe ()
SRV - (Windows Internet Name Service) -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Windows Internet Name Service\wins.exe ()
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Browser Manager) -- C:\ProgramData\Browser Manager\2.6.1519.190\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
SRV - (Intel(R) -- C:\Archivos de programa\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (TosCoSrv) -- C:\Archivos de programa\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (TPCHSrv) -- C:\Archivos de programa\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
SRV - (TOSHIBA HDD SSD Alert Service) -- C:\Archivos de programa\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
SRV - (TOSHIBA eco Utility Service) -- C:\Archivos de programa\TOSHIBA\TECO\TecoService.exe (TOSHIBA Corporation)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (TMachInfo) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (TemproMonitoringService) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (sscdmdm) -- C:\Windows\SysNative\drivers\sscdmdm.sys (MCCI Corporation)
DRV:64bit: - (sscdbus) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation)
DRV:64bit: - (sscdmdfl) -- C:\Windows\SysNative\drivers\sscdmdfl.sys (MCCI Corporation)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (SCDEmu) -- C:\windows\SysNative\drivers\scdemu.sys (Power Software Ltd)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (tosrfbd) -- C:\Windows\SysNative\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (Tosrfusb) -- C:\Windows\SysNative\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV:64bit: - (NBVol) -- C:\Windows\SysNative\drivers\NBVol.sys (Nero AG)
DRV:64bit: - (NBVolUp) -- C:\Windows\SysNative\drivers\NBVolUp.sys (Nero AG)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (PGEffect) -- C:\Windows\SysNative\drivers\PGEffect.sys (TOSHIBA Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (Tosrfhid) -- C:\Windows\SysNative\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV:64bit: - (tosrfec) -- C:\Windows\SysNative\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (TVALZFL) -- C:\Windows\SysNative\drivers\TVALZFL.sys (TOSHIBA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{9A0B21F9-5051-4F85-8E8D-ABD35CEDD95D}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=161&systemid=406&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{9A0B21F9-5051-4F85-8E8D-ABD35CEDD95D}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=161&systemid=406&sr=0&q={searchTerms}
 
 
IE - HKU\.DEFAULT\..\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}: "URL" = hxxp://www.basicscan.com/?prt=BASICSCAN115&keywords={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}: "URL" = hxxp://www.basicscan.com/?prt=BASICSCAN115&keywords={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-712367076-1968051646-2917029085-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=110195&tt=3712_2&babsrc=HP_ss&mntrId=0291503600000000000024ec99165458
IE - HKU\S-1-5-21-712367076-1968051646-2917029085-1000\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = hxxp://search.babylon.com/?affID=110195&tt=3712_2&babsrc=HP_ss&mntrId=0291503600000000000024ec99165458
IE - HKU\S-1-5-21-712367076-1968051646-2917029085-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
IE - HKU\S-1-5-21-712367076-1968051646-2917029085-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchnu.com/406
IE - HKU\S-1-5-21-712367076-1968051646-2917029085-1000\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found
IE - HKU\S-1-5-21-712367076-1968051646-2917029085-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-712367076-1968051646-2917029085-1000\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-712367076-1968051646-2917029085-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-712367076-1968051646-2917029085-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=110195&tt=3712_2&babsrc=SP_ss&mntrId=0291503600000000000024ec99165458
IE - HKU\S-1-5-21-712367076-1968051646-2917029085-1000\..\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}: "URL" = hxxp://www.basicscan.com/?prt=BscscnPB&keywords={searchTerms}
IE - HKU\S-1-5-21-712367076-1968051646-2917029085-1000\..\SearchScopes\{9A0B21F9-5051-4F85-8E8D-ABD35CEDD95D}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA_esES497
IE - HKU\S-1-5-21-712367076-1968051646-2917029085-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=161&systemid=406&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-712367076-1968051646-2917029085-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Lars\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
 
[2012.12.04 21:17:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lars\AppData\Roaming\mozilla\Firefox\extensions
[2012.12.04 21:17:32 | 000,000,000 | ---D | M] (uTorrentBar_DE) -- C:\Users\Lars\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
[2012.08.18 22:36:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
 
========== Chrome ==========
 
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = hxxp://search.babylon.com/?q={searchTerms}&affID=110195&tt=3712_2&babsrc=SP_ss&mntrId=0291503600000000000024ec99165458
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.77\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: SaveAs = C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbpkdlokloolfebahoemeifjmjoghonh\2_0\
CHR - Extension: Battlefield Heroes = C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0\
CHR - Extension: uTorrentBar_DE = C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\10.16.100.504_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Battlefield Play4Free = C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0\
CHR - Extension: SaveAs = C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbpkdlokloolfebahoemeifjmjoghonh\2_0\
CHR - Extension: Battlefield Heroes = C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0\
CHR - Extension: uTorrentBar_DE = C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\10.16.100.504_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Battlefield Play4Free = C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (SaveAs Class) - {2C0ADBB9-1C72-10F5-137D-32E0A3B50A84} - C:\ProgramData\SaveAs\5078c4ac668f9.ocx ()
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-712367076-1968051646-2917029085-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-712367076-1968051646-2917029085-1000\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SRS Premium Sound HD] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (SRS Labs, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Archivos de programa\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Archivos de programa\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Archivos de programa\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Archivos de programa\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Archivos de programa\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Archivos de programa\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Adobe] C:\ProgramData\Adobe\1C617820.vbe ()
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe File not found
O4 - HKLM..\Run: [Gaming Mouse 4] C:\Program Files (x86)\Trust Gaming Mouse\Gaming Driver.exe (Areson)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\.DEFAULT..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-21-712367076-1968051646-2917029085-1000..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-712367076-1968051646-2917029085-1000..\Run: [Facebook Update] C:\Users\Lars\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-712367076-1968051646-2917029085-1000..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKU\S-1-5-21-712367076-1968051646-2917029085-1000..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-712367076-1968051646-2917029085-1000..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - HKU\S-1-5-21-712367076-1968051646-2917029085-1000..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-21-712367076-1968051646-2917029085-1000..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED File not found
O4 - HKU\S-1-5-21-712367076-1968051646-2917029085-1000..\Run: [videotwisterSA] "C:\Users\Lars\AppData\Local\videotwisterSA\bin\1.0.5.0\videotwisterSA.exe" File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk = C:\Users\Lars\AppData\Local\GamersFirst\LIVE!\Live.exe (GamersFirst)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54CCEDA0-A08C-468F-9A47-D392C60C5319}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{99AEE3B1-586C-4102-9FEC-8E1C11D338C3}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261519~1.190\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.6.1519.190\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.09.11 00:30:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lars\Desktop\OTL.exe
[2013.09.02 23:51:39 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\dfrg
[2013.09.02 15:40:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tor
[2013.08.15 03:07:17 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013.08.15 03:07:16 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013.08.15 03:07:16 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013.08.15 03:07:16 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013.08.15 03:07:16 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013.08.15 03:07:16 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013.08.15 03:07:16 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013.08.15 03:07:16 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013.08.15 03:07:16 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013.08.15 03:07:16 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013.08.15 03:07:16 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013.08.15 03:07:15 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013.08.15 03:07:14 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013.08.15 03:07:14 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013.08.15 03:07:14 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013.08.15 03:01:25 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT
[2013.08.14 18:07:39 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2013.08.14 18:07:39 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2013.08.14 18:07:39 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptnet.dll
[2013.08.14 18:06:24 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL
[2013.08.14 18:06:23 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL
[2013.08.14 18:06:19 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2013.08.14 18:06:16 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2013.08.14 18:06:16 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2013.08.14 18:06:16 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2013.08.14 18:06:15 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2013.08.14 18:06:15 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2013.08.14 18:06:14 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2013.08.14 18:06:14 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2013.08.14 18:06:14 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2013.08.14 18:06:14 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2013.08.14 18:06:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
 
========== Files - Modified Within 30 Days ==========
 
[2013.09.11 00:31:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lars\Desktop\OTL.exe
[2013.09.11 00:26:12 | 000,000,282 | ---- | M] () -- C:\windows\tasks\DSite.job
[2013.09.11 00:26:12 | 000,000,111 | ---- | M] () -- C:\Users\Lars\AppData\Roaming\WB.CFG
[2013.09.11 00:26:11 | 000,000,005 | ---- | M] () -- C:\Users\Lars\AppData\Roaming\WBPU-TTL.DAT
[2013.09.11 00:16:01 | 000,000,838 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.09.10 23:52:00 | 000,001,124 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.09.10 23:52:00 | 000,001,120 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.09.10 23:17:01 | 000,000,924 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-712367076-1968051646-2917029085-1000UA.job
[2013.09.10 21:51:25 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.10 21:51:25 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.10 17:17:00 | 000,000,902 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-712367076-1968051646-2917029085-1000Core.job
[2013.09.10 16:16:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2013.09.10 14:40:47 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.09.05 15:25:10 | 001,555,882 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.09.05 15:25:10 | 000,693,688 | ---- | M] () -- C:\windows\SysNative\perfh00A.dat
[2013.09.05 15:25:10 | 000,616,242 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.09.05 15:25:10 | 000,137,296 | ---- | M] () -- C:\windows\SysNative\perfc00A.dat
[2013.09.05 15:25:10 | 000,106,622 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.09.05 15:20:28 | 000,000,828 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2013.09.05 15:20:28 | 000,000,410 | -H-- | M] () -- C:\windows\tasks\OptimizerPro1UpdaterTask{7C97E948-8E81-4DFC-A646-896CB5306BB5}.job
[2013.09.05 15:20:28 | 000,000,350 | ---- | M] () -- C:\windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013.09.05 15:19:56 | 2115,870,719 | -HS- | M] () -- C:\hiberfil.sys
[2013.09.05 03:20:07 | 000,002,585 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - toshiba.lnk
[2013.09.04 02:53:35 | 000,002,194 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.09.04 01:58:58 | 000,282,296 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.xtr
[2013.09.04 01:58:58 | 000,282,296 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.ex0
[2013.09.04 01:45:19 | 000,282,296 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.exe
[2013.08.28 19:52:26 | 000,000,000 | ---- | M] () -- C:\END
 
========== Files Created - No Company Name ==========
 
[2013.07.31 14:23:30 | 000,000,111 | ---- | C] () -- C:\Users\Lars\AppData\Roaming\WB.CFG
[2013.07.14 00:04:16 | 000,000,005 | ---- | C] () -- C:\Users\Lars\AppData\Roaming\WBPU-Q5-TTL.DAT
[2013.07.12 22:03:03 | 000,000,005 | ---- | C] () -- C:\Users\Lars\AppData\Roaming\WBPU-TTL.DAT
[2013.07.12 21:05:47 | 000,645,632 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll
[2013.07.12 21:05:47 | 000,240,640 | ---- | C] () -- C:\windows\SysWow64\xvidvfw.dll
[2013.07.12 21:05:36 | 000,178,688 | ---- | C] () -- C:\windows\SysWow64\unrar.dll
[2013.07.12 21:05:31 | 000,715,038 | ---- | C] () -- C:\windows\unins000.exe
[2013.07.12 21:05:31 | 000,216,064 | ---- | C] ( ) -- C:\windows\SysWow64\lagarith.dll
[2013.07.12 21:05:31 | 000,001,990 | ---- | C] () -- C:\windows\unins000.dat
[2012.09.27 19:06:58 | 000,000,000 | ---- | C] () -- C:\ProgramData\870a9eb29fa9e31493d2b2112ecc26f3_c
[2012.08.18 22:37:43 | 000,005,120 | ---- | C] () -- C:\Users\Lars\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.14 20:24:11 | 000,282,296 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.exe
[2012.08.14 20:24:06 | 000,076,888 | ---- | C] () -- C:\windows\SysWow64\PnkBstrA.exe
[2012.08.09 09:40:32 | 000,065,576 | ---- | C] () -- C:\windows\SysWow64\bdmpegv.dll
[2012.08.09 09:40:28 | 000,022,560 | ---- | C] () -- C:\windows\SysWow64\bdmjpeg.dll
[2012.08.01 21:28:57 | 000,128,312 | ---- | C] () -- C:\windows\SysWow64\GFNEX.dll
[2012.08.01 21:14:24 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2012.08.01 21:12:12 | 000,204,960 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2012.08.01 21:12:12 | 000,157,152 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2012.08.01 21:12:12 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2012.02.02 22:08:26 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll
[2012.01.20 04:49:58 | 000,059,904 | ---- | C] () -- C:\windows\SysWow64\OpenVideo.dll
[2012.01.20 04:49:48 | 000,054,784 | ---- | C] () -- C:\windows\SysWow64\OVDecode.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.09.04 01:37:56 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\.minecraft
[2012.10.02 22:37:07 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\AnvSoft
[2013.01.17 16:49:16 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\avidemux
[2012.09.11 00:12:27 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\Babylon
[2012.08.23 03:37:52 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\BANDISOFT
[2013.07.14 16:22:46 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\CDXReader
[2013.07.12 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\DSite
[2013.06.21 14:44:19 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\File Scout
[2012.08.12 18:12:24 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\FloodLightGames
[2013.07.12 21:05:35 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\LavFilters
[2012.08.13 21:38:11 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\LolClient
[2012.12.06 11:25:16 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\PowerISO
[2013.04.29 22:11:54 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\Samsung
[2012.08.23 03:48:09 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\Solveig Multimedia
[2012.08.08 17:12:12 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\Toshiba
[2012.08.13 19:26:51 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\TOSHIBA Online Product Information
[2013.07.14 18:03:31 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\TS3Client
[2013.07.12 21:05:42 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\Ultimate Codec Packages
[2013.01.26 15:04:41 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\uTorrent
[2012.11.01 23:08:17 | 000,000,000 | ---D | M] -- C:\Users\Lars\AppData\Roaming\WildTangent
 
========== Purity Check ==========
 
 
 
< End of report >
         
--- --- ---

Alt 11.09.2013, 05:05   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Gleich Problem wie User (trauma)? Es öffnen sich selbstständig "Sponsorship" Tabs. Wie kann ich es entfernen. - Standard

Gleich Problem wie User (trauma)? Es öffnen sich selbstständig "Sponsorship" Tabs. Wie kann ich es entfernen.



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 12.09.2013, 12:43   #3
Lars T
 
Gleich Problem wie User (trauma)? Es öffnen sich selbstständig "Sponsorship" Tabs. Wie kann ich es entfernen. - Standard

Gleich Problem wie User (trauma)? Es öffnen sich selbstständig "Sponsorship" Tabs. Wie kann ich es entfernen.



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-09-2013 02
Ran by Lars (administrator) on LARS-TOSH on 12-09-2013 13:28:52
Running from C:\Users\Lars\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Spanish Modern Sort
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
() C:\Windows\System32\GFNEXSrv.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
() C:\ProgramData\Browser Manager\2.6.1519.190\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
() C:\windows\system32\dmwu.exe
(Microsoft Corporation) C:\windows\SysWOW64\schtasks.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\windows\SysWOW64\PnkBstrA.exe
(TOSHIBA Corporation) C:\windows\system32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\ProgramData\Browser Manager\2.6.1519.190\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(GamersFirst) C:\Users\Lars\AppData\Local\GamersFirst\LIVE!\Live.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
(SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
(SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Areson) C:\Program Files (x86)\Trust Gaming Mouse\Gaming Driver.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
() C:\Windows\SysWOW64\jmdp\stij.exe
() C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.184\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.45\deploy\LolClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Tor\tor.exe
() C:\windows\SysWOW64\config\systemprofile\AppData\Local\Windows Internet Name Service\wins.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] - [x]
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-15] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound HD] - C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip [223180 2012-03-22] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2866960 2011-12-19] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-09-22] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [989056 2011-12-13] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\Teco.exe [1548208 2011-11-24] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-11-25] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2012-05-11] (Toshiba Europe GmbH)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKCU\...\Run: [TOPI.EXE] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKCU\...\Run: [Facebook Update] - C:\Users\Lars\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-08-15] (Facebook Inc.)
HKCU\...\Run: [KPeerNexonEU] - C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2012-08-22] (NEXON Inc.)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-11] (Google Inc.)
HKCU\...\Run: [videotwisterSA] - "C:\Users\Lars\AppData\Local\videotwisterSA\bin\1.0.5.0\videotwisterSA.exe"
HKCU\...\Run: [uTorrent] - "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844168 2013-05-08] (Samsung)
MountPoints2: E - E:\autorun.exe
HKLM-x32\...\Run: [NBAgent] - C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1492264 2011-11-18] (Nero AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-01-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ITSecMng] - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-05] (Intel Corporation)
HKLM-x32\...\Run: [TSleepSrv] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [253312 2011-11-21] (TOSHIBA)
HKLM-x32\...\Run: [SweetIM] - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [115032 2012-05-29] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [Sweetpacks Communicator] - C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [295728 2012-02-26] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [PWRISOVM.EXE] - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [336992 2012-08-24] (Power Software Ltd)
HKLM-x32\...\Run: [Gaming Mouse 4] - C:\Program Files (x86)\Trust Gaming Mouse\Gaming Driver.exe [3328000 2012-04-17] (Areson)
HKLM-x32\...\Run: [Adobe] - C:\ProgramData\Adobe\1C617820.vbe [7300 2012-11-11] ()
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [x]
HKU\Default\...\Run: [TOPI.EXE] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\Default User\...\Run: [TOPI.EXE] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
AppInit_DLLs:        [0 ] ()
AppInit_DLLs-x32: c:\progra~3\browse~1\261519~1.190\{16cdf~1\browse~1.dll  [2691536 2013-07-26] ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
ShortcutTarget: GamersFirst LIVE!.lnk -> C:\Users\Lars\AppData\Local\GamersFirst\LIVE!\Live.exe (GamersFirst)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle
HKCU\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = Babylon Search
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = Babylon Search
URLSearchHook: (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=161&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=161&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=161&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=161&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=161&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=110195&tt=3712_2&babsrc=SP_ss&mntrId=0291503600000000000024ec99165458
SearchScopes: HKCU - {33524C00-63FB-43DB-A6BF-0A4E14B24649} URL = hxxp://www.basicscan.com/?prt=BscscnPB&keywords={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=161&systemid=406&sr=0&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: SaveAs Class - {2C0ADBB9-1C72-10F5-137D-32E0A3B50A84} - C:\ProgramData\SaveAs\5078c4ac668f9.ocx ()
BHO-x32: No Name - {2EECD738-5844-4a99-B4B6-146BF802613B} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM -  No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 -  No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM-x32 -  No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU -  No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://search.babylon.com/?affID=110195&tt=3712_2&babsrc=HP_ss_pr&mntrId=0291503600000000000024ec99165458"
CHR DefaultSearchURL: (Search the web (Babylon)) - hxxp://search.babylon.com/?q={searchTerms}&affID=110195&tt=3712_2&babsrc=SP_ss&mntrId=0291503600000000000024ec99165458
CHR DefaultSuggestURL: (Search the web (Babylon)) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.77\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\gcswf32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Extension: (SaveAs) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbpkdlokloolfebahoemeifjmjoghonh\2_0
CHR Extension: (Battlefield Heroes) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0
CHR Extension: (uTorrentBar_DE) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\10.16.100.504_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Battlefield Play4Free) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0
CHR HKLM-x32\...\Chrome\Extension: [bbpkdlokloolfebahoemeifjmjoghonh] - C:\ProgramData\SaveAs\bbpkdlokloolfebahoemeifjmjoghonh.crx
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Lars\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx

==================== Services (Whitelisted) =================

R2 Browser Manager; C:\ProgramData\Browser Manager\2.6.1519.190\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2847696 2013-07-26] ()
R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-09] ()
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1447728 2013-05-21] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-05] ()
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-02] ()
R2 Windows Internet Name Service; C:\Windows\SysWow64\config\systemprofile\AppData\Local\Windows Internet Name Service\wins.exe [2665472 2013-09-02] ()

==================== Drivers (Whitelisted) ====================

S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [x]
S3 Tosrfcom; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-12 13:27 - 2013-09-12 13:28 - 01949642 _____ (Farbar) C:\Users\Lars\Downloads\FRST64.exe
2013-09-11 01:30 - 2013-09-11 01:31 - 00000000 ___RD C:\Users\Lars\Desktop\OTL
2013-09-02 23:51 - 2013-09-05 22:23 - 00000000 ____D C:\windows\SysWOW64\dfrg
2013-09-02 15:40 - 2013-09-02 15:40 - 00000000 ____D C:\Program Files (x86)\Tor
2013-08-15 03:07 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-08-15 03:07 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-08-15 03:07 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-08-15 03:07 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-08-15 03:07 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-08-15 03:07 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-08-15 03:07 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-08-15 03:07 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-08-15 03:07 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-08-15 03:07 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-08-15 03:07 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-08-15 03:07 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-08-15 03:07 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-08-15 03:07 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-08-15 03:07 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-08-15 03:07 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-08-15 03:07 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-08-15 03:07 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-08-15 03:07 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-08-15 03:07 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-08-15 03:07 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-08-15 03:07 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-08-15 03:07 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-08-15 03:07 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-08-15 03:07 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-08-15 03:07 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-08-15 03:07 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-08-15 03:07 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-08-15 03:07 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-08-15 03:07 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-08-15 03:07 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 03:01 - 2013-08-15 03:03 - 00000000 ____D C:\windows\system32\MRT
2013-08-14 18:07 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2013-08-14 18:07 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-08-14 18:07 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2013-08-14 18:07 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2013-08-14 18:07 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2013-08-14 18:07 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-08-14 18:07 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2013-08-14 18:07 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2013-08-14 18:07 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2013-08-14 18:06 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-08-14 18:06 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-08-14 18:06 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2013-08-14 18:06 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2013-08-14 18:06 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2013-08-14 18:06 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2013-08-14 18:06 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2013-08-14 18:06 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2013-08-14 18:06 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2013-08-14 18:06 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2013-08-14 18:06 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2013-08-14 18:06 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2013-08-14 18:06 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2013-08-14 18:06 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2013-08-14 18:06 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2013-08-14 18:06 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2013-08-14 18:06 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2013-08-14 18:06 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

2013-09-12 13:28 - 2013-09-12 13:28 - 00000000 ____D C:\FRST
2013-09-12 13:28 - 2013-09-12 13:27 - 01949642 _____ (Farbar) C:\Users\Lars\Downloads\FRST64.exe
2013-09-12 13:25 - 2012-08-13 14:17 - 00000000 ____D C:\Users\Lars\AppData\Local\PMB Files
2013-09-12 13:23 - 2013-07-12 21:03 - 00000282 _____ C:\windows\Tasks\DSite.job
2013-09-12 13:16 - 2012-05-11 00:59 - 00000838 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-09-12 12:53 - 2012-08-01 21:06 - 02043877 _____ C:\windows\WindowsUpdate.log
2013-09-12 12:52 - 2012-05-11 01:04 - 00001124 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-12 11:54 - 2012-05-11 01:04 - 00001120 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-12 11:48 - 2012-08-15 17:12 - 00000924 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-712367076-1968051646-2917029085-1000UA.job
2013-09-11 17:17 - 2012-08-15 17:12 - 00000902 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-712367076-1968051646-2917029085-1000Core.job
2013-09-11 16:16 - 2012-08-01 21:09 - 00000830 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2013-09-11 01:31 - 2013-09-11 01:30 - 00000000 ___RD C:\Users\Lars\Desktop\OTL
2013-09-11 00:26 - 2013-07-31 14:23 - 00000111 _____ C:\Users\Lars\AppData\Roaming\WB.CFG
2013-09-11 00:26 - 2013-07-12 22:03 - 00000005 _____ C:\Users\Lars\AppData\Roaming\WBPU-TTL.DAT
2013-09-10 21:51 - 2009-07-14 06:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-10 21:51 - 2009-07-14 06:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-09 18:22 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\NDF
2013-09-08 01:50 - 2012-08-13 14:17 - 00000000 ____D C:\ProgramData\PMB Files
2013-09-07 22:38 - 2012-08-15 20:05 - 00000000 ____D C:\Users\Lars\AppData\Roaming\Skype
2013-09-05 22:23 - 2013-09-02 23:51 - 00000000 ____D C:\windows\SysWOW64\dfrg
2013-09-05 15:25 - 2010-11-21 09:09 - 00693688 _____ C:\windows\system32\perfh00A.dat
2013-09-05 15:25 - 2010-11-21 09:09 - 00137296 _____ C:\windows\system32\perfc00A.dat
2013-09-05 15:25 - 2009-07-14 07:13 - 01555882 _____ C:\windows\system32\PerfStringBackup.INI
2013-09-05 15:20 - 2013-06-03 19:31 - 00000350 _____ C:\windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-09-05 15:20 - 2012-10-13 03:26 - 00000410 ____H C:\windows\Tasks\OptimizerPro1UpdaterTask{7C97E948-8E81-4DFC-A646-896CB5306BB5}.job
2013-09-05 15:20 - 2012-08-01 21:09 - 00000828 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2013-09-05 15:20 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-09-05 15:20 - 2009-07-14 06:51 - 00098471 _____ C:\windows\setupact.log
2013-09-05 06:01 - 2009-07-14 04:34 - 00000510 _____ C:\windows\win.ini
2013-09-05 04:37 - 2010-11-21 05:47 - 00215068 _____ C:\windows\PFRO.log
2013-09-05 04:36 - 2013-07-12 21:10 - 00000000 ____D C:\Program Files\DivX
2013-09-05 04:36 - 2013-07-12 21:05 - 00000000 ____D C:\ProgramData\DivX
2013-09-05 04:36 - 2013-07-12 21:05 - 00000000 ____D C:\Program Files (x86)\DivX
2013-09-05 03:20 - 2012-11-01 23:09 - 00002585 ____N C:\Users\Public\Desktop\WildTangent Games App - toshiba.lnk
2013-09-04 02:53 - 2012-05-11 01:04 - 00002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-04 01:58 - 2012-08-14 20:32 - 00282296 _____ C:\windows\SysWOW64\PnkBstrB.xtr
2013-09-04 01:58 - 2012-08-14 20:24 - 00282296 _____ C:\windows\SysWOW64\PnkBstrB.ex0
2013-09-04 01:45 - 2012-08-14 20:24 - 00282296 _____ C:\windows\SysWOW64\PnkBstrB.exe
2013-09-04 01:37 - 2013-07-14 16:21 - 00000000 ____D C:\Users\Lars\AppData\Roaming\.minecraft
2013-09-02 15:40 - 2013-09-02 15:40 - 00000000 ____D C:\Program Files (x86)\Tor
2013-08-28 19:52 - 2013-01-31 19:30 - 00000000 _____ C:\END
2013-08-15 22:57 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2013-08-15 03:03 - 2013-08-15 03:01 - 00000000 ____D C:\windows\system32\MRT
2013-08-15 03:01 - 2012-12-26 15:25 - 78161360 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-08-15 02:02 - 2013-05-08 18:04 - 00000000 ____D C:\Program Files (x86)\MyFree Codec

Files to move or delete:
====================
C:\Users\Lars\AppData\Local\Temp\.exe
C:\Users\Lars\AppData\Local\Temp\ApnStub.exe
C:\Users\Lars\AppData\Local\Temp\AskSLib.dll
C:\Users\Lars\AppData\Local\Temp\AVG.exe
C:\Users\Lars\AppData\Local\Temp\bdfilters.dll
C:\Users\Lars\AppData\Local\Temp\i4jdel0.exe
C:\Users\Lars\AppData\Local\Temp\i4jdel1.exe
C:\Users\Lars\AppData\Local\Temp\ICReinstall_UltimateCodec.exe
C:\Users\Lars\AppData\Local\Temp\installhelper.dll
C:\Users\Lars\AppData\Local\Temp\InstallMonetizer.exe
C:\Users\Lars\AppData\Local\Temp\jre-7u10-windows-i586-iftw.exe
C:\Users\Lars\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Lars\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Lars\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Lars\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Lars\AppData\Local\Temp\lowproc.exe
C:\Users\Lars\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Lars\AppData\Local\Temp\NGMDll.dll
C:\Users\Lars\AppData\Local\Temp\NGMResource.dll
C:\Users\Lars\AppData\Local\Temp\oi_{F90CE54A-2A3E-46AC-9382-0DD451FF24A3}.exe
C:\Users\Lars\AppData\Local\Temp\QtraxNotification.exe
C:\Users\Lars\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
C:\Users\Lars\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\Lars\AppData\Local\Temp\Shortcut_BundleSweetIMSetup.exe
C:\Users\Lars\AppData\Local\Temp\simbo.exe
C:\Users\Lars\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Lars\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Lars\AppData\Local\Temp\softonic_ggl_1.6.7.4.exe
C:\Users\Lars\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Lars\AppData\Local\Temp\steam403.exe
C:\Users\Lars\AppData\Local\Temp\stubhelper.dll
C:\Users\Lars\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Lars\AppData\Local\Temp\tbedrs.dll
C:\Users\Lars\AppData\Local\Temp\tbuTor.dll
C:\Users\Lars\AppData\Local\Temp\unicows.dll
C:\Users\Lars\AppData\Local\Temp\Uninstall.exe
C:\Users\Lars\AppData\Local\Temp\wajam_install.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-11 01:04

==================== End Of Log ============================
         
--- --- ---

--- --- ---


FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-09-2013 02
Ran by Lars at 2013-09-12 13:29:11
Running from C:\Users\Lars\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.228)
Adobe Reader X (10.1.0) MUI (x32 Version: 10.1.0)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)
Aloha TriPeaks (x32 Version: 2.2.0.98)
AMD APP SDK Runtime (Version: 10.0.851.6)
AMD Catalyst Install Manager (Version: 3.0.859.0)
Any Video Converter 3.5.5 (x32)
APB Reloaded (x32 Version: 1.6.1.603578)
Argazki Galeria (x32 Version: 16.4.3505.0912)
Atheros Bluetooth Filter Driver Package (Version: 1.0.0.12)
Atheros Driver Installation Program (x32 Version: 9.2)
Avidemux 2.6 (x32 Version: 2.6.1.8321)
Bandisoft MPEG-1 Decoder (x32)
Battlefield Heroes (x32)
Bejeweled 3 (x32 Version: 2.2.0.98)
Bluetooth Stack for Windows by Toshiba (Version: v9.00.00(T))
Browser Manager (x32)
Cake Mania (x32 Version: 2.2.0.98)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2012.0120.420.7502)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0120.420.7502)
Catalyst Control Center InstallProxy (x32 Version: 2012.0120.420.7502)
Catalyst Control Center Localization All (x32 Version: 2012.0120.420.7502)
CCC Help Chinese Standard (x32 Version: 2012.0120.0419.7502)
CCC Help Chinese Traditional (x32 Version: 2012.0120.0419.7502)
CCC Help Czech (x32 Version: 2012.0120.0419.7502)
CCC Help Danish (x32 Version: 2012.0120.0419.7502)
CCC Help Dutch (x32 Version: 2012.0120.0419.7502)
CCC Help English (x32 Version: 2012.0120.0419.7502)
CCC Help Finnish (x32 Version: 2012.0120.0419.7502)
CCC Help French (x32 Version: 2012.0120.0419.7502)
CCC Help German (x32 Version: 2012.0120.0419.7502)
CCC Help Greek (x32 Version: 2012.0120.0419.7502)
CCC Help Hungarian (x32 Version: 2012.0120.0419.7502)
CCC Help Italian (x32 Version: 2012.0120.0419.7502)
CCC Help Japanese (x32 Version: 2012.0120.0419.7502)
CCC Help Korean (x32 Version: 2012.0120.0419.7502)
CCC Help Norwegian (x32 Version: 2012.0120.0419.7502)
CCC Help Polish (x32 Version: 2012.0120.0419.7502)
CCC Help Portuguese (x32 Version: 2012.0120.0419.7502)
CCC Help Russian (x32 Version: 2012.0120.0419.7502)
CCC Help Spanish (x32 Version: 2012.0120.0419.7502)
CCC Help Swedish (x32 Version: 2012.0120.0419.7502)
CCC Help Thai (x32 Version: 2012.0120.0419.7502)
CCC Help Turkish (x32 Version: 2012.0120.0419.7502)
ccc-utility64 (Version: 2012.0120.420.7502)
CCleaner (Version: 3.21)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
D3DX10 (x32 Version: 15.4.2368.0902)
DC-Bass Source 1.3.0 (x32)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Diablo III (x32 Version: 1.0.8.16603)
DirectVobSub 2.40.4209 (x32 Version: 2.40.4209)
DivX-Setup (x32 Version: 2.6.1.8)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
Fotogalerie (x32 Version: 16.4.3505.0912)
Galería de fotos (x32 Version: 16.4.3505.0912)
Galeria fotogràfica (x32 Version: 16.4.3505.0912)
GamersFirst LIVE! (HKCU)
Google Chrome (x32 Version: 29.0.1547.66)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4413.1752)
Google Update Helper (x32 Version: 1.3.21.153)
Haali Media Splitter (x32)
Hardware Setup de TOSHIBA (x32 Version: 2.00.0020)
High-Definition Video Playback (x32 Version: 11.1.10500.2.65)
IB Updater Service (x32 Version: 3.0.5.4)
iLivid (x32 Version: 4.0.0.2410)
Insaniquarium Deluxe (x32 Version: 2.2.0.97)
Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.35342)
Intel(R) Management Engine Components (x32 Version: 8.0.3.1427)
Intel(R) Rapid Storage Technology (x32 Version: 11.0.0.1032)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.1.209)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
Internet Explorer Toolbar 4.6 by SweetPacks (x32 Version: 4.6.0003)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 30 (x32 Version: 6.0.300)
Java(TM) 7 Update 5 (x32 Version: 7.0.50)
JavaFX 2.1.1 (x32 Version: 2.1.1)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98)
Juegos WildTangent (x32 Version: 1.0.2.5)
Junk Mail filter update (x32 Version: 16.4.3505.0912)
Lagarith Lossless Codec (1.3.27) (x32)
LAME v3.99.3 (for Windows) (x32)
League of Legends (x32 Version: 1.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Language Interface Pack 2010 - Català (x32 Version: 14.0.7015.1000)
Microsoft Office Language Interface Pack 2010 - Euskara (x32 Version: 14.0.7015.1000)
Microsoft Office Language Interface Pack 2010 - Galego (x32 Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Basque) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Catalan) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Galician) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Portuguese (Brazil)) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word Viewer 2003 (x32 Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Movie Maker (x32 Version: 16.4.3505.0912)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95)
NC Launcher (GameForge) (x32)
Nero 11 Essentials (x32 Version: 11.0.00300)
Nero 11 Kwik Themes Basic (x32 Version: 11.0.11200.12.0)
Nero BackItUp 11 (x32 Version: 6.0.18000.19.100)
Nero BackItUp 11 Help (CHM) (x32 Version: 11.0.10200)
Nero Backup Drivers (Version: 1.0.11100.8.0)
Nero BurnRights 11 (x32 Version: 5.0.10300.4.100)
Nero BurnRights 11 Help (CHM) (x32 Version: 11.0.10100)
Nero ControlCenter 11 (x32 Version: 11.0.12700.0.27)
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Core Components 11 (x32 Version: 11.0.15500.1.16)
Nero Express 11 (x32 Version: 11.0.11900.24.100)
Nero Express 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Kwik Media (x32 Version: 1.10.24800.146.100)
Nero Kwik Media Help (CHM) (x32 Version: 11.0.10200)
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100)
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400)
Nero Update (x32 Version: 11.0.11400.27.0)
nero.prerequisites.msi (x32 Version: 11.0.20008)
Nexon Game Manager (x32)
NVIDIA PhysX (x32 Version: 9.10.0129)
Open It! (x32 Version: 1.1.1)
OpenSource Flash Video Splitter 1.0.0.5 (x32 Version: 1.0.0.5)
OptimizerPro1 (Version: 1.0)
Pando Media Booster (x32 Version: 2.6.0.8)
Photo Common (x32 Version: 16.4.3505.0912)
Photo Gallery (x32 Version: 16.4.3505.0912)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Polar Bowler (x32 Version: 2.2.0.97)
PowerISO (x32 Version: 5.4)
Premium Sound HD (Version: 1.12.1800)
PunkBuster Services (x32 Version: 0.993)
Realtek Ethernet Controller Driver (x32 Version: 7.48.823.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6597)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7601.30130)
Samsung Kies (x32 Version: 2.5.3.13034_9)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.23.0)
SaveAs (x32 Version: )
Skype™ 6.3 (x32 Version: 6.3.107)
SweetIM for Messenger 3.7 (x32 Version: 3.7.0005)
Synaptics Pointing Device Driver (Version: 15.3.38.2)
TeamSpeak 3 Client (HKCU Version: 3.0.10)
TOSHIBA Assist (x32 Version: 4.2.3.0)
TOSHIBA Contrasena de supervisor (x32 Version: 2.00.0009)
TOSHIBA Disc Creator (Version: 2.1.0.11 for x64)
TOSHIBA eco Utility (Version: 1.3.10.64)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.11)
Toshiba Manuals (x32 Version: 10.04)
TOSHIBA Media Controller (x32 Version: 1.0.87.5)
TOSHIBA Media Controller Plug-in (x32 Version: 1.0.7.7)
TOSHIBA Online Product Information (x32 Version: 4.01.0000)
TOSHIBA PC Health Monitor (Version: 1.7.15.64)
TOSHIBA Places Icon Utility (x32 Version: 1.1.1.4)
TOSHIBA Recovery Media Creator (x32 Version: 2.1.6.52020009)
TOSHIBA Recovery Media Creator Reminder (x32 Version: 1.00.0019)
TOSHIBA Resolution+ Plug-in for Windows Media Player (x32 Version: 1.1.2004)
TOSHIBA Service Station (x32 Version: 2.2.13)
TOSHIBA Sleep Utility (x32 Version: 1.4.0022.000104)
TOSHIBA TEMPRO (x32 Version: 3.35)
TOSHIBA Value Added Package (Version: 1.6.0021.640203)
TOSHIBA Value Added Package (x32 Version: 1.6.0021.640203)
TOSHIBA Web Camera Application (x32 Version: 2.0.3.33)
Trust Gaming Mouse (x32)
Ultimate Codec Packages (HKCU)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Zip Opener (HKCU)
Update Installer for WildTangent Games App (x32)
Update Manager for SweetPacks 1.0 (x32 Version: 1.0.0005)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98)
welcome (x32 Version: 11.0.22500.0.0)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.5.36)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Mail (x32 Version: 16.4.3505.0912)
Windows Live Messenger (x32 Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live Writer (x32 Version: 16.4.3505.0912)
Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
Xvid Video Codec (x32 Version: 1.3.2)
Your Product (x32 Version: 1.0)

==================== Restore Points  =========================

03-09-2013 14:54:15 Windows Update
05-09-2013 03:57:04 Windows Update
10-09-2013 12:51:51 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {1F004E9C-83CA-4DEE-87EE-DA6757508B3E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {262F86B3-4907-4CAF-AB62-0834F8A03CBA} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {26B50800-BAC9-4CA3-8E61-08F4E4CA3F4A} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {2E5FAC32-D958-4139-B221-B149AF415AAE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {32AA8AF1-8847-4458-A45A-2CEDDE80470F} - System32\Tasks\AdobeFlashPlayerUpdate => C:\windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {353A6A15-D809-4B7C-A5E3-96F09A061F9E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-712367076-1968051646-2917029085-1000UA => C:\Users\Lars\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-15] (Facebook Inc.)
Task: {3552703A-419E-442C-AAFA-4F8133379347} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {43D56204-720B-441F-8B19-E60AC54DBEE0} - System32\Tasks\OptimizerPro1UpdaterTask{7C97E948-8E81-4DFC-A646-896CB5306BB5} => C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exe [2012-09-19] ()
Task: {58658CE8-BEFC-4938-8E42-A78952A609BE} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {5B24BA12-DBA4-4DD9-B68F-2442809E7D98} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\windows\TEMP\{4A838343-47AA-4326-879E-FB561808FBB4}.exe
Task: {6359BA65-1533-418F-9735-854329D8E9F9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-712367076-1968051646-2917029085-1000Core => C:\Users\Lars\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-15] (Facebook Inc.)
Task: {877E20CD-A7C8-4FD9-B886-21070872F17E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-11] (Google Inc.)
Task: {9215B573-0376-4796-A1ED-4C1FB7371FD2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-07-24] (Piriform Ltd)
Task: {99FCBCC4-50AD-4F82-83B0-813F2D6AC6F1} - System32\Tasks\{F6F1AC33-C41A-4E07-9795-934EBB3AB599} => Chrome.exe Skype auf Ihren Computer herunterladen ? Mac, Windows, Linux*?*Skype
Task: {A056EE3A-654C-4B3F-81F6-E6499E63F3CD} - System32\Tasks\RunAsStdUser Task => C:\Users\Lars\AppData\Local\teeveewatchSA\bin\1.0.8.0\TeeveeWatchSA.exe
Task: {A7DDFA50-C82D-48B9-85F1-2BB52FF4066E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {D125668B-C82C-482F-BBA8-BA1B3B6D25C8} - System32\Tasks\DSite => C:\Users\Lars\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe [2013-07-14] ()
Task: {D5BD0CA1-6B7A-418F-8CF3-9A4012F9A927} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-11] (Google Inc.)
Task: {EF9E6932-2212-413D-AF79-5910F207CAB3} - System32\Tasks\QtraxPlayer => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2013-05-13] (Microsoft Corporation)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\windows\TEMP\{4A838343-47AA-4326-879E-FB561808FBB4}.exe
Task: C:\windows\Tasks\DSite.job => C:\Users\Lars\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-712367076-1968051646-2917029085-1000Core.job => C:\Users\Lars\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-712367076-1968051646-2917029085-1000UA.job => C:\Users\Lars\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\OptimizerPro1UpdaterTask{7C97E948-8E81-4DFC-A646-896CB5306BB5}.job => C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exe

==================== Loaded Modules (whitelisted) =============

2013-01-17 17:12 - 2013-01-17 17:12 - 00244696 _____ (Microsoft Corporation) C:\Users\Lars\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
2013-01-17 17:12 - 2013-01-17 17:12 - 00661448 _____ (Microsoft Corporation) C:\Users\Lars\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\MSVCP110.dll
2013-01-17 17:12 - 2013-01-17 17:12 - 00828872 _____ (Microsoft Corporation) C:\Users\Lars\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\MSVCR110.dll
2012-05-11 00:58 - 2011-12-15 15:55 - 00059264 _____ (Toshiba Corporation) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIBasePlace.dll
2012-05-11 00:58 - 2011-12-15 15:55 - 00034688 _____ (Toshiba Corporation) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDesktopEventCaptor.dll
2012-05-11 00:58 - 2011-12-15 15:56 - 00017280 _____ (Toshiba Corporation) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIPlaceFileEntity.dll
2012-08-20 17:28 - 2012-06-09 19:20 - 00196096 _____ (Alexander Roshal) C:\Program Files\WinRAR\rarext.dll
2010-07-30 09:46 - 2010-07-30 09:46 - 00621968 _____ (TOSHIBA) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll
2012-08-24 09:57 - 2012-08-24 09:57 - 00230496 _____ (Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOSH.DLL
2011-12-19 12:14 - 2011-12-19 12:14 - 00421648 _____ (Synaptics Incorporated) C:\windows\system32\SynCOM.dll
2011-12-19 12:14 - 2011-12-19 12:14 - 00229648 _____ (Synaptics Incorporated) C:\windows\system32\SynTPAPI.dll
2011-12-15 23:16 - 2011-12-15 23:16 - 00156608 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll
2011-12-15 23:16 - 2011-12-15 23:16 - 00153024 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll
2011-12-15 23:16 - 2011-12-15 23:16 - 00309184 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll
2011-09-22 22:21 - 2011-09-22 22:21 - 00266688 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TCooling.dll
2011-09-22 22:22 - 2011-09-22 22:22 - 00346048 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll
2011-09-22 22:24 - 2011-09-22 22:24 - 00061376 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll
2011-09-22 22:23 - 2011-09-22 22:23 - 00278480 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrBrightness.dll
2011-09-22 22:20 - 2011-09-22 22:20 - 00268224 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll
2011-09-22 22:22 - 2011-09-22 22:22 - 00273856 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll
2011-09-22 22:25 - 2011-09-22 22:25 - 00268224 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll
2011-09-22 22:22 - 2011-09-22 22:22 - 00266688 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll
2011-05-17 14:35 - 2011-05-17 14:35 - 00270784 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TScreen.dll
2011-12-13 21:55 - 2011-12-13 21:55 - 00112512 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll
2011-12-13 21:55 - 2011-12-13 21:55 - 00268160 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll
2011-08-22 15:19 - 2011-08-22 15:19 - 11204992 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2010-03-03 14:15 - 2010-03-03 14:15 - 00265016 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll
2011-08-08 16:58 - 2011-08-08 16:58 - 00185728 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll
2011-07-21 20:43 - 2011-07-21 20:43 - 00299904 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\ButtonSupport\TBSMain.dll
2011-07-26 13:08 - 2011-07-26 13:08 - 00097664 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\Hotkey\Brightness.dll
2011-03-03 12:11 - 2011-03-03 12:11 - 00128928 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF5.dll
2011-01-18 12:55 - 2011-01-18 12:55 - 00114552 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\Hotkey\Touchpad.dll
2011-01-20 15:13 - 2011-01-20 15:13 - 00091000 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\Hotkey\Mute.dll
2011-04-06 12:01 - 2011-04-06 12:01 - 00381360 _____ (TOSHIBA Corporation.) C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll
2010-12-02 19:50 - 2010-12-02 19:50 - 00044920 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\SmoothView.dll
2008-07-14 10:35 - 2008-07-14 10:35 - 00107832 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
2011-11-16 13:15 - 2011-11-16 13:15 - 00080288 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnSpace.dll
2011-11-24 13:20 - 2011-11-24 13:20 - 00593856 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoPower.dll
2011-11-24 13:20 - 2011-11-24 13:20 - 00089536 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoHci.dll
2010-12-15 15:19 - 2010-12-15 15:19 - 00124320 _____ () C:\Program Files\TOSHIBA\TECO\MUIHelp.dll
2011-02-10 09:25 - 2011-02-10 09:25 - 00047568 _____ (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproCommon.dll
2011-02-10 09:25 - 2011-02-10 09:25 - 07226832 _____ (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproUI.dll
2011-02-10 09:25 - 2011-02-10 09:25 - 00051152 _____ (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\es\TemproUI.resources.dll
2012-05-11 00:56 - 2011-02-18 14:09 - 00564088 _____ () C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\es\Humphrey.resources.dll
2012-05-11 00:58 - 2011-12-15 15:55 - 00012160 _____ (Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDILangPack.dll
2012-05-11 00:58 - 2011-12-15 15:56 - 00022400 _____ () C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\es\TosDILangPack.resources.dll
2012-05-11 00:58 - 2011-12-15 15:55 - 00072064 _____ (Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIInternal.dll
2012-05-11 00:58 - 2011-12-15 15:55 - 00063360 _____ () C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIInternal.XmlSerializers.dll
2012-01-20 04:10 - 2012-01-20 04:10 - 00303104 _____ (Advanced Mirco Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
2012-01-20 04:09 - 2012-01-20 04:09 - 00192512 _____ (Advanced Mirco Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
2009-01-20 13:51 - 2009-01-20 13:51 - 00007168 _____ ( ) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atixclib.dll
2012-01-20 04:14 - 2012-01-20 04:14 - 00027648 _____ (Advanced Mirco Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll
2012-01-20 04:13 - 2012-01-20 04:13 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-09 09:55 - 2011-11-09 09:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-11-25 18:51 - 2011-11-25 18:51 - 00079784 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2011-11-25 18:53 - 2011-11-25 18:53 - 00265656 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TReport.dll
2011-12-14 15:04 - 2011-12-14 15:04 - 00150016 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHCTL.dll
2011-12-14 15:03 - 2011-12-14 15:03 - 00259584 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TReport.dll
2011-12-14 15:03 - 2011-12-14 15:03 - 00109568 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHMui.dll
2013-08-02 17:09 - 2013-07-26 12:10 - 02691536 _____ () C:\ProgramData\Browser Manager\2.6.1519.190\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
2012-05-29 15:50 - 2012-05-29 15:50 - 00026968 ____R (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll
2011-03-02 23:58 - 2011-03-02 23:58 - 00307200 _____ ( MarkAny.) C:\Program Files (x86)\Samsung\Kies\External\MACSSDK.dll
2012-04-27 00:38 - 2012-04-27 00:38 - 20758016 _____ () C:\Users\Lars\AppData\Local\GamersFirst\LIVE!\libcef.dll
2012-04-27 00:38 - 2012-04-27 00:38 - 09956864 _____ (The ICU Project) C:\Users\Lars\AppData\Local\GamersFirst\LIVE!\icudt.dll
2012-05-29 15:50 - 2012-05-29 15:50 - 00299352 ____R (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll
2012-05-29 15:50 - 2012-05-29 15:50 - 00098648 ____R (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll
2012-05-29 15:50 - 2012-05-29 15:50 - 00315736 ____R (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll
2012-05-29 15:50 - 2012-05-29 15:50 - 00036696 ____R (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll
2012-05-29 15:50 - 2012-05-29 15:50 - 00168280 ____R (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll
2012-05-29 15:50 - 2012-05-29 15:50 - 00074072 ____R (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll
2012-05-29 15:50 - 2012-05-29 15:50 - 00065880 ____R (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll
2012-02-26 16:01 - 2012-02-26 16:01 - 00313136 ____R (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\mgcommon.dll
2012-02-26 16:01 - 2012-02-26 16:01 - 00061232 _____ (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\mgxml_wrapper.dll
2012-02-26 16:01 - 2012-02-26 16:01 - 00041264 _____ (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\mgcommunication.dll
2012-02-26 16:01 - 2012-02-26 16:01 - 00050480 _____ (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\mgsimcommon.dll
2013-03-28 07:14 - 2013-04-23 06:43 - 00250368 _____ (Windows (R) Codename Longhorn DDK provider) C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll
2013-02-05 09:25 - 2013-02-05 09:25 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jmdp\MSVCR100.dll
2013-05-27 10:56 - 2013-05-27 10:56 - 00382976 _____ () C:\Windows\SysWOW64\jmdp\lmrn.dll
2013-02-05 09:25 - 2013-02-05 09:25 - 00362029 _____ () C:\Windows\SysWOW64\jmdp\sqlite3.dll
2013-02-05 09:25 - 2013-02-05 09:25 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jmdp\MSVCP100.dll
2013-09-04 20:13 - 2013-09-12 11:48 - 00114688 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.184\deploy\RiotLauncher.dll
2013-09-04 20:12 - 2013-09-04 20:12 - 06388328 _____ (NVIDIA Corporation) C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.184\deploy\cg.dll
2013-09-04 20:12 - 2013-09-04 20:12 - 01051240 _____ (NVIDIA Corporation) C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.184\deploy\cgD3D9.dll
2013-09-04 20:12 - 2013-09-04 20:12 - 00363112 _____ (NVIDIA Corporation) C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.184\deploy\cgGL.dll
2013-07-10 23:51 - 2013-07-10 23:51 - 20839784 _____ (Adobe Systems Inc.) C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.45\deploy\Adobe AIR\Versions\1.0\Adobe AIR.dll
2013-01-17 17:12 - 2013-01-17 17:12 - 00220632 _____ (Microsoft Corporation) C:\Users\Lars\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
2013-01-17 17:12 - 2013-01-17 17:12 - 00534480 _____ (Microsoft Corporation) C:\Users\Lars\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\MSVCP110.dll
2013-01-17 17:12 - 2013-01-17 17:12 - 00862664 _____ (Microsoft Corporation) C:\Users\Lars\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\MSVCR110.dll
2013-01-17 17:12 - 2013-01-17 17:12 - 00537560 _____ (Microsoft Corporation) C:\Users\Lars\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\Telemetry.dll
2013-01-17 17:12 - 2013-01-17 17:12 - 00038360 _____ (Microsoft Corporation) C:\Users\Lars\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\logging.dll
2013-09-04 02:53 - 2013-09-02 22:35 - 00709584 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
2013-09-04 02:53 - 2013-09-02 22:35 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libegl.dll
2013-09-04 02:53 - 2013-09-02 22:35 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
2013-09-04 02:53 - 2013-09-02 22:35 - 13599184 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
2013-09-04 02:53 - 2013-09-02 22:35 - 04053456 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll
2013-09-04 02:53 - 2013-09-02 22:35 - 00410576 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll

==================== Alternate Data Streams (whitelisted) ==========



==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/12/2013 01:16:01 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: FlashPlayerUpdateService.exe, versión: 11.6.602.180, marca de tiempo: 0x51a4ab8c
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.18205, marca de tiempo: 0x51db9710
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0002e243
Id. del proceso con errores: 0x24f0
Hora de inicio de la aplicación con errores: 0xFlashPlayerUpdateService.exe0
Ruta de acceso de la aplicación con errores: FlashPlayerUpdateService.exe1
Ruta de acceso del módulo con errores: FlashPlayerUpdateService.exe2
Id. del informe: FlashPlayerUpdateService.exe3

Error: (09/12/2013 00:16:01 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: FlashPlayerUpdateService.exe, versión: 11.6.602.180, marca de tiempo: 0x51a4ab8c
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.18205, marca de tiempo: 0x51db9710
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0002e243
Id. del proceso con errores: 0x26a0
Hora de inicio de la aplicación con errores: 0xFlashPlayerUpdateService.exe0
Ruta de acceso de la aplicación con errores: FlashPlayerUpdateService.exe1
Ruta de acceso del módulo con errores: FlashPlayerUpdateService.exe2
Id. del informe: FlashPlayerUpdateService.exe3

Error: (09/12/2013 11:48:18 AM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: FlashPlayerUpdateService.exe, versión: 11.6.602.180, marca de tiempo: 0x51a4ab8c
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.18205, marca de tiempo: 0x51db9710
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0002e243
Id. del proceso con errores: 0x1dd4
Hora de inicio de la aplicación con errores: 0xFlashPlayerUpdateService.exe0
Ruta de acceso de la aplicación con errores: FlashPlayerUpdateService.exe1
Ruta de acceso del módulo con errores: FlashPlayerUpdateService.exe2
Id. del informe: FlashPlayerUpdateService.exe3

Error: (09/11/2013 10:16:01 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: FlashPlayerUpdateService.exe, versión: 11.6.602.180, marca de tiempo: 0x51a4ab8c
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.18205, marca de tiempo: 0x51db9710
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0002e243
Id. del proceso con errores: 0x17f0
Hora de inicio de la aplicación con errores: 0xFlashPlayerUpdateService.exe0
Ruta de acceso de la aplicación con errores: FlashPlayerUpdateService.exe1
Ruta de acceso del módulo con errores: FlashPlayerUpdateService.exe2
Id. del informe: FlashPlayerUpdateService.exe3

Error: (09/11/2013 09:16:01 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: FlashPlayerUpdateService.exe, versión: 11.6.602.180, marca de tiempo: 0x51a4ab8c
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.18205, marca de tiempo: 0x51db9710
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0002e243
Id. del proceso con errores: 0x1e60
Hora de inicio de la aplicación con errores: 0xFlashPlayerUpdateService.exe0
Ruta de acceso de la aplicación con errores: FlashPlayerUpdateService.exe1
Ruta de acceso del módulo con errores: FlashPlayerUpdateService.exe2
Id. del informe: FlashPlayerUpdateService.exe3

Error: (09/11/2013 08:16:02 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: FlashPlayerUpdateService.exe, versión: 11.6.602.180, marca de tiempo: 0x51a4ab8c
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.18205, marca de tiempo: 0x51db9710
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0002e243
Id. del proceso con errores: 0x2938
Hora de inicio de la aplicación con errores: 0xFlashPlayerUpdateService.exe0
Ruta de acceso de la aplicación con errores: FlashPlayerUpdateService.exe1
Ruta de acceso del módulo con errores: FlashPlayerUpdateService.exe2
Id. del informe: FlashPlayerUpdateService.exe3

Error: (09/11/2013 07:16:02 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: FlashPlayerUpdateService.exe, versión: 11.6.602.180, marca de tiempo: 0x51a4ab8c
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.18205, marca de tiempo: 0x51db9710
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0002e243
Id. del proceso con errores: 0x2264
Hora de inicio de la aplicación con errores: 0xFlashPlayerUpdateService.exe0
Ruta de acceso de la aplicación con errores: FlashPlayerUpdateService.exe1
Ruta de acceso del módulo con errores: FlashPlayerUpdateService.exe2
Id. del informe: FlashPlayerUpdateService.exe3

Error: (09/11/2013 06:16:02 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: FlashPlayerUpdateService.exe, versión: 11.6.602.180, marca de tiempo: 0x51a4ab8c
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.18205, marca de tiempo: 0x51db9710
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0002e243
Id. del proceso con errores: 0x2b34
Hora de inicio de la aplicación con errores: 0xFlashPlayerUpdateService.exe0
Ruta de acceso de la aplicación con errores: FlashPlayerUpdateService.exe1
Ruta de acceso del módulo con errores: FlashPlayerUpdateService.exe2
Id. del informe: FlashPlayerUpdateService.exe3

Error: (09/11/2013 05:16:02 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: FlashPlayerUpdateService.exe, versión: 11.6.602.180, marca de tiempo: 0x51a4ab8c
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.18205, marca de tiempo: 0x51db9710
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0002e243
Id. del proceso con errores: 0x1630
Hora de inicio de la aplicación con errores: 0xFlashPlayerUpdateService.exe0
Ruta de acceso de la aplicación con errores: FlashPlayerUpdateService.exe1
Ruta de acceso del módulo con errores: FlashPlayerUpdateService.exe2
Id. del informe: FlashPlayerUpdateService.exe3

Error: (09/11/2013 04:16:00 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: FlashPlayerUpdateService.exe, versión: 11.6.602.180, marca de tiempo: 0x51a4ab8c
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.18205, marca de tiempo: 0x51db9710
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0002e243
Id. del proceso con errores: 0x1610
Hora de inicio de la aplicación con errores: 0xFlashPlayerUpdateService.exe0
Ruta de acceso de la aplicación con errores: FlashPlayerUpdateService.exe1
Ruta de acceso del módulo con errores: FlashPlayerUpdateService.exe2
Id. del informe: FlashPlayerUpdateService.exe3


System errors:
=============
Error: (09/05/2013 03:20:52 PM) (Source: Service Control Manager) (User: )
Description: El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.

Error: (09/05/2013 05:57:25 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (09/05/2013 04:38:44 AM) (Source: Service Control Manager) (User: )
Description: El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.

Error: (09/05/2013 03:28:25 AM) (Source: Service Control Manager) (User: )
Description: El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.

Error: (09/05/2013 03:26:27 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (09/04/2013 02:52:02 AM) (Source: Microsoft-Windows-Bits-Client) (User: NT AUTHORITY)
Description: No se pudo crear un nuevo trabajo de BITS. El recuento actual de trabajos del usuario Lars-TOSH\Lars (152) es mayor o igual al límite de trabajos (60) especificado mediante la directiva de grupo. Para corregir el problema, complete o cancele los trabajos de BITS que no hayan progresado (indicados en el error) y reinicie el servicio BITS. Si se repite el error, póngase en contacto con el administrador del sistema y aumente los límites de trabajos de la directiva de grupo por usuario y por equipo.

Error: (09/02/2013 03:56:12 PM) (Source: Service Control Manager) (User: )
Description: El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.

Error: (08/31/2013 01:52:01 AM) (Source: Microsoft-Windows-Bits-Client) (User: NT AUTHORITY)
Description: No se pudo crear un nuevo trabajo de BITS. El recuento actual de trabajos del usuario Lars-TOSH\Lars (152) es mayor o igual al límite de trabajos (60) especificado mediante la directiva de grupo. Para corregir el problema, complete o cancele los trabajos de BITS que no hayan progresado (indicados en el error) y reinicie el servicio BITS. Si se repite el error, póngase en contacto con el administrador del sistema y aumente los límites de trabajos de la directiva de grupo por usuario y por equipo.

Error: (08/27/2013 07:52:44 PM) (Source: Microsoft-Windows-Bits-Client) (User: NT AUTHORITY)
Description: No se pudo crear un nuevo trabajo de BITS. El recuento actual de trabajos del usuario Lars-TOSH\Lars (155) es mayor o igual al límite de trabajos (60) especificado mediante la directiva de grupo. Para corregir el problema, complete o cancele los trabajos de BITS que no hayan progresado (indicados en el error) y reinicie el servicio BITS. Si se repite el error, póngase en contacto con el administrador del sistema y aumente los límites de trabajos de la directiva de grupo por usuario y por equipo.

Error: (08/27/2013 07:52:25 PM) (Source: Service Control Manager) (User: )
Description: El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.


Microsoft Office Sessions:
=========================
Error: (09/12/2013 01:16:01 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e24324f001ceafa975cf18c6C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\windows\SysWOW64\ntdll.dllb41e5e51-1b9c-11e3-81b5-4c72b90df6b5

Error: (09/12/2013 00:16:01 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e24326a001ceafa1140c45a9C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\windows\SysWOW64\ntdll.dll525e47f8-1b94-11e3-81b5-4c72b90df6b5

Error: (09/12/2013 11:48:18 AM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e2431dd401ceaf9d34f63536C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\windows\SysWOW64\ntdll.dll73208b42-1b90-11e3-81b5-4c72b90df6b5

Error: (09/11/2013 10:16:01 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e24317f001ceaf2bbb4fe6f4C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\windows\SysWOW64\ntdll.dllf9a17678-1b1e-11e3-81b5-4c72b90df6b5

Error: (09/11/2013 09:16:01 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e2431e6001ceaf23598ba99bC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\windows\SysWOW64\ntdll.dll97dd391e-1b16-11e3-81b5-4c72b90df6b5

Error: (09/11/2013 08:16:02 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e243293801ceaf1af7c5973cC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\windows\SysWOW64\ntdll.dll36b1b6b9-1b0e-11e3-81b5-4c72b90df6b5

Error: (09/11/2013 07:16:02 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e243226401ceaf1295ff9887C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\windows\SysWOW64\ntdll.dlld4e79dde-1b05-11e3-81b5-4c72b90df6b5

Error: (09/11/2013 06:16:02 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e2432b3401ceaf0a343de097C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\windows\SysWOW64\ntdll.dll7327e1c6-1afd-11e3-81b5-4c72b90df6b5

Error: (09/11/2013 05:16:02 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e243163001ceaf01d27a186fC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\windows\SysWOW64\ntdll.dll1163a46c-1af5-11e3-81b5-4c72b90df6b5

Error: (09/11/2013 04:16:00 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e243161001ceaef970a16869C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\windows\SysWOW64\ntdll.dllae6eaacc-1aec-11e3-81b5-4c72b90df6b5


==================== Memory info =========================== 

Percentage of memory in use: 41%
Total physical RAM: 8151.8 MB
Available physical RAM: 4754.69 MB
Total Pagefile: 16301.79 MB
Available Pagefile: 12441.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (TI30878200C) (Fixed) (Total:451.95 GB) (Free:341.3 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 6AEC3E0B)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=452 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12 GB) - (Type=17)

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 12.09.2013, 17:16   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Gleich Problem wie User (trauma)? Es öffnen sich selbstständig "Sponsorship" Tabs. Wie kann ich es entfernen. - Standard

Gleich Problem wie User (trauma)? Es öffnen sich selbstständig "Sponsorship" Tabs. Wie kann ich es entfernen.



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Gleich Problem wie User (trauma)? Es öffnen sich selbstständig "Sponsorship" Tabs. Wie kann ich es entfernen.
adobe, alert, autorun, bho, bot, browser, downloader, entfernen, excel, explorer, firefox, flash player, format, google, helper, home, homepage, logfile, optimizerpro, poweriso, problem, realtek, registry, scan, search the web, software, usb, wildtangent games, windows



Ähnliche Themen: Gleich Problem wie User (trauma)? Es öffnen sich selbstständig "Sponsorship" Tabs. Wie kann ich es entfernen.


  1. "web.de"-Startseite beim Öffnen eines neuen Tabs
    Plagegeister aller Art und deren Bekämpfung - 24.05.2015 (2)
  2. Im Browser öffnen sich selbstständig zwei Tabs mit Werbung für Spiele
    Log-Analyse und Auswertung - 24.03.2015 (25)
  3. Im Internetbrowser öffnen sich selbstständig in unregelmäßigem Abstand 2 Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 09.02.2015 (17)
  4. Werbung im Firefox, dubiose Tabs öffnen sich selbstständig
    Log-Analyse und Auswertung - 13.11.2014 (15)
  5. Firefox öffnen sich Tabs mit Werbung selbstständig
    Log-Analyse und Auswertung - 26.10.2014 (9)
  6. Tabs mit Werbung öffnen sich selbstständig
    Plagegeister aller Art und deren Bekämpfung - 11.03.2014 (10)
  7. Tabs öffnen sich selbstständig, auch in Spielen.
    Log-Analyse und Auswertung - 03.01.2014 (11)
  8. Windows 7 (64 bit): Firefox öffnet selbstständig "Werbe-Tabs"
    Log-Analyse und Auswertung - 24.11.2013 (7)
  9. Google Chrome öffnet "Sponsorship"-Tabs
    Plagegeister aller Art und deren Bekämpfung - 17.11.2013 (3)
  10. Windows 8: Unerwünschte Tabs öffnen sich selbstständig
    Log-Analyse und Auswertung - 28.08.2013 (3)
  11. "Sponsorship" - Tab öffnet sich in Chrome !
    Plagegeister aller Art und deren Bekämpfung - 14.08.2013 (11)
  12. Google Chrome und "Sponsorship"-Tabs
    Plagegeister aller Art und deren Bekämpfung - 05.07.2013 (3)
  13. Problem mit Windows 7 64 Bit -Firefox öffnet ungewollt Tabs mit der überschrift "ads" Proxyeinstellungen werden selbstständig geändert.
    Plagegeister aller Art und deren Bekämpfung - 16.06.2013 (9)
  14. "twoo.com" Spam. Was kann man als User tun ?
    Diskussionsforum - 03.10.2012 (2)
  15. "Recovery"- und"Bundeskriminalamt"-Malware; Rkill und Malwarebytes öffnen sich nicht
    Plagegeister aller Art und deren Bekämpfung - 29.05.2011 (9)
  16. "Recovery"- und"Bundeskriminalamt"-Malware; Rkill und Malwarebytes öffnen sich nicht
    Antiviren-, Firewall- und andere Schutzprogramme - 29.05.2011 (2)
  17. Google-Links führen zu falschen Seiten, Tabs öffnen sich selbstständig im Hintergrund
    Log-Analyse und Auswertung - 31.03.2011 (17)

Zum Thema Gleich Problem wie User (trauma)? Es öffnen sich selbstständig "Sponsorship" Tabs. Wie kann ich es entfernen. - Hier ist der Logfile den ich nach Angaben von AdminBot, der das gleiche Problem bei user (trauma) behoben hat, befolgt habe. OTL Logfile: Code: Alles auswählen Aufklappen ATTFilter OTL logfile - Gleich Problem wie User (trauma)? Es öffnen sich selbstständig "Sponsorship" Tabs. Wie kann ich es entfernen....
Archiv
Du betrachtest: Gleich Problem wie User (trauma)? Es öffnen sich selbstständig "Sponsorship" Tabs. Wie kann ich es entfernen. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.