| |
| |||||||
Log-Analyse und Auswertung: Windows Vista : SoftwareUpdater.ui.exe Problem behebenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
12.02.2014, 17:09
| #1 |
 |  Windows Vista : SoftwareUpdater.ui.exe Problem beheben Hallo Leute , Seit einigen Monaten schlage ich mich mit dem oben genannten Problem rum und habe bis dato nichts dagegen unternehmen . Zu meinem Bedauern musste ich feststellen , dass es sich ja höchstwahrscheinlich um einen Trojaner handelt . Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:43 on 12/02/2014 (Sajad&Reshad)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-02-2014 01
Ran by Sajad&Reshad at 2014-02-12 15:46:28
Running from C:\Users\Sajad&Reshad\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
Adobe AIR (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.4.0.2540 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader X (10.1.2) - Deutsch (Version: 10.1.2 - Adobe Systems Incorporated)
Apple Application Support (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.41 - Research in Motion Ltd.)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.41 - Research in Motion Ltd.) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
CCleaner (Version: 3.22 - Piriform)
Content Manager 2 (Version: 3.10.0.52790 - NNG Llc.)
Corel MediaOne (Version: 2.100.0000 - Corel Corporation)
CyberLink LabelPrint (Version: 2.5.1616 - CyberLink Corp.)
CyberLink LabelPrint (Version: 2.5.1616 - CyberLink Corp.) Hidden
CyberLink MediaShow (Version: 4.1.2609 - CyberLink Corp.)
CyberLink MediaShow (Version: 4.1.2609 - CyberLink Corp.) Hidden
CyberLink PhotoNow (Version: 1.1.5615 - CyberLink Corp.)
CyberLink PhotoNow (Version: 1.1.5615 - CyberLink Corp.) Hidden
CyberLink Power2Go (Version: 6.1.2806 - CyberLink Corp.)
CyberLink Power2Go (Version: 6.1.2806 - CyberLink Corp.) Hidden
CyberLink PowerDirector (Version: 7.0.2718 - CyberLink Corp.)
CyberLink PowerDirector (Version: 7.0.2718 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (Version: 9.0.1531 - CyberLink Corp.)
CyberLink PowerDVD 9 (Version: 9.0.1531 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (Version: 1.0.5611 - CyberLink Corp.)
CyberLink PowerProducer (Version: 5.0.1.1412 - CyberLink Corp.)
CyberLink PowerProducer (Version: 5.0.1.1412 - CyberLink Corp.) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
devolo dLAN Cockpit (Version: 4.1.3.0 - devolo AG)
DivX-Setup (Version: 2.6.1.9 - DivX, LLC)
dLAN Cockpit (Version: 3.2.28 - devolo AG) Hidden
dLAN Cockpit (Version: 3.23.12 - devolo AG) Hidden
Facebook Video Calling 2.0.0.447 (Version: 2.0.447 - Skype Limited)
Favorit (Version: - )
FormatFactory 3.0.1 (Version: 3.0.1 - Free Time)
Free System Utilities (Version: 1.0.0 - Covus Freemium GmbH)
Free SystemUtilities (Version: 1.0.0 - Covus Freemium GmbH) Hidden
Google Chrome (Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
Google Updater (Version: 2.4.2432.1652 - Google Inc.)
HashTab 4.0.0.1 (Version: 4.0.0.1 - Implbits Software)
Hercules DualPix Exchange Webcam (Version: 2.8.0.0 - Hercules)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (Version: 140.0.61.61 - Hewlett Packard)
HP Foto- und Bildbearbeitung 2.0 - All-in-One (Version: 1.10.0000 - Hewlett-Packard Company) Hidden
HP Foto- und Bildbearbeitung 2.0 All-in-One Treiber (Version: 1.10.0000 - Hewlett-Packard Company) Hidden
HP Photo Creations (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
HP Update (Version: 5.002.005.003 - Hewlett-Packard)
HTC Driver Installer (Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (Version: 2.4.11.0 - HTC)
Intel(R) Matrix Storage Manager (Version: - )
IPTInstaller (Version: 4.0.8 - HTC)
iTunes (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 21 (Version: 7.0.210 - Oracle)
Java Auto Updater (Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG Bluetooth Drivers (Version: 1.1 - LG Electronics)
LG On-Screen Phone (Version: 4.0.004.130823 - LG Electronics)
LG PC Suite (Version: 5.2.33.20130406 - LG Electronics)
LG United Mobile Drivers (Version: 3.10.1.0 - LG Electronics)
LightScribe System Software (Version: 1.18.1.1 - LightScribe)
MCE Software Encoder 1.1 (Version: 1.1.0.1918 - CyberLink Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Search Enhancement Pack (Version: 3.0.133.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (Version: 9.7.0621 - Microsoft Corporation)
MotoHelper MergeModules (Version: 1.0.0 - Motorola) Hidden
MotoHelper MergeModules (Version: 1.2.0 - Motorola) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0 - Microsoft Corporation)
MyFreeCodec (HKCU Version: - )
Naviextras Toolbox Prerequesities (Version: 1.0.0 - NNG Llc.)
Norton Internet Security (Version: 21.1.0.18 - Symantec Corporation)
NVIDIA Display Control Panel (Version: 6.14.11.9745 - NVIDIA Corporation)
NVIDIA Drivers (Version: 1.10.59.37 - NVIDIA Corporation)
NVIDIA PhysX (Version: 9.09.0203 - NVIDIA Corporation)
O&O MediaRecovery (Version: 4.1.1322 - O&O Software GmbH)
OpenOffice.org 3.4.1 (Version: 3.41.9593 - Apache Software Foundation)
PDF Creator (Remove Only) (Version: - )
PhotoScape (Version: - )
Picasa 3 (Version: 3.9 - Google, Inc.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Radio.fx (Version: - Tobit.Software)
Realtek High Definition Audio Driver (Version: 6.0.1.5783 - Realtek Semiconductor Corp.)
Samsung Kies (Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skype™ 6.3 (Version: 6.3.105 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0 - Adobe Systems Incorporated)
Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)
Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten (Version: 22.0.334.0 - Hewlett-Packard Co.)
Text-To-Speech-Runtime (Version: 1.0.0.0 - Magix Development GmbH)
TI Connect 1.6 (Version: 1.6 - Texas Instruments Incorporated)
TubeBox (Version: 4.3.0.29 - Freetec)
TubeBox (Version: 4.3.0.29 - Freetec) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update Manager (Version: 4.60 - Corel Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VirtualDJ PRO Full (Version: 7.0.5 - Atomix Productions)
Vista Codec Package (Version: 6.5.2 - Shark007)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live OneCare safety scanner (Version: - Microsoft Corporation)
Windows Live OneCare safety scanner (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR (Version: - )
==================== Restore Points =========================
10-02-2014 19:31:49 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0154C0A6-51E7-4DE8-85FA-136835883FDA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-08-22] (Piriform Ltd)
Task: {0AE1DC1E-549C-4125-9E04-74F074A17715} - System32\Tasks\{1D950037-A881-455E-B930-76952ED22F84} => C:\Program Files\Skype\Phone\Skype.exe [2013-03-01] (Skype Technologies S.A.)
Task: {0C399BEB-CF46-4910-934E-C830EDCE2455} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1F66FDB1-AF5C-422D-B491-3BB058CDDF1C} - System32\Tasks\Software Updater Ui => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-12-18] ()
Task: {2F3AE6DA-BB0B-43A7-817B-ABFC0E20DD12} - System32\Tasks\B2CNotiAgent => C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [2011-09-28] (LG Electronics)
Task: {2F866152-B08A-4BF8-ADC0-A20A75D75B36} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {31D068BD-E9EA-49D3-A67C-74A663605B7F} - System32\Tasks\{00C9DD31-3756-42D6-BD46-060BEA52D39A} => C:\Program Files\Skype\\Phone\Skype.exe [2013-03-01] (Skype Technologies S.A.)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3DA1AB8B-D5A3-4F81-9B95-38A782E55053} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {40E6F01A-7D0B-4661-99DD-36E3E7040898} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-12-18] ()
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {49033FBF-1255-4E36-91E4-792C5097090E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-12] (Google Inc.)
Task: {4ABDD762-2BB7-40EB-AD20-868FD6D035FB} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {80149514-2CBD-4B9C-B9EB-E3B531EBC263} - System32\Tasks\Funmoods => C:\Users\HENASA~1\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {87B7FF0B-4B1F-4EA6-81B7-7F58126D03E6} - System32\Tasks\{8351B51D-20CF-459E-BF86-359CFC19F62E} => C:\Program Files\Skype\\Phone\Skype.exe [2013-03-01] (Skype Technologies S.A.)
Task: {9307F5CB-CF8F-4375-96E4-F756A87E73E3} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29] ()
Task: {940B6BCF-A8ED-471E-94EB-72B18C639343} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09] (Sun Microsystems, Inc.)
Task: {98FE7D77-AA1D-4BFE-99EC-FC9B59FD8A48} - System32\Tasks\Freemium1ClickMaint => C:\Program Files\Covus Freemium\Free System Utilities\1Click.exe [2013-02-21] ()
Task: {B568C5F8-DA1F-4F60-9758-0AA2F9C335AB} - System32\Tasks\motorola software update => C:\Program Files\Motorola\Software Update\mumservice.exe
Task: {B84D064F-A601-4489-9B86-785DF12F6CDA} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {C1367BB8-48DC-431E-973B-3471478A4509} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-30] (Google)
Task: {C5C3829E-8351-488A-BBAE-2B58FCAD079D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-141697217-1107933014-2458016846-1002Core => C:\Users\Sajad&Reshad\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {CA048E24-EF7E-47A7-B19D-7502D5F9E809} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-141697217-1107933014-2458016846-1002UA => C:\Users\Sajad&Reshad\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {D77889E9-F2C4-4F00-9C55-79A804762D6E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-12] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {E85339A6-AF7C-4D55-A184-33236D5BA833} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {FCDCF9BB-309D-4271-852C-034E852215BE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-141697217-1107933014-2458016846-1002Core.job => C:\Users\Sajad&Reshad\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-141697217-1107933014-2458016846-1002UA.job => C:\Users\Sajad&Reshad\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-11-15 16:46 - 2013-11-15 16:46 - 00821600 ____C () C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-22 14:53 - 2013-11-22 14:53 - 01952256 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\abbba0f399508efdbeaf78b2e2fa7b03\Kies.UI.ni.dll
2013-11-22 14:53 - 2013-11-22 14:53 - 00079360 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\6f25a20174765872519f821c6c68bfda\Kies.MVVM.ni.dll
2013-11-22 14:54 - 2013-11-22 14:54 - 00189952 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\891822cfc054262435c02192bb220192\Kies.Common.DeviceServiceLib.Interface.ni.dll
2013-11-22 14:54 - 2013-11-22 14:54 - 00367104 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\f8e9e990d7da96e9307421d5a315b2c2\DevicePhoto.ni.dll
2013-11-22 14:54 - 2013-11-22 14:54 - 00301568 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\3466f424f84c9d58703c8d49e3cec991\DeviceVideo.ni.dll
2013-11-22 14:54 - 2013-11-22 14:54 - 00616448 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\eeefdbf91e99a91bf0f1948d5fd68d87\DevicePodcast.ni.dll
2013-11-22 14:54 - 2013-11-22 14:54 - 00307200 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\9e97c3b33aa7fb9d900bca4f6d93ec9e\DummyStorePlugin.ni.dll
2013-11-22 14:54 - 2013-11-22 14:54 - 14972928 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\642ba04dfd0cf6b5a4bd768ab404eb4f\Kies.Theme.ni.dll
2013-11-22 14:54 - 2013-11-22 14:54 - 00581632 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\1b40bd018e69bfb3e081df88e2547003\Kies.Common.DeviceServiceLib.FileService.ni.dll
2013-11-22 14:54 - 2013-11-22 14:54 - 00046592 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\fb36527133c6a9e51f53aab9ca2faabe\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
2013-11-22 14:54 - 2013-11-22 14:54 - 01002496 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\d785f2e0cdc6d8873b86b6b266a4913d\DeviceCommonLib.ni.dll
2013-11-22 00:58 - 2013-11-22 00:58 - 00232960 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\c5efe841e2998c266e0f5e29bed04b55\ASF_cSharpAPI.ni.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 ____C () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 00170496 ____C () C:\Program Files\OpenOffice.org 3\program\libxslt.dll
2014-02-04 22:56 - 2014-02-02 00:42 - 04055368 ____C () C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-04 22:56 - 2014-02-02 00:42 - 00399688 ____C () C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-04 22:56 - 2014-02-02 00:41 - 01634632 ____C () C:\Program Files\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
2014-01-26 17:43 - 2014-01-26 17:43 - 00358400 _____ () C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.6_0\plugins\screen_capture.dll
2014-02-04 22:56 - 2014-02-02 00:42 - 13616456 ____C () C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
2014-01-17 12:04 - 2014-01-17 12:04 - 04591616 _____ () C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libglesv2.dll
2014-01-17 12:04 - 2014-01-17 12:04 - 00112128 _____ () C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:671329E4
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: B2C_AGENT => C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
MSCONFIG\startupreg: Browser companion helper => C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=kolgnaidildmdbfgdnoapjdianbpajne
MSCONFIG\startupreg: PlusService => C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
==================== Faulty Device Manager Devices =============
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: isatap.{514FEB48-714A-4513-8F99-C9DB7EA20FBA}
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : Windows cannot use this hardware device because it has been prepared for safe removal, but it has not been removed from the computer. (Code 47)
Resolution: Unplug the device, and then plug it in again. Alternately, restart the computer to make the device available.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/12/2014 11:05:02 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/12/2014 00:13:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/11/2014 07:29:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/11/2014 11:46:46 AM) (Source: .NET Runtime) (User: )
Description: Anwendung: Kies.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ComponentModel.Win32Exception
Stapel:
bei System.Diagnostics.ProcessManager.OpenProcess(Int32, Int32, Boolean)
bei System.Diagnostics.Process.GetProcessHandle(Int32, Boolean)
bei System.Diagnostics.Process.OpenProcessHandle(Int32)
bei System.Diagnostics.Process.get_Handle()
bei Kies.App.CheckExistenceTrayAgent()
bei Kies.App..ctor()
bei Kies.App.Main()
Error: (02/11/2014 11:22:01 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/10/2014 05:47:39 PM) (Source: MsiInstaller) (User: Salim-PC)
Description: Produkt: Adobe Reader X (10.1.9) - Deutsch - Update "Adobe Reader X (10.1.9)" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (02/10/2014 05:47:39 PM) (Source: MsiInstaller) (User: Salim-PC)
Description: Produkt: Adobe Reader X (10.1.9) - Deutsch -- Fehler 1606. Zugriff auf die Netzwerkadresse 0\ war nicht möglich.
Error: (02/10/2014 05:47:39 PM) (Source: MsiInstaller) (User: Salim-PC)
Description: Produkt: Adobe Reader X (10.1.9) - Deutsch -- Fehler 1606. Zugriff auf die Netzwerkadresse 0\ war nicht möglich.
Error: (02/10/2014 05:21:01 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung wmplayer.exe, Version 11.0.6002.18311, Zeitstempel 0x4c8e2d72, fehlerhaftes Modul kernel32.dll, Version 6.0.6002.18704, Zeitstempel 0x5065ccb6, Ausnahmecode 0x0000046b, Fehleroffset 0x0003fc16,
Prozess-ID 0x16fc, Anwendungsstartzeit wmplayer.exe0.
Error: (02/10/2014 05:17:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (02/12/2014 00:01:31 PM) (Source: Service Control Manager) (User: )
Description: UPnP-GerätehostSSDP-Suche%%1058
Error: (02/12/2014 11:26:37 AM) (Source: Service Control Manager) (User: )
Description: UPnP-GerätehostSSDP-Suche%%1058
Error: (02/12/2014 11:19:05 AM) (Source: Service Control Manager) (User: )
Description: UPnP-GerätehostSSDP-Suche%%1058
Error: (02/12/2014 11:17:08 AM) (Source: Service Control Manager) (User: )
Description: UPnP-GerätehostSSDP-Suche%%1058
Error: (02/12/2014 11:11:12 AM) (Source: Service Control Manager) (User: )
Description: UPnP-GerätehostSSDP-Suche%%1058
Error: (02/12/2014 11:11:12 AM) (Source: DCOM) (User: )
Description: 1068upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}
Error: (02/12/2014 11:10:02 AM) (Source: Service Control Manager) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1068
Error: (02/12/2014 11:10:02 AM) (Source: Service Control Manager) (User: )
Description: UPnP-GerätehostSSDP-Suche%%1058
Error: (02/12/2014 11:05:59 AM) (Source: Service Control Manager) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1068
Error: (02/12/2014 11:05:59 AM) (Source: Service Control Manager) (User: )
Description: UPnP-GerätehostSSDP-Suche%%1058
Microsoft Office Sessions:
=========================
Error: (02/12/2014 11:05:02 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/12/2014 00:13:37 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/11/2014 07:29:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/11/2014 11:46:46 AM) (Source: .NET Runtime)(User: )
Description: Anwendung: Kies.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ComponentModel.Win32Exception
Stapel:
bei System.Diagnostics.ProcessManager.OpenProcess(Int32, Int32, Boolean)
bei System.Diagnostics.Process.GetProcessHandle(Int32, Boolean)
bei System.Diagnostics.Process.OpenProcessHandle(Int32)
bei System.Diagnostics.Process.get_Handle()
bei Kies.App.CheckExistenceTrayAgent()
bei Kies.App..ctor()
bei Kies.App.Main()
Error: (02/11/2014 11:22:01 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/10/2014 05:47:39 PM) (Source: MsiInstaller)(User: Salim-PC)
Description: Adobe Reader X (10.1.9) - DeutschAdobe Reader X (10.1.9)1603(NULL)(NULL)
Error: (02/10/2014 05:47:39 PM) (Source: MsiInstaller)(User: Salim-PC)
Description: Produkt: Adobe Reader X (10.1.9) - Deutsch -- Fehler 1606. Zugriff auf die Netzwerkadresse 0\ war nicht möglich.(NULL)(NULL)(NULL)(NULL)
Error: (02/10/2014 05:47:39 PM) (Source: MsiInstaller)(User: Salim-PC)
Description: Produkt: Adobe Reader X (10.1.9) - Deutsch -- Fehler 1606. Zugriff auf die Netzwerkadresse 0\ war nicht möglich.(NULL)(NULL)(NULL)(NULL)
Error: (02/10/2014 05:21:01 PM) (Source: Application Error)(User: )
Description: wmplayer.exe11.0.6002.183114c8e2d72kernel32.dll6.0.6002.187045065ccb60000046b0003fc1616fc01cf267bb71497fe
Error: (02/10/2014 05:17:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-02-12 15:45:20.092
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-12 15:45:19.757
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-12 15:45:19.372
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-12 15:45:19.012
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-12 15:45:14.763
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-12 15:45:14.424
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-12 15:45:14.061
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-12 15:45:13.688
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-17 11:44:33.864
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140110.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-17 11:44:33.509
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140110.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 59%
Total physical RAM: 3325.27 MB
Available physical RAM: 1333.29 MB
Total Pagefile: 6846.46 MB
Available Pagefile: 4607.11 MB
Total Virtual: 2047.88 MB
Available Virtual: 1890.68 MB
==================== Drives ================================
Drive c: (BOOT) (Fixed) (Total:911.51 GB) (Free:269.62 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:7.63 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: F98D6E74)
Partition 1: (Active) - (Size=912 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)
==================== End Of Log ============================
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-02-2014 01
Ran by Sajad&Reshad (administrator) on SALIM-PC on 12-02-2014 15:44:50
Running from C:\Users\Sajad&Reshad\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files\devolo\dlan\devolonetsvc.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\system32\PSIService.exe
() C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe
() C:\Program Files\Cyberlink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Spotify Ltd) C:\Users\Sajad&Reshad\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-08] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6724128 2009-02-03] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-02-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKLM\...\Policies\Explorer: [UseDefaultTile] 0
HKLM\...\Policies\Explorer: [NoWelcomeScreen] 0
HKU\.DEFAULT\...\Policies\system: [NoDispCPL] 0
HKU\.DEFAULT\...\Policies\system: [NoDispAppearancePage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispBackgroundPage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispScrSavPage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispSettingsPage] 0
HKU\.DEFAULT\...\Policies\system: [NoColorChoice] 0
HKU\.DEFAULT\...\Policies\system: [DontDisplayLogonHoursWarnings] 0
HKU\.DEFAULT\...\Policies\system: [DisableLockWorkstation] 0
HKU\.DEFAULT\...\Policies\system: [DisableChangePassword] 0
HKU\.DEFAULT\...\Policies\system: [HideLogonScripts] 0
HKU\.DEFAULT\...\Policies\system: [HideLogoffScripts] 0
HKU\.DEFAULT\...\Policies\system: [HideLegacyLogonScripts] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoThemesTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoAddPrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [RestrictCpl] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisallowCpl] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDrivesInSendToMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [RestrictRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRecycleFiles] 0
HKU\.DEFAULT\...\Policies\Explorer: [PreventItemCreationInUsersFilesFolder] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoReadingPane] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoPreviewPane] 0
HKU\.DEFAULT\...\Policies\Explorer: [DontSetAutoplayCheckbox] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoPropertiesMyDocuments] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoPropertiesRecycleBin] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoManageMyComputerVerb] 0
HKU\.DEFAULT\...\Policies\Explorer: [ClassicShell] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoCustomizeWebView] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFileMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoWinKeys] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSecurityTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableThumbnails] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableThumbnailsOnNetworkFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoInstrumentation] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoCustomizeThisFolder] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoWebView] 0
HKU\.DEFAULT\...\Policies\Explorer: [DontShowSuperHidden] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoOnlinePrintsWizard] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoPublishingWizard] 0
HKU\.DEFAULT\...\Policies\Explorer: [AlwaysShowClassicMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [ClearRecentProgForNewUserInStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoUserFolderInStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSearchComputerLinkInStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSearchProgramsInStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSearchInternetInStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSearchFilesInStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSearchCommInStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSMConfigurePrograms] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRecentDocsMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSMMyPictures] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuMyMusic] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSMMyDocs] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuNetworkPlaces] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFavoritesMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHelp] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoNetworkConnections] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFind] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoCommonGroups] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuPinnedList] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuMorePrograms] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuEjectPC] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSimpleStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [ForceStartMenuLogoff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDisconnect] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoNtSecurity] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [GreyMSIAds] 0
HKU\.DEFAULT\...\Policies\Explorer: [ForceMaxRecentDocs] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuMyGames] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSMBalloonTip] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSMBalloonTips] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\.DEFAULT\...\Policies\Explorer: [LockTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAVolume] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCANetwork] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAPower] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCABattery] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoToolbarsOnTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTaskGrouping] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoThumbnail] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarLockAll] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoResize] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoAddRemoveToolbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoDragToolbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoRedock] 0
HKU\.DEFAULT\...\Policies\Explorer: [RestrictWelcomeCenter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoWebServices] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFileUrl] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoInternetIcon] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoBandCustomize] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoToolbarCustomize] 0
HKU\.DEFAULT\...\Policies\Explorer: [SpecifyDefaultButtons] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoInplaceSharing] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoNetHood] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoNetConnectDisconnect] 0
HKU\.DEFAULT\...\Policies\Explorer: [UseFoldersInStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [TurnOffSPIAnimations] 0
HKU\.DEFAULT\...\Policies\Explorer: [EnforceShellExtensionSecurity] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoLogOff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\.DEFAULT\...\Policies\Explorer: [PromptRunasInstallNetPath] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0
HKU\.DEFAULT\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDesktopCleanupWizard] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoThumbnailCache] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoCDBurning] 0
HKU\.DEFAULT\...\Policies\Explorer: [ForceCopyAclwithFile] 0
HKU\.DEFAULT\...\Policies\Explorer: [StartRunNoHOMEPATH] 0
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Run: [Facebook Update] - C:\Users\Sajad&Reshad\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Run: [rfxsrvtray] - C:\Program Files\Tobit Radio.fx\Client\rfx-tray.exe [1838872 2013-02-07] (Tobit.Software)
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2013-10-30] (Samsung Electronics)
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Run: [Spotify] - C:\Users\Sajad&Reshad\AppData\Roaming\Spotify\spotify.exe [6118400 2014-01-16] (Spotify Ltd)
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Run: [Spotify Web Helper] - C:\Users\Sajad&Reshad\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-16] (Spotify Ltd)
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [NoDispCPL] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [NoDispScrSavPage] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [NoColorChoice] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [DontDisplayLogonHoursWarnings] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [HideLogonScripts] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [HideLogoffScripts] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [HideLegacyLogonScripts] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoThemesTab] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoAddPrinter] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [RestrictCpl] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [DisallowCpl] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoDrivesInSendToMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoRecycleFiles] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [PreventItemCreationInUsersFilesFolder] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoReadingPane] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoPreviewPane] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [DontSetAutoplayCheckbox] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoPropertiesMyDocuments] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoPropertiesRecycleBin] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoManageMyComputerVerb] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [ClassicShell] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoCustomizeWebView] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoFileMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoWinKeys] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSecurityTab] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [DisableThumbnails] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [DisableThumbnailsOnNetworkFolders] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoInstrumentation] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoCustomizeThisFolder] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoWebView] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [DontShowSuperHidden] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoOnlinePrintsWizard] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoPublishingWizard] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [AlwaysShowClassicMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [ClearRecentProgForNewUserInStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoUserFolderInStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSearchComputerLinkInStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSearchProgramsInStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSearchInternetInStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSearchFilesInStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSearchCommInStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSMConfigurePrograms] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoRecentDocsMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSMMyPictures] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoStartMenuMyMusic] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSMMyDocs] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoStartMenuNetworkPlaces] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoFavoritesMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoHelp] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoNetworkConnections] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoCommonGroups] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoStartMenuPinnedList] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoStartMenuMorePrograms] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoStartMenuEjectPC] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSimpleStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [ForceStartMenuLogoff] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoDisconnect] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoNtSecurity] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [GreyMSIAds] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [ForceMaxRecentDocs] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoStartMenuMyGames] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSMBalloonTip] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSMBalloonTips] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [LockTaskbar] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [HideSCANetwork] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [HideSCAPower] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [HideSCABattery] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoToolbarsOnTaskbar] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoTaskGrouping] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [TaskbarNoThumbnail] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [TaskbarLockAll] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [TaskbarNoResize] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [TaskbarNoAddRemoveToolbar] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [TaskbarNoDragToolbar] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [TaskbarNoRedock] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [RestrictWelcomeCenter] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoWebServices] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoFileUrl] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoInternetIcon] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoBandCustomize] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoToolbarCustomize] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [SpecifyDefaultButtons] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoInplaceSharing] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoNetHood] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoNetConnectDisconnect] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [UseFoldersInStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [TurnOffSPIAnimations] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [EnforceShellExtensionSecurity] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [PromptRunasInstallNetPath] 1
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoDesktopCleanupWizard] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoThumbnailCache] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [ForceCopyAclwithFile] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [StartRunNoHOMEPATH] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\MountPoints2: {71b36982-d665-11e2-a721-e97a86892c37} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\MountPoints2: {cabc7c11-0992-11e3-83a6-d92e0c795e46} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\MountPoints2: {e84a85c2-d358-11e2-8347-8d20f8ced606} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\MountPoints2: {fdeffac7-d60a-11df-a914-f6f0b44ee792} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\m.exe /s
Startup: C:\Users\Hena Salim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Hena Salim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Hena Salim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Hena Salim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.lnk
ShortcutTarget: OpenOffice.org 3.4.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Sajad&Reshad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\salim sayed nesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\salim sayed nesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\salim sayed nesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.lnk
ShortcutTarget: OpenOffice.org 3.4.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
URLSearchHook: HKCU - (No Name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - No File
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms}
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms}
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2567732
SearchScopes: HKCU - {043C5167-00BB-4324-AF7E-62013FAEDACF} URL = hxxp://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CEDA0022436BC047&affID=120695&tsp=4930
SearchScopes: HKCU - {1F096B29-E9DA-4D64-8D63-936BE7762CC5} URL = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=cedae390000000000000000000000000&tlver=1.4.19.19&ss=1&affID=17395
SearchScopes: HKCU - {3FE66EBF-FDA2-4D92-AFCA-EF3671EA726B} URL = hxxp://start.funmoods.com/results.php?f=4&a=ironto&q={searchTerms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Messenger Plus! Community Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/mjss/MJSS.cab109791.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldde-de.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Sajad&Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\ait65kmg.default
FF user.js: detected! => C:\Users\Sajad&Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\ait65kmg.default\user.js
FF NetworkProxy: "type", 0
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @google.com/npPicasa2,version=2.0.0 - C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Sajad&Reshad\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll (vShare.tv )
FF SearchPlugin: C:\Users\Sajad&Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\ait65kmg.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Sajad&Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\ait65kmg.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Sajad&Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\ait65kmg.default\searchplugins\funmoods.xml
FF SearchPlugin: C:\Users\Sajad&Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\ait65kmg.default\searchplugins\startsear.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF Extension: Babylon - C:\Users\Sajad&Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\ait65kmg.default\Extensions\ffxtlbr@babylon.com [2012-06-20]
FF Extension: Funmoods.com - C:\Users\Sajad&Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\ait65kmg.default\Extensions\ffxtlbr@funmoods.com [2012-05-08]
FF Extension: Adblock Plus - C:\Users\Sajad&Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\ait65kmg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-09-23]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2011-11-04]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-01-08]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-15]
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AdobeExManDetect) - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
CHR Plugin: (AdobeAAMDetect) - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Picasa) - C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
CHR Plugin: (Picasa) - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Sajad&Reshad\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Sajad&Reshad\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2013-03-31]
CHR Extension: (Google Docs) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-31]
CHR Extension: (Google Drive) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-31]
CHR Extension: (YouTube) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-31]
CHR Extension: (Google-Suche) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-31]
CHR Extension: (AdBlock) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-03-31]
CHR Extension: (Dolce&Gabbana) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpfbmpaebheclpaopjodkelcihldloih [2013-03-31]
CHR Extension: (Norton Identity Protection) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-03-31]
CHR Extension: (FastestFox – Schneller browsen) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2013-07-01]
CHR Extension: (Google Wallet) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Mehr Leistung und Videoformate fr dein HTML5 video) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-03-31]
CHR Extension: (Google Mail) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-31]
CHR HKLM\...\Chrome\Extension: [kolgnaidildmdbfgdnoapjdianbpajne] - C:\Program Files\BrowserCompanion\blabbers-ch.crx [2013-03-31]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx [2013-11-14]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
========================== Services (Whitelisted) =================
R3 Blackberry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited)
R2 DevoloNetworkService; C:\Program Files\devolo\dlan\devolonetsvc.exe [3526136 2013-08-27] (devolo AG)
S2 gupdate1ca02dd937b7196; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-07-12] (Google Inc.)
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-10] (Nero AG)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 Radio.fx; C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] ()
R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [247152 2009-02-25] ()
S2 SystemStoreService; C:\Program Files\SoftwareUpdater\SystemStore.exe [297984 2014-02-12] ()
==================== Drivers (Whitelisted) ====================
S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [489408 2009-11-05] (ITETech )
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2008-09-05] (AVM Berlin)
R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx86.sys [1098968 2013-12-18] (Symantec Corporation)
S3 camfilt2; C:\Windows\System32\Drivers\camfilt2.sys [94208 2007-05-29] (Guillemot Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1501000.012\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-12-15] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-11-21] (Symantec Corporation)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-10-30] ()
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [265088 2008-09-05] (AVM GmbH)
R3 hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [99968 2009-02-08] (Guillemot Corporation)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140211.001\IDSvix86.sys [394456 2014-01-21] (Symantec Corporation)
R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.)
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140211.033\NAVENG.SYS [93272 2013-12-15] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140211.033\NAVEX15.SYS [1612376 2013-12-15] (Symantec Corporation)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [554496 2007-09-21] (Ralink Technology Corp.)
R2 NPF_devolo; C:\Windows\system32\drivers\npf_devolo.sys [35840 2013-08-21] (CACE Technologies)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3482112 2009-04-22] ()
R3 SRTSP; C:\Windows\System32\Drivers\NIS\1501000.012\SRTSP.SYS [651352 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1501000.012\SRTSPX.SYS [32344 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1501000.012\SYMDS.SYS [367704 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1501000.012\SYMEFA.SYS [935512 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2013-11-14] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [63576 2013-09-10] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1501000.012\Ironx86.SYS [206936 2013-09-27] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1501000.012\SYMTDIV.SYS [383576 2013-09-26] (Symantec Corporation)
S3 TIEHDUSB; C:\Windows\System32\drivers\tiehdusb.sys [49536 2004-02-04] (Texas Instruments Incorporated)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\HomeCinema\PowerDVD9\000.fcl [87536 2009-03-30] (CyberLink Corp.)
S3 Afc; system32\drivers\Afc.sys [X]
S3 Andbus; system32\DRIVERS\lgandbus.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [X]
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [X]
S3 HtcVCom32; system32\DRIVERS\HtcVComV32.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 MotDev; system32\DRIVERS\motodrv.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-12 15:44 - 2014-02-12 15:45 - 00051388 _____ () C:\Users\Sajad&Reshad\Downloads\FRST.txt
2014-02-12 15:44 - 2014-02-12 15:44 - 00000000 ___DC () C:\FRST
2014-02-12 15:43 - 2014-02-12 15:43 - 00000000 ____D () C:\Users\Sajad&Reshad\Desktop\scheiß trojaner
2014-02-12 15:42 - 2014-02-12 15:43 - 00000486 _____ () C:\Users\Sajad&Reshad\Downloads\defogger_disable.log
2014-02-12 15:42 - 2014-02-12 15:42 - 00000000 _____ () C:\Users\Sajad&Reshad\defogger_reenable
2014-02-12 15:41 - 2014-02-12 15:41 - 01139712 _____ (Farbar) C:\Users\Sajad&Reshad\Downloads\FRST.exe
2014-02-12 15:41 - 2014-02-12 15:41 - 00050477 _____ () C:\Users\Sajad&Reshad\Downloads\Defogger.exe
2014-02-12 11:33 - 2014-02-12 12:32 - 180395067 _____ () C:\Users\Sajad&Reshad\Downloads\13450_psprt.rar
2014-02-11 14:13 - 2014-02-11 14:13 - 00017068 _____ () C:\Users\Sajad&Reshad\Desktop\lebenslauf.odt
2014-02-10 17:22 - 2014-02-10 17:26 - 00000000 ____D () C:\Users\Sajad&Reshad\Desktop\Studium
2014-02-08 21:06 - 2014-02-08 21:08 - 03715736 _____ () C:\Users\Sajad&Reshad\Downloads\Lodovico Satana - Lob des Sexismus - Frauen verstehen verfuehren und behalten.rar
2014-02-06 14:42 - 2014-02-06 15:33 - 156544276 _____ () C:\Users\Sajad&Reshad\Downloads\The Weeknd - Kiss Land (Deluxe Edition) (2013).015.rar
2014-02-06 14:16 - 2014-02-06 14:18 - 25180430 _____ () C:\Users\Sajad&Reshad\Downloads\Chris James feat. Pusha T - Love Hates Me [EP] (iTunes).zip
2014-02-02 18:59 - 2014-02-02 19:01 - 06879828 _____ () C:\Users\Sajad&Reshad\Downloads\Mobb Deep - Taking You off Here (iTunes).m4a
2014-02-02 18:58 - 2014-02-02 19:07 - 103246267 _____ () C:\Users\Sajad&Reshad\Downloads\Toni Braxton & Babyface - Love, Marriage & Divorce (Album) [mp3].zip
2014-01-31 00:46 - 2014-01-31 01:44 - 175553038 _____ () C:\Users\Sajad&Reshad\Downloads\gapogmtkaorgapo.rar
2014-01-31 00:40 - 2014-01-31 00:41 - 102933243 _____ () C:\Users\Sajad&Reshad\Downloads\Lana Del Rey - Quiet Now + From the End [EP].zip
2014-01-30 02:54 - 2014-01-30 02:54 - 00159472 _____ () C:\Windows\Minidump\Mini013014-01.dmp
2014-01-28 14:37 - 2014-01-28 14:37 - 09799895 _____ () C:\Users\Sajad&Reshad\Downloads\01 Radioactive (ft. Kendrick Lamar).m4a
2014-01-28 14:15 - 2014-01-28 14:15 - 07562012 _____ () C:\Users\Sajad&Reshad\Downloads\Romeo Santos feat. Drake - Odio (iTunes).m4a
2014-01-28 14:11 - 2014-01-28 14:22 - 99277397 _____ () C:\Users\Sajad&Reshad\Downloads\Isaiah Rashad - Cilvia Demo (iTunes).zip
2014-01-28 14:08 - 2014-01-28 14:08 - 05807244 _____ () C:\Users\Sajad&Reshad\Downloads\Icona Pop - Just Another Night (Radio Edit) [iTunes].m4a
2014-01-28 14:07 - 2014-01-28 14:08 - 08908716 _____ () C:\Users\Sajad&Reshad\Downloads\Steve Aoki & Coone - Can't Stop The Swag (iTunes).m4a
2014-01-27 20:55 - 2014-01-27 20:55 - 00020881 _____ () C:\Users\Sajad&Reshad\Desktop\hena präsentation1.odt
2014-01-27 18:01 - 2014-01-27 18:01 - 00163584 _____ () C:\Windows\Minidump\Mini012714-01.dmp
2014-01-27 15:28 - 2014-01-27 15:41 - 114695789 _____ () C:\Users\Sajad&Reshad\Downloads\Ace Hood - Starvation 3 (Mixtape).zip
2014-01-27 15:27 - 2014-01-27 16:10 - 131412094 _____ () C:\Users\Sajad&Reshad\Downloads\1Krewella - Get Wet (Deluxe Edition) (2013).rar
2014-01-26 18:13 - 2014-01-26 18:14 - 08627674 _____ () C:\Users\Sajad&Reshad\Downloads\Will.i.am feat. Miley Cyrus, Wiz Khalifa, French Montana & DJ Mustard - Feelin' Myself (iTunes).m4a
2014-01-24 19:16 - 2014-01-24 19:16 - 00001668 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-24 19:15 - 2014-01-24 19:16 - 00000000 ___DC () C:\Program Files\iTunes
2014-01-24 19:15 - 2014-01-24 19:16 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-01-24 19:15 - 2014-01-24 19:15 - 00000000 ___DC () C:\Program Files\iPod
2014-01-24 14:10 - 2014-01-24 14:10 - 00000000 ___DC () C:\iPod
2014-01-24 00:50 - 2014-01-24 00:50 - 00029220 _____ () C:\Users\Sajad&Reshad\Downloads\Fachbegriffe.odt
2014-01-21 22:41 - 2014-01-21 23:17 - 111618810 _____ () C:\Users\Sajad&Reshad\Downloads\11896__cspr.rar
2014-01-19 20:32 - 2014-01-19 21:18 - 00024079 _____ () C:\Users\Sajad&Reshad\Downloads\werden frauen vom islam unterdrückt.odt
2014-01-19 13:55 - 2014-01-19 13:55 - 06307118 _____ () C:\Users\Sajad&Reshad\Downloads\TbR_Moroff.zip
2014-01-18 11:08 - 2014-01-18 11:09 - 126131443 _____ () C:\Users\Sajad&Reshad\Downloads\Starvation_3-(DatPiff.com).zip
2014-01-16 17:48 - 2014-01-16 17:49 - 00016352 _____ () C:\Users\Sajad&Reshad\Documents\Handout Zirkeltraining.odt
2014-01-15 12:14 - 2014-01-15 12:14 - 00033882 _____ () C:\Users\Sajad&Reshad\Documents\China.odt
2014-01-13 00:52 - 2014-01-13 01:04 - 153286058 _____ () C:\Users\Sajad&Reshad\Downloads\Kurdo - 2014 - SDM PE.rar
2014-01-13 00:48 - 2014-01-13 01:36 - 147857949 _____ () C:\Users\Sajad&Reshad\Downloads\sumcemona1...shiiit.rar
==================== One Month Modified Files and Folders =======
2014-02-12 15:45 - 2014-02-12 15:44 - 00051388 _____ () C:\Users\Sajad&Reshad\Downloads\FRST.txt
2014-02-12 15:44 - 2014-02-12 15:44 - 00000000 ___DC () C:\FRST
2014-02-12 15:43 - 2014-02-12 15:43 - 00000000 ____D () C:\Users\Sajad&Reshad\Desktop\scheiß trojaner
2014-02-12 15:43 - 2014-02-12 15:42 - 00000486 _____ () C:\Users\Sajad&Reshad\Downloads\defogger_disable.log
2014-02-12 15:42 - 2014-02-12 15:42 - 00000000 _____ () C:\Users\Sajad&Reshad\defogger_reenable
2014-02-12 15:42 - 2009-07-03 21:38 - 00000000 ____D () C:\Users\Sajad&Reshad
2014-02-12 15:41 - 2014-02-12 15:41 - 01139712 _____ (Farbar) C:\Users\Sajad&Reshad\Downloads\FRST.exe
2014-02-12 15:41 - 2014-02-12 15:41 - 00050477 _____ () C:\Users\Sajad&Reshad\Downloads\Defogger.exe
2014-02-12 15:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\tracing
2014-02-12 15:32 - 2009-07-03 21:38 - 00000000 ___RD () C:\Users\Sajad&Reshad\Musik
2014-02-12 15:05 - 2009-07-03 20:08 - 01722086 _____ () C:\Windows\WindowsUpdate.log
2014-02-12 15:03 - 2006-11-02 13:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-12 15:03 - 2006-11-02 13:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-12 14:51 - 2013-07-15 14:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-12 14:48 - 2009-07-12 11:52 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-12 12:57 - 2011-08-25 23:47 - 00001166 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-141697217-1107933014-2458016846-1002UA.job
2014-02-12 12:32 - 2014-02-12 11:33 - 180395067 _____ () C:\Users\Sajad&Reshad\Downloads\13450_psprt.rar
2014-02-12 11:48 - 2009-07-12 11:52 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-12 11:22 - 2006-11-02 11:33 - 01560144 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-12 11:19 - 2013-12-28 13:21 - 00000000 ____D () C:\Users\Sajad&Reshad\AppData\Roaming\Spotify
2014-02-12 11:12 - 2010-12-20 16:21 - 00000868 _____ () C:\Windows\Tasks\Google Software Updater.job
2014-02-12 11:10 - 2010-05-09 17:07 - 00271575 _____ () C:\ProgramData\nvModes.dat
2014-02-12 11:10 - 2010-05-09 17:07 - 00271575 _____ () C:\ProgramData\nvModes.001
2014-02-12 11:09 - 2013-12-21 03:18 - 00000000 ____D () C:\Users\Sajad&Reshad\AppData\Local\HTC MediaHub
2014-02-12 11:05 - 2006-11-02 13:37 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-12 11:03 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-12 02:53 - 2006-11-02 14:01 - 00032534 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-12 00:57 - 2011-08-25 23:47 - 00001144 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-141697217-1107933014-2458016846-1002Core.job
2014-02-11 14:13 - 2014-02-11 14:13 - 00017068 _____ () C:\Users\Sajad&Reshad\Desktop\lebenslauf.odt
2014-02-11 11:50 - 2009-08-25 19:02 - 00000000 ____D () C:\Users\salim sayed nesar\AppData\Roaming\Skype
2014-02-11 11:45 - 2013-12-28 13:22 - 00000000 ____D () C:\Users\Sajad&Reshad\AppData\Local\Spotify
2014-02-11 11:24 - 2013-06-24 18:48 - 00000000 ____D () C:\Users\salim sayed nesar\AppData\Local\HTC MediaHub
2014-02-11 11:22 - 2009-07-03 20:31 - 00133432 _____ () C:\Users\salim sayed nesar\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-10 17:26 - 2014-02-10 17:22 - 00000000 ____D () C:\Users\Sajad&Reshad\Desktop\Studium
2014-02-10 17:21 - 2011-12-04 20:23 - 00000000 ____D () C:\Users\Sajad&Reshad\AppData\Local\CrashDumps
2014-02-09 21:48 - 2013-08-23 22:24 - 00022111 _____ () C:\Windows\setupact.log
2014-02-08 21:08 - 2014-02-08 21:06 - 03715736 _____ () C:\Users\Sajad&Reshad\Downloads\Lodovico Satana - Lob des Sexismus - Frauen verstehen verfuehren und behalten.rar
2014-02-06 20:00 - 2009-07-05 11:27 - 00000000 ____D () C:\Users\Sajad&Reshad\AppData\Local\Adobe
2014-02-06 15:33 - 2014-02-06 14:42 - 156544276 _____ () C:\Users\Sajad&Reshad\Downloads\The Weeknd - Kiss Land (Deluxe Edition) (2013).015.rar
2014-02-06 14:18 - 2014-02-06 14:16 - 25180430 _____ () C:\Users\Sajad&Reshad\Downloads\Chris James feat. Pusha T - Love Hates Me [EP] (iTunes).zip
2014-02-06 14:13 - 2012-05-08 19:42 - 00000000 ____D () C:\Users\Sajad&Reshad\Documents\TubeBox
2014-02-05 19:51 - 2012-07-27 13:56 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-05 19:51 - 2011-06-06 17:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-04 22:57 - 2013-03-31 19:45 - 00001967 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-04 11:57 - 2013-09-17 16:07 - 00043198 _____ () C:\Windows\PFRO.log
2014-02-02 19:07 - 2014-02-02 18:58 - 103246267 _____ () C:\Users\Sajad&Reshad\Downloads\Toni Braxton & Babyface - Love, Marriage & Divorce (Album) [mp3].zip
2014-02-02 19:01 - 2014-02-02 18:59 - 06879828 _____ () C:\Users\Sajad&Reshad\Downloads\Mobb Deep - Taking You off Here (iTunes).m4a
2014-01-31 01:44 - 2014-01-31 00:46 - 175553038 _____ () C:\Users\Sajad&Reshad\Downloads\gapogmtkaorgapo.rar
2014-01-31 00:41 - 2014-01-31 00:40 - 102933243 _____ () C:\Users\Sajad&Reshad\Downloads\Lana Del Rey - Quiet Now + From the End [EP].zip
2014-01-30 02:54 - 2014-01-30 02:54 - 00159472 _____ () C:\Windows\Minidump\Mini013014-01.dmp
2014-01-30 02:54 - 2013-11-21 05:26 - 497241836 _____ () C:\Windows\MEMORY.DMP
2014-01-30 02:54 - 2010-01-16 13:54 - 00000000 ____D () C:\Windows\Minidump
2014-01-28 14:37 - 2014-01-28 14:37 - 09799895 _____ () C:\Users\Sajad&Reshad\Downloads\01 Radioactive (ft. Kendrick Lamar).m4a
2014-01-28 14:22 - 2014-01-28 14:11 - 99277397 _____ () C:\Users\Sajad&Reshad\Downloads\Isaiah Rashad - Cilvia Demo (iTunes).zip
2014-01-28 14:15 - 2014-01-28 14:15 - 07562012 _____ () C:\Users\Sajad&Reshad\Downloads\Romeo Santos feat. Drake - Odio (iTunes).m4a
2014-01-28 14:08 - 2014-01-28 14:08 - 05807244 _____ () C:\Users\Sajad&Reshad\Downloads\Icona Pop - Just Another Night (Radio Edit) [iTunes].m4a
2014-01-28 14:08 - 2014-01-28 14:07 - 08908716 _____ () C:\Users\Sajad&Reshad\Downloads\Steve Aoki & Coone - Can't Stop The Swag (iTunes).m4a
2014-01-27 20:55 - 2014-01-27 20:55 - 00020881 _____ () C:\Users\Sajad&Reshad\Desktop\hena präsentation1.odt
2014-01-27 18:01 - 2014-01-27 18:01 - 00163584 _____ () C:\Windows\Minidump\Mini012714-01.dmp
2014-01-27 16:10 - 2014-01-27 15:27 - 131412094 _____ () C:\Users\Sajad&Reshad\Downloads\1Krewella - Get Wet (Deluxe Edition) (2013).rar
2014-01-27 15:41 - 2014-01-27 15:28 - 114695789 _____ () C:\Users\Sajad&Reshad\Downloads\Ace Hood - Starvation 3 (Mixtape).zip
2014-01-26 18:14 - 2014-01-26 18:13 - 08627674 _____ () C:\Users\Sajad&Reshad\Downloads\Will.i.am feat. Miley Cyrus, Wiz Khalifa, French Montana & DJ Mustard - Feelin' Myself (iTunes).m4a
2014-01-25 19:04 - 2010-10-21 20:46 - 00002344 ____H () C:\Users\Sajad&Reshad\Downloads\.picasa.ini
2014-01-24 19:16 - 2014-01-24 19:16 - 00001668 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-24 19:16 - 2014-01-24 19:15 - 00000000 ___DC () C:\Program Files\iTunes
2014-01-24 19:16 - 2014-01-24 19:15 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-01-24 19:15 - 2014-01-24 19:15 - 00000000 ___DC () C:\Program Files\iPod
2014-01-24 19:15 - 2011-04-23 20:54 - 00000000 ___DC () C:\Program Files\Common Files\Apple
2014-01-24 19:05 - 2011-04-23 20:54 - 00000000 ____D () C:\ProgramData\Apple
2014-01-24 14:10 - 2014-01-24 14:10 - 00000000 ___DC () C:\iPod
2014-01-24 00:50 - 2014-01-24 00:50 - 00029220 _____ () C:\Users\Sajad&Reshad\Downloads\Fachbegriffe.odt
2014-01-21 23:17 - 2014-01-21 22:41 - 111618810 _____ () C:\Users\Sajad&Reshad\Downloads\11896__cspr.rar
2014-01-19 21:18 - 2014-01-19 20:32 - 00024079 _____ () C:\Users\Sajad&Reshad\Downloads\werden frauen vom islam unterdrückt.odt
2014-01-19 13:55 - 2014-01-19 13:55 - 06307118 _____ () C:\Users\Sajad&Reshad\Downloads\TbR_Moroff.zip
2014-01-18 11:09 - 2014-01-18 11:08 - 126131443 _____ () C:\Users\Sajad&Reshad\Downloads\Starvation_3-(DatPiff.com).zip
2014-01-16 17:49 - 2014-01-16 17:48 - 00016352 _____ () C:\Users\Sajad&Reshad\Documents\Handout Zirkeltraining.odt
2014-01-16 17:28 - 2012-11-27 00:39 - 00029481 _____ () C:\Users\Sajad&Reshad\Desktop\Zirkeltraining Ausarbeitung.odt
2014-01-16 01:18 - 2013-07-29 02:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 01:15 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-15 14:20 - 2012-09-23 20:00 - 00000000 ____D () C:\Users\Sajad&Reshad\Desktop\1 GB USB-Stick
2014-01-15 12:46 - 2012-11-15 01:54 - 00023015 _____ () C:\Users\Sajad&Reshad\Desktop\zirkeltraining.odt
2014-01-15 12:14 - 2014-01-15 12:14 - 00033882 _____ () C:\Users\Sajad&Reshad\Documents\China.odt
2014-01-14 01:35 - 2013-07-08 03:47 - 00021872 _____ () C:\Users\Sajad&Reshad\Documents\Motivationsschreiben Hochschule Karlsruhe.odt
2014-01-13 01:36 - 2014-01-13 00:48 - 147857949 _____ () C:\Users\Sajad&Reshad\Downloads\sumcemona1...shiiit.rar
2014-01-13 01:04 - 2014-01-13 00:52 - 153286058 _____ () C:\Users\Sajad&Reshad\Downloads\Kurdo - 2014 - SDM PE.rar
Files to move or delete:
====================
C:\Users\Sajad&Reshad\hpothb07.dat
C:\Users\salim sayed nesar\hpothb07.dat
Some content of TEMP:
====================
C:\Users\Hena Salim\AppData\Local\Temp\DivXSetup.exe
C:\Users\Hena Salim\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Hena Salim\AppData\Local\Temp\Update_b703.exe
C:\Users\Hena Salim\AppData\Local\Temp\wlsetup-cvr.exe
C:\Users\Sajad&Reshad\AppData\Local\Temp\a1ziquhr.dll
C:\Users\Sajad&Reshad\AppData\Local\Temp\fhxpdjcj.dll
C:\Users\Sajad&Reshad\AppData\Local\Temp\MsgPlusUninstall.exe
C:\Users\Sajad&Reshad\AppData\Local\Temp\pa4oaquk.dll
C:\Users\Sajad&Reshad\AppData\Local\Temp\uninst1.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\DivXSetup.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\FlashPlayerUpdate02.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\FlashPlayerUpdate03.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\GoogleChromeInstaller.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\jre-6u17-windows-i586-iftw-rv.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\MessengerPlusLive_Germany_TB.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\Messenger_Plus_Live_Germany.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\MSNA1F9.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\SkypeSetup.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\Update_17d9.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\Update_5868.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\Update_8186.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\Update_8afb.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\Update_8c99.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\Update_ea88.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\_is3C2C.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\_isC3EA.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-12 11:15
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-02-12 16:58:32
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.ST6O 931,51GB
Running: s54m59e0.exe; Driver: C:\Users\SAJAD&~1\AppData\Local\Temp\fwloypod.sys
---- System - GMER 2.1 ----
SSDT 8B9AD9A8 ZwAlertResumeThread
SSDT 8B9ADA40 ZwAlertThread
SSDT 8B9ABB60 ZwAllocateVirtualMemory
SSDT 8B0756C0 ZwAlpcConnectPort
SSDT 8B9AFD88 ZwAssignProcessToJobObject
SSDT 8B9AEA88 ZwCreateMutant
SSDT 8B9AFB80 ZwCreateSymbolicLinkObject
SSDT 8B9A7998 ZwCreateThread
SSDT 8B9AFE20 ZwDebugActiveProcess
SSDT 8B9AAA30 ZwDuplicateObject
SSDT 8B9ABA10 ZwFreeVirtualMemory
SSDT 8B9AEB30 ZwImpersonateAnonymousToken
SSDT 8B9AEBC8 ZwImpersonateThread
SSDT 8B075648 ZwLoadDriver
SSDT 8B9AB958 ZwMapViewOfSection
SSDT 8B9AE9F0 ZwOpenEvent
SSDT 8B9AAB60 ZwOpenProcess
SSDT 8B9AA998 ZwOpenProcessToken
SSDT 8B9AFF70 ZwOpenSection
SSDT 8B9AAAD8 ZwOpenThread
SSDT 8B9AFCE0 ZwProtectVirtualMemory
SSDT 8B9ADAD8 ZwResumeThread
SSDT 8B9ACA10 ZwSetContextThread
SSDT 8B9ACAA8 ZwSetInformationProcess
SSDT 8B9AFEB8 ZwSetSystemInformation
SSDT 8B9AE958 ZwSuspendProcess
SSDT 8B9ADB70 ZwSuspendThread
SSDT 8B9A9940 ZwTerminateProcess
SSDT 8B9AC978 ZwTerminateThread
SSDT 8B9ACB50 ZwUnmapViewOfSection
SSDT 8B9ABAB8 ZwWriteVirtualMemory
SSDT 8B9AFC28 ZwCreateThreadEx
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!KeSetEvent + 11D 84CE8768 8 Bytes [A8, D9, 9A, 8B, 40, DA, 9A, ...]
.text ntkrnlpa.exe!KeSetEvent + 131 84CE877C 4 Bytes [60, BB, 9A, 8B]
.text ntkrnlpa.exe!KeSetEvent + 13D 84CE8788 4 Bytes [C0, 56, 07, 8B] {RCL BYTE [ESI+0x7], 0x8b}
.text ntkrnlpa.exe!KeSetEvent + 191 84CE87DC 4 Bytes [88, FD, 9A, 8B]
.text ntkrnlpa.exe!KeSetEvent + 1F5 84CE8840 4 Bytes JMP A7BD8B9A
.text ...
.text C:\Program Files\HomeCinema\PowerDVD9\000.fcl section is writeable [0xB5CFE000, 0x2892, 0xE8000020]
.vmp2 C:\Program Files\HomeCinema\PowerDVD9\000.fcl entry point in ".vmp2" section [0xB5D21050]
---- User code sections - GMER 2.1 ----
.text C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe[2056] kernel32.dll!SetUnhandledExceptionFilter 763EA8B5 5 Bytes JMP 0067B780 C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe
.text C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[4712] ntdll.dll!DbgBreakPoint 77AB878E 1 Byte [C3]
.text C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[4712] ntdll.dll!DbgUiRemoteBreakin 77AFCD84 5 Bytes JMP 77AAB1F1 C:\Windows\system32\ntdll.dll
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\tdx \Device\Tcp SYMTDIV.SYS
AttachedDevice \Driver\tdx \Device\Udp SYMTDIV.SYS
AttachedDevice \Driver\tdx \Device\RawIp SYMTDIV.SYS
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Media Center\Service\Scheduler@Heartbeat 0xD0 0x9F 0x53 0x80 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\mohra@hotmail.de@2b65266c9284fb6ca4197bef3a6d8b89\r\n 0x6B 0xE2 0x59 0x91 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\reshad_94@hotmail.de@687c72a53ea0d8b4f0c1869870af36cf\r\n 0x52 0xAD 0x5D 0xA3 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\sajad_94@hotmail.de@bc661bfd7f221f9b19ae67241e7b654f\r\n 0x57 0x29 0x51 0x8E ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\sajad_94@hotmail.de@6e66ad3053edde903d53eec78a162d4c\r\n 0xDD 0xE8 0x9E 0x3F ...
---- EOF - GMER 2.1 ----
 |
|
12.02.2014, 17:17
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows Vista : SoftwareUpdater.ui.exe Problem beheben Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
12.02.2014, 18:33
| #3 |
| | Windows Vista : SoftwareUpdater.ui.exe Problem beheben Hi , ne weitere Logs habe ich nicht. Das mit dem Antivirus-Programm habe ich scheinbar überlesen. Ich könnte heute einen Scan starten und die Datei anschließend posten. Die in dem vorherigen Post benutzten Logs stammen alle von heute .
__________________ |
|
12.02.2014, 22:10
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Vista : SoftwareUpdater.ui.exe Problem beheben Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.02.2014, 21:31
| #5 |
| | Windows Vista : SoftwareUpdater.ui.exe Problem behebenCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
Database version: v2014.02.14.05
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Sajad&Reshad :: SALIM-PC [administrator]
14.02.2014 13:59:30
mbar-log-2014-02-14 (13-59-30).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 304667
Time elapsed: 1 hour(s), 3 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Sajad&Reshad\Desktop\Windows.Loader.v2.1.DAZ.KiR0V\Windows Loader\Windows Loader.exe (Hacktool.Agent) -> Delete on reboot.
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
Database version: v2014.02.14.06
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Sajad&Reshad :: SALIM-PC [administrator]
14.02.2014 17:27:39
mbar-log-2014-02-14 (17-27-39).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 304505
Time elapsed: 45 minute(s), 36 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
16.02.2014, 21:52
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Vista : SoftwareUpdater.ui.exe Problem behebenZitat:
__________________ --> Windows Vista : SoftwareUpdater.ui.exe Problem beheben |
|
17.02.2014, 11:38
| #7 |
| | Windows Vista : SoftwareUpdater.ui.exe Problem beheben Ja das war noch eine dumme Idee aus meinen Jugendjahren, habe aber immer noch das originale Betriebssystem drauf. Meinst du etwa der Hacktool könnte dafür verantwortlich gewesen sein ? Verstehe nämlich deinen Kommentar nicht... |
|
17.02.2014, 11:44
| #8 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Vista : SoftwareUpdater.ui.exe Problem behebenZitat:
 Lesen => http://www.trojaner-board.de/95393-c...-software.html
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.02.2014, 11:50
| #9 |
| | Windows Vista : SoftwareUpdater.ui.exe Problem beheben Okay, alles klar . Und die Software wurde also noch nicht durch den Malware-Bytes Anti rootkit komplett entfernent? |
|
17.02.2014, 11:52
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Vista : SoftwareUpdater.ui.exe Problem beheben Steht doch im Log, dass es entfernt wurde. Wenn man illegales Zeug auf deiner Kiste findet muss man entsprechend unseren Regeln auch mal handeln und dies dann ankreiden. Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.02.2014, 23:30
| #11 |
| |  Windows Vista : SoftwareUpdater.ui.exe Problem behebenCode:
ATTFilter # AdwCleaner v3.019 - Bericht erstellt am 17/02/2014 um 22:53:22
# Aktualisiert 17/02/2014 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : Sajad&Reshad - SALIM-PC
# Gestartet von : C:\Users\Sajad&Reshad\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : SystemStoreService
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gelöscht : C:\Program Files\Babylon
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Program Files\myfree codec
Ordner Gelöscht : C:\Program Files\SoftwareUpdater
Ordner Gelöscht : C:\Program Files\vShare
Ordner Gelöscht : C:\Users\salim sayed nesar\AppData\Local\Linkury
Ordner Gelöscht : C:\Users\SAJAD&~1\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\salim sayed nesar\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\salim sayed nesar\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\salim sayed nesar\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\salim sayed nesar\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Hena Salim\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Hena Salim\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Hena Salim\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Hena Salim\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Hena Salim\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Hena Salim\AppData\LocalLow\SweetIM
Ordner Gelöscht : C:\Users\Hena Salim\AppData\Roaming\Funmoods
Ordner Gelöscht : C:\Users\Sajad&Reshad\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Sajad&Reshad\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Sajad&Reshad\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Sajad&Reshad\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Sajad&Reshad\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Sajad&Reshad\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Sajad&Reshad\AppData\LocalLow\SweetIM
Ordner Gelöscht : C:\Users\Sajad&Reshad\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Sajad&Reshad\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Sajad&Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\ait65kmg.default\Extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Users\Sajad&Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\ait65kmg.default\Extensions\ffxtlbr@funmoods.com
Ordner Gelöscht : C:\Users\Hena Salim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Ordner Gelöscht : C:\Users\Hena Salim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kolgnaidildmdbfgdnoapjdianbpajne
Datei Gelöscht : C:\Windows\system32\roboot.exe
Datei Gelöscht : C:\Program Files\Mozilla Firefox\Plugins\npvsharetvplg.dll
Datei Gelöscht : C:\Users\Sajad&Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\ait65kmg.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Sajad&Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\ait65kmg.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\Sajad&Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\ait65kmg.default\searchplugins\funmoods.xml
Datei Gelöscht : C:\Users\Sajad&Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\ait65kmg.default\searchplugins\Startsear.xml
Datei Gelöscht : C:\Users\Sajad&Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\ait65kmg.default\user.js
Datei Gelöscht : C:\Users\Hena Salim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
Datei Gelöscht : C:\Users\Hena Salim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage
Datei Gelöscht : C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage-journal
Datei Gelöscht : C:\Windows\System32\Tasks\Funmoods
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater Ui
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\kolgnaidildmdbfgdnoapjdianbpajne
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80149514-2CBD-4B9C-B9EB-E3B531EBC263}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80149514-2CBD-4B9C-B9EB-E3B531EBC263}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1F66FDB1-AF5C-422D-B491-3BB058CDDF1C}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F66FDB1-AF5C-422D-B491-3BB058CDDF1C}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{40E6F01A-7D0B-4661-99DD-36E3E7040898}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40E6F01A-7D0B-4661-99DD-36E3E7040898}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1367BB8-48DC-431E-973B-3471478A4509}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
Schlüssel Gelöscht : HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
Schlüssel Gelöscht : HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
Wert Gelöscht : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\LinkurySmartBar.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkuryMenuForm
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBarBandObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Browser companion helper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2567732
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2719325
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{043C5167-00BB-4324-AF7E-62013FAEDACF}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\Babylon
Schlüssel Gelöscht : HKCU\Software\Blabbers
Schlüssel Gelöscht : HKCU\Software\BrowserCompanion
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BrowserCompanion
Schlüssel Gelöscht : HKLM\Software\Funmoods
Schlüssel Gelöscht : HKLM\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Babylon
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BrowserCompanion
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Browser ] *****
-\\ Internet Explorer v9.0.8112.16533
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v
[ Datei : C:\Users\salim sayed nesar\AppData\Roaming\Mozilla\Firefox\Profiles\wp0mu6yn.default\prefs.js ]
[ Datei : C:\Users\Hena Salim\AppData\Roaming\Mozilla\Firefox\Profiles\oalkg0cz.default\prefs.js ]
[ Datei : C:\Users\Sajad&Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\ait65kmg.default\prefs.js ]
Zeile gelöscht : user_pref("browser.search.defaultengine", "Web Search");
-\\ Google Chrome v32.0.1700.107
[ Datei : C:\Users\salim sayed nesar\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Datei : C:\Users\Hena Salim\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht : urls_to_restore_on_startup
[ Datei : C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [15770 octets] - [17/02/2014 21:50:19]
AdwCleaner[S0].txt - [15393 octets] - [17/02/2014 22:53:22]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15454 octets] ##########
Bei JRT steht , dass keine Pfade gefunden werden konnten. Und irgendwann mal schließt sich das Programm. Logfile hierfür konnte also nicht erstellt werden. |
|
17.02.2014, 23:31
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Vista : SoftwareUpdater.ui.exe Problem beheben Neustarten, JRT neu runterladen, per Rechtsklick als Admin ausführen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.02.2014, 01:48
| #13 |
| | Windows Vista : SoftwareUpdater.ui.exe Problem beheben Habe ich gemacht , dennoch der selbe Fehler( an den genauen Wortlaut erinner ich mich jetzt nicht ) :Also bei: Creating Registry Backup Angegebener Dateipfad konnte nicht gefunden werden Bei: Checking Moduls Angegebener Dateipfad konnte nicht gefunden werden Und bei: Checking Registry Fehler: Zugriff verweigert |
|
18.02.2014, 12:57
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Vista : SoftwareUpdater.ui.exe Problem beheben Dann JRT überspringen, neue Logs mit FRST
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.02.2014, 13:41
| #15 |
| | Windows Vista : SoftwareUpdater.ui.exe Problem behebenFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-02-2014
Ran by Sajad&Reshad (administrator) on SALIM-PC on 19-02-2014 13:38:07
Running from C:\Users\Sajad&Reshad\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files\devolo\dlan\devolonetsvc.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\system32\PSIService.exe
() C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe
() C:\Program Files\Cyberlink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Spotify Ltd) C:\Users\Sajad&Reshad\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\IELowutil.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-08] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6724128 2009-02-03] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-02-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKLM\...\Policies\Explorer: [UseDefaultTile] 0
HKLM\...\Policies\Explorer: [NoWelcomeScreen] 0
HKU\.DEFAULT\...\Policies\system: [NoDispCPL] 0
HKU\.DEFAULT\...\Policies\system: [NoDispAppearancePage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispBackgroundPage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispScrSavPage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispSettingsPage] 0
HKU\.DEFAULT\...\Policies\system: [NoColorChoice] 0
HKU\.DEFAULT\...\Policies\system: [DontDisplayLogonHoursWarnings] 0
HKU\.DEFAULT\...\Policies\system: [DisableLockWorkstation] 0
HKU\.DEFAULT\...\Policies\system: [DisableChangePassword] 0
HKU\.DEFAULT\...\Policies\system: [HideLogonScripts] 0
HKU\.DEFAULT\...\Policies\system: [HideLogoffScripts] 0
HKU\.DEFAULT\...\Policies\system: [HideLegacyLogonScripts] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoThemesTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoAddPrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [RestrictCpl] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisallowCpl] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDrivesInSendToMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [RestrictRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRecycleFiles] 0
HKU\.DEFAULT\...\Policies\Explorer: [PreventItemCreationInUsersFilesFolder] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoReadingPane] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoPreviewPane] 0
HKU\.DEFAULT\...\Policies\Explorer: [DontSetAutoplayCheckbox] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoPropertiesMyDocuments] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoPropertiesRecycleBin] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoManageMyComputerVerb] 0
HKU\.DEFAULT\...\Policies\Explorer: [ClassicShell] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoCustomizeWebView] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFileMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoWinKeys] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSecurityTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableThumbnails] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableThumbnailsOnNetworkFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoInstrumentation] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoCustomizeThisFolder] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoWebView] 0
HKU\.DEFAULT\...\Policies\Explorer: [DontShowSuperHidden] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoOnlinePrintsWizard] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoPublishingWizard] 0
HKU\.DEFAULT\...\Policies\Explorer: [AlwaysShowClassicMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [ClearRecentProgForNewUserInStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoUserFolderInStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSearchComputerLinkInStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSearchProgramsInStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSearchInternetInStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSearchFilesInStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSearchCommInStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSMConfigurePrograms] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRecentDocsMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSMMyPictures] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuMyMusic] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSMMyDocs] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuNetworkPlaces] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFavoritesMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHelp] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoNetworkConnections] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFind] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoCommonGroups] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuPinnedList] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuMorePrograms] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuEjectPC] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSimpleStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [ForceStartMenuLogoff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDisconnect] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoNtSecurity] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [GreyMSIAds] 0
HKU\.DEFAULT\...\Policies\Explorer: [ForceMaxRecentDocs] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuMyGames] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSMBalloonTip] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSMBalloonTips] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\.DEFAULT\...\Policies\Explorer: [LockTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAVolume] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCANetwork] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAPower] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCABattery] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoToolbarsOnTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTaskGrouping] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoThumbnail] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarLockAll] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoResize] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoAddRemoveToolbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoDragToolbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoRedock] 0
HKU\.DEFAULT\...\Policies\Explorer: [RestrictWelcomeCenter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoWebServices] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFileUrl] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoInternetIcon] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoBandCustomize] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoToolbarCustomize] 0
HKU\.DEFAULT\...\Policies\Explorer: [SpecifyDefaultButtons] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoInplaceSharing] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoNetHood] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoNetConnectDisconnect] 0
HKU\.DEFAULT\...\Policies\Explorer: [UseFoldersInStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [TurnOffSPIAnimations] 0
HKU\.DEFAULT\...\Policies\Explorer: [EnforceShellExtensionSecurity] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoLogOff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\.DEFAULT\...\Policies\Explorer: [PromptRunasInstallNetPath] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0
HKU\.DEFAULT\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDesktopCleanupWizard] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoThumbnailCache] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoCDBurning] 0
HKU\.DEFAULT\...\Policies\Explorer: [ForceCopyAclwithFile] 0
HKU\.DEFAULT\...\Policies\Explorer: [StartRunNoHOMEPATH] 0
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Run: [Facebook Update] - C:\Users\Sajad&Reshad\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Run: [rfxsrvtray] - C:\Program Files\Tobit Radio.fx\Client\rfx-tray.exe [1838872 2013-02-07] (Tobit.Software)
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2013-10-30] (Samsung Electronics)
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Run: [Spotify] - C:\Users\Sajad&Reshad\AppData\Roaming\Spotify\spotify.exe [6118400 2014-01-16] (Spotify Ltd)
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Run: [Spotify Web Helper] - C:\Users\Sajad&Reshad\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-16] (Spotify Ltd)
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [NoDispCPL] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [NoDispScrSavPage] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [NoColorChoice] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [DontDisplayLogonHoursWarnings] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [HideLogonScripts] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [HideLogoffScripts] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\system: [HideLegacyLogonScripts] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoThemesTab] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoAddPrinter] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [RestrictCpl] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [DisallowCpl] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoDrivesInSendToMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoRecycleFiles] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [PreventItemCreationInUsersFilesFolder] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoReadingPane] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoPreviewPane] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [DontSetAutoplayCheckbox] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoPropertiesMyDocuments] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoPropertiesRecycleBin] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoManageMyComputerVerb] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [ClassicShell] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoCustomizeWebView] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoFileMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoWinKeys] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSecurityTab] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [DisableThumbnails] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [DisableThumbnailsOnNetworkFolders] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoInstrumentation] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoCustomizeThisFolder] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoWebView] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [DontShowSuperHidden] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoOnlinePrintsWizard] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoPublishingWizard] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [AlwaysShowClassicMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [ClearRecentProgForNewUserInStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoUserFolderInStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSearchComputerLinkInStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSearchProgramsInStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSearchInternetInStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSearchFilesInStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSearchCommInStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSMConfigurePrograms] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoRecentDocsMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSMMyPictures] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoStartMenuMyMusic] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSMMyDocs] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoStartMenuNetworkPlaces] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoFavoritesMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoHelp] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoNetworkConnections] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoCommonGroups] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoStartMenuPinnedList] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoStartMenuMorePrograms] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoStartMenuEjectPC] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSimpleStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [ForceStartMenuLogoff] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoDisconnect] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoNtSecurity] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [GreyMSIAds] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [ForceMaxRecentDocs] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoStartMenuMyGames] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSMBalloonTip] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoSMBalloonTips] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [LockTaskbar] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [HideSCANetwork] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [HideSCAPower] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [HideSCABattery] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoToolbarsOnTaskbar] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoTaskGrouping] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [TaskbarNoThumbnail] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [TaskbarLockAll] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [TaskbarNoResize] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [TaskbarNoAddRemoveToolbar] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [TaskbarNoDragToolbar] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [TaskbarNoRedock] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [RestrictWelcomeCenter] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoWebServices] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoFileUrl] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoInternetIcon] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoBandCustomize] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoToolbarCustomize] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [SpecifyDefaultButtons] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoInplaceSharing] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoNetHood] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoNetConnectDisconnect] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [UseFoldersInStartMenu] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [TurnOffSPIAnimations] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [EnforceShellExtensionSecurity] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [PromptRunasInstallNetPath] 1
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoDesktopCleanupWizard] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoThumbnailCache] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [ForceCopyAclwithFile] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\Policies\Explorer: [StartRunNoHOMEPATH] 0
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\MountPoints2: {71b36982-d665-11e2-a721-e97a86892c37} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\MountPoints2: {cabc7c11-0992-11e3-83a6-d92e0c795e46} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\MountPoints2: {e84a85c2-d358-11e2-8347-8d20f8ced606} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-141697217-1107933014-2458016846-1002\...\MountPoints2: {fdeffac7-d60a-11df-a914-f6f0b44ee792} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\m.exe /s
Startup: C:\Users\Hena Salim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Hena Salim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Hena Salim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Hena Salim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.lnk
ShortcutTarget: OpenOffice.org 3.4.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Sajad&Reshad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\salim sayed nesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\salim sayed nesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\salim sayed nesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.lnk
ShortcutTarget: OpenOffice.org 3.4.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicyUsers\S-1-5-21-141697217-1107933014-2458016846-1002\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-141697217-1107933014-2458016846-1001\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
SearchScopes: HKCU - {3FE66EBF-FDA2-4D92-AFCA-EF3671EA726B} URL = hxxp://start.funmoods.com/results.php?f=4&a=ironto&q={searchTerms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/mjss/MJSS.cab109791.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldde-de.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Sajad&Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\ait65kmg.default
FF NetworkProxy: "type", 0
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @google.com/npPicasa2,version=2.0.0 - C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Sajad&Reshad\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Sajad&Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\ait65kmg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-09-23]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2011-11-04]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-01-08]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-15]
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AdobeExManDetect) - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
CHR Plugin: (AdobeAAMDetect) - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Picasa) - C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
CHR Plugin: (Picasa) - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Sajad&Reshad\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Sajad&Reshad\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2013-03-31]
CHR Extension: (Google Docs) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-31]
CHR Extension: (Google Drive) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-31]
CHR Extension: (YouTube) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-31]
CHR Extension: (Google-Suche) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-31]
CHR Extension: (AdBlock) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-03-31]
CHR Extension: (Dolce&Gabbana) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpfbmpaebheclpaopjodkelcihldloih [2013-03-31]
CHR Extension: (Norton Identity Protection) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-03-31]
CHR Extension: (FastestFox – Schneller browsen) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2013-07-01]
CHR Extension: (Google Wallet) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Mehr Leistung und Videoformate fr dein HTML5 video) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-03-31]
CHR Extension: (Google Mail) - C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-31]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx [2013-11-14]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
========================== Services (Whitelisted) =================
R3 Blackberry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited)
R2 DevoloNetworkService; C:\Program Files\devolo\dlan\devolonetsvc.exe [3526136 2013-08-27] (devolo AG)
S2 gupdate1ca02dd937b7196; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-07-12] (Google Inc.)
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-10] (Nero AG)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 Radio.fx; C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] ()
R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [247152 2009-02-25] ()
==================== Drivers (Whitelisted) ====================
S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [489408 2009-11-05] (ITETech )
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2008-09-05] (AVM Berlin)
R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys [1098968 2013-12-18] (Symantec Corporation)
S3 camfilt2; C:\Windows\System32\Drivers\camfilt2.sys [94208 2007-05-29] (Guillemot Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1501000.012\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-12-15] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-11-21] (Symantec Corporation)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-10-30] ()
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [265088 2008-09-05] (AVM GmbH)
R3 hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [99968 2009-02-08] (Guillemot Corporation)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140218.001\IDSvix86.sys [394456 2014-01-21] (Symantec Corporation)
R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [75480 2014-02-14] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140218.032\NAVENG.SYS [93272 2013-12-15] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140218.032\NAVEX15.SYS [1612376 2013-12-15] (Symantec Corporation)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [554496 2007-09-21] (Ralink Technology Corp.)
R2 NPF_devolo; C:\Windows\system32\drivers\npf_devolo.sys [35840 2013-08-21] (CACE Technologies)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3482112 2009-04-22] ()
R3 SRTSP; C:\Windows\System32\Drivers\NIS\1501000.012\SRTSP.SYS [651352 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1501000.012\SRTSPX.SYS [32344 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1501000.012\SYMDS.SYS [367704 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1501000.012\SYMEFA.SYS [935512 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2013-11-14] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [63576 2013-09-10] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1501000.012\Ironx86.SYS [206936 2013-09-27] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1501000.012\SYMTDIV.SYS [383576 2013-09-26] (Symantec Corporation)
S3 TIEHDUSB; C:\Windows\System32\drivers\tiehdusb.sys [49536 2004-02-04] (Texas Instruments Incorporated)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\HomeCinema\PowerDVD9\000.fcl [87536 2009-03-30] (CyberLink Corp.)
S3 Afc; system32\drivers\Afc.sys [X]
S3 Andbus; system32\DRIVERS\lgandbus.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [X]
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [X]
S3 HtcVCom32; system32\DRIVERS\HtcVComV32.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 MotDev; system32\DRIVERS\motodrv.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-19 13:08 - 2014-02-19 13:08 - 00000000 ____D () C:\Users\Sajad&Reshad\Downloads\FRST-OlderVersion
2014-02-18 01:40 - 2014-02-18 01:40 - 01037530 _____ (Thisisu) C:\Users\Sajad&Reshad\Downloads\JRT (1).exe
2014-02-17 23:07 - 2014-02-17 23:07 - 00000000 ____D () C:\Windows\ERUNT
2014-02-17 23:05 - 2014-02-17 23:06 - 01037530 _____ (Thisisu) C:\Users\Sajad&Reshad\Downloads\JRT.exe
2014-02-17 23:05 - 2014-02-17 23:05 - 00015535 _____ () C:\Users\Sajad&Reshad\Desktop\AdwCleaner[S0].txt
2014-02-17 21:49 - 2014-02-17 22:54 - 00000000 ___DC () C:\AdwCleaner
2014-02-17 21:46 - 2014-02-17 21:46 - 01241834 _____ () C:\Users\Sajad&Reshad\Downloads\adwcleaner.exe
2014-02-17 19:44 - 2014-02-17 19:57 - 00022596 _____ () C:\Users\Sajad&Reshad\Downloads\pilztoxine.odt
2014-02-16 00:36 - 2014-02-16 00:36 - 00000000 ____D () C:\Users\Sajad&Reshad\Desktop\Karl Ess Fitness
2014-02-15 15:24 - 2014-02-15 15:24 - 00129995 _____ () C:\Users\Sajad&Reshad\Desktop\pantomime morphsuit.htm
2014-02-15 15:24 - 2014-02-15 15:24 - 00000000 ____D () C:\Users\Sajad&Reshad\Desktop\pantomime morphsuit_files
2014-02-14 13:59 - 2014-02-14 14:00 - 81785509 _____ () C:\Users\Sajad&Reshad\Downloads\pmn lb.rar
2014-02-14 03:03 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 03:03 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 03:03 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 03:03 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 03:03 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 03:03 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 03:03 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-14 03:03 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 03:03 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-14 03:03 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 03:03 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 03:03 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 03:03 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 03:03 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 03:03 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-14 03:03 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 02:09 - 2014-02-14 17:27 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-14 02:08 - 2014-02-14 20:16 - 00000000 ____D () C:\Users\Sajad&Reshad\Desktop\mbar
2014-02-14 02:08 - 2014-02-14 02:08 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-14 02:00 - 2014-02-14 02:01 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Sajad&Reshad\Downloads\mbar-1.07.0.1009.exe
2014-02-13 23:35 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 15:50 - 2014-02-12 15:50 - 00380416 _____ () C:\Users\Sajad&Reshad\Downloads\s54m59e0.exe
2014-02-12 15:48 - 2014-02-12 15:48 - 00068800 _____ () C:\Users\Sajad&Reshad\Desktop\FRST.txt
2014-02-12 15:48 - 2014-02-12 15:48 - 00038227 _____ () C:\Users\Sajad&Reshad\Desktop\Addition.txt
2014-02-12 15:46 - 2014-02-12 15:48 - 00038181 _____ () C:\Users\Sajad&Reshad\Downloads\Addition.txt
2014-02-12 15:44 - 2014-02-19 13:38 - 00049290 _____ () C:\Users\Sajad&Reshad\Downloads\FRST.txt
2014-02-12 15:44 - 2014-02-19 13:38 - 00000000 ___DC () C:\FRST
2014-02-12 15:43 - 2014-02-15 21:30 - 00000000 ____D () C:\Users\Sajad&Reshad\Desktop\scheiß trojaner
2014-02-12 15:42 - 2014-02-12 15:43 - 00000486 _____ () C:\Users\Sajad&Reshad\Downloads\defogger_disable.log
2014-02-12 15:42 - 2014-02-12 15:42 - 00000000 _____ () C:\Users\Sajad&Reshad\defogger_reenable
2014-02-12 15:41 - 2014-02-19 13:08 - 01141248 ____C (Farbar) C:\Users\Sajad&Reshad\Downloads\FRST.exe
2014-02-12 15:41 - 2014-02-12 15:41 - 00050477 _____ () C:\Users\Sajad&Reshad\Downloads\Defogger.exe
2014-02-12 11:33 - 2014-02-12 12:32 - 180395067 _____ () C:\Users\Sajad&Reshad\Downloads\13450_psprt.rar
2014-02-11 14:13 - 2014-02-11 14:13 - 00017068 _____ () C:\Users\Sajad&Reshad\Desktop\lebenslauf.odt
2014-02-10 17:22 - 2014-02-16 00:27 - 00000000 ____D () C:\Users\Sajad&Reshad\Desktop\Studium
2014-02-08 21:06 - 2014-02-08 21:08 - 03715736 _____ () C:\Users\Sajad&Reshad\Downloads\Lodovico Satana - Lob des Sexismus - Frauen verstehen verfuehren und behalten.rar
2014-02-06 14:42 - 2014-02-06 15:33 - 156544276 _____ () C:\Users\Sajad&Reshad\Downloads\The Weeknd - Kiss Land (Deluxe Edition) (2013).015.rar
2014-02-06 14:16 - 2014-02-06 14:18 - 25180430 _____ () C:\Users\Sajad&Reshad\Downloads\Chris James feat. Pusha T - Love Hates Me [EP] (iTunes).zip
2014-02-02 18:59 - 2014-02-02 19:01 - 06879828 _____ () C:\Users\Sajad&Reshad\Downloads\Mobb Deep - Taking You off Here (iTunes).m4a
2014-02-02 18:58 - 2014-02-02 19:07 - 103246267 _____ () C:\Users\Sajad&Reshad\Downloads\Toni Braxton & Babyface - Love, Marriage & Divorce (Album) [mp3].zip
2014-01-31 00:46 - 2014-01-31 01:44 - 175553038 _____ () C:\Users\Sajad&Reshad\Downloads\gapogmtkaorgapo.rar
2014-01-31 00:40 - 2014-01-31 00:41 - 102933243 _____ () C:\Users\Sajad&Reshad\Downloads\Lana Del Rey - Quiet Now + From the End [EP].zip
2014-01-30 02:54 - 2014-01-30 02:54 - 00159472 _____ () C:\Windows\Minidump\Mini013014-01.dmp
2014-01-28 14:37 - 2014-01-28 14:37 - 09799895 _____ () C:\Users\Sajad&Reshad\Downloads\01 Radioactive (ft. Kendrick Lamar).m4a
2014-01-28 14:15 - 2014-01-28 14:15 - 07562012 _____ () C:\Users\Sajad&Reshad\Downloads\Romeo Santos feat. Drake - Odio (iTunes).m4a
2014-01-28 14:11 - 2014-01-28 14:22 - 99277397 _____ () C:\Users\Sajad&Reshad\Downloads\Isaiah Rashad - Cilvia Demo (iTunes).zip
2014-01-28 14:08 - 2014-01-28 14:08 - 05807244 _____ () C:\Users\Sajad&Reshad\Downloads\Icona Pop - Just Another Night (Radio Edit) [iTunes].m4a
2014-01-28 14:07 - 2014-01-28 14:08 - 08908716 _____ () C:\Users\Sajad&Reshad\Downloads\Steve Aoki & Coone - Can't Stop The Swag (iTunes).m4a
2014-01-27 20:55 - 2014-01-27 20:55 - 00020881 _____ () C:\Users\Sajad&Reshad\Desktop\hena präsentation1.odt
2014-01-27 18:01 - 2014-01-27 18:01 - 00163584 _____ () C:\Windows\Minidump\Mini012714-01.dmp
2014-01-27 15:28 - 2014-01-27 15:41 - 114695789 _____ () C:\Users\Sajad&Reshad\Downloads\Ace Hood - Starvation 3 (Mixtape).zip
2014-01-27 15:27 - 2014-01-27 16:10 - 131412094 _____ () C:\Users\Sajad&Reshad\Downloads\1Krewella - Get Wet (Deluxe Edition) (2013).rar
2014-01-26 18:13 - 2014-01-26 18:14 - 08627674 _____ () C:\Users\Sajad&Reshad\Downloads\Will.i.am feat. Miley Cyrus, Wiz Khalifa, French Montana & DJ Mustard - Feelin' Myself (iTunes).m4a
2014-01-24 19:16 - 2014-01-24 19:16 - 00001668 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-24 19:15 - 2014-01-24 19:16 - 00000000 ___DC () C:\Program Files\iTunes
2014-01-24 19:15 - 2014-01-24 19:16 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-01-24 19:15 - 2014-01-24 19:15 - 00000000 ___DC () C:\Program Files\iPod
2014-01-24 14:10 - 2014-01-24 14:10 - 00000000 ___DC () C:\iPod
2014-01-24 00:50 - 2014-01-24 00:50 - 00029220 _____ () C:\Users\Sajad&Reshad\Downloads\Fachbegriffe.odt
2014-01-21 22:41 - 2014-01-21 23:17 - 111618810 _____ () C:\Users\Sajad&Reshad\Downloads\11896__cspr.rar
==================== One Month Modified Files and Folders =======
2014-02-19 13:38 - 2014-02-12 15:44 - 00049290 _____ () C:\Users\Sajad&Reshad\Downloads\FRST.txt
2014-02-19 13:38 - 2014-02-12 15:44 - 00000000 ___DC () C:\FRST
2014-02-19 13:09 - 2012-05-08 19:42 - 00000000 ____D () C:\Users\Sajad&Reshad\Documents\TubeBox
2014-02-19 13:08 - 2014-02-19 13:08 - 00000000 ____D () C:\Users\Sajad&Reshad\Downloads\FRST-OlderVersion
2014-02-19 13:08 - 2014-02-12 15:41 - 01141248 ____C (Farbar) C:\Users\Sajad&Reshad\Downloads\FRST.exe
2014-02-19 13:03 - 2009-07-03 20:08 - 01145599 _____ () C:\Windows\WindowsUpdate.log
2014-02-19 12:52 - 2013-12-28 13:21 - 00000000 ____D () C:\Users\Sajad&Reshad\AppData\Roaming\Spotify
2014-02-19 12:29 - 2013-12-21 03:18 - 00000000 ____D () C:\Users\Sajad&Reshad\AppData\Local\HTC MediaHub
2014-02-19 12:27 - 2010-05-09 17:07 - 00271575 _____ () C:\ProgramData\nvModes.dat
2014-02-19 12:27 - 2010-05-09 17:07 - 00271575 _____ () C:\ProgramData\nvModes.001
2014-02-19 12:27 - 2009-07-12 11:52 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-19 12:27 - 2006-11-02 13:37 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-19 12:25 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-19 12:25 - 2006-11-02 13:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-19 12:25 - 2006-11-02 13:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-19 01:14 - 2006-11-02 14:01 - 00032534 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-18 23:53 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\tracing
2014-02-18 01:40 - 2014-02-18 01:40 - 01037530 _____ (Thisisu) C:\Users\Sajad&Reshad\Downloads\JRT (1).exe
2014-02-17 23:07 - 2014-02-17 23:07 - 00000000 ____D () C:\Windows\ERUNT
2014-02-17 23:06 - 2014-02-17 23:05 - 01037530 _____ (Thisisu) C:\Users\Sajad&Reshad\Downloads\JRT.exe
2014-02-17 23:05 - 2014-02-17 23:05 - 00015535 _____ () C:\Users\Sajad&Reshad\Desktop\AdwCleaner[S0].txt
2014-02-17 22:56 - 2009-07-12 11:52 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-17 22:54 - 2014-02-17 21:49 - 00000000 ___DC () C:\AdwCleaner
2014-02-17 22:51 - 2013-07-15 14:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-17 21:57 - 2011-08-25 23:47 - 00001166 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-141697217-1107933014-2458016846-1002UA.job
2014-02-17 21:46 - 2014-02-17 21:46 - 01241834 _____ () C:\Users\Sajad&Reshad\Downloads\adwcleaner.exe
2014-02-17 19:57 - 2014-02-17 19:44 - 00022596 _____ () C:\Users\Sajad&Reshad\Downloads\pilztoxine.odt
2014-02-17 00:57 - 2011-08-25 23:47 - 00001144 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-141697217-1107933014-2458016846-1002Core.job
2014-02-16 00:36 - 2014-02-16 00:36 - 00000000 ____D () C:\Users\Sajad&Reshad\Desktop\Karl Ess Fitness
2014-02-16 00:27 - 2014-02-10 17:22 - 00000000 ____D () C:\Users\Sajad&Reshad\Desktop\Studium
2014-02-15 21:30 - 2014-02-12 15:43 - 00000000 ____D () C:\Users\Sajad&Reshad\Desktop\scheiß trojaner
2014-02-15 15:24 - 2014-02-15 15:24 - 00129995 _____ () C:\Users\Sajad&Reshad\Desktop\pantomime morphsuit.htm
2014-02-15 15:24 - 2014-02-15 15:24 - 00000000 ____D () C:\Users\Sajad&Reshad\Desktop\pantomime morphsuit_files
2014-02-14 20:16 - 2014-02-14 02:08 - 00000000 ____D () C:\Users\Sajad&Reshad\Desktop\mbar
2014-02-14 17:27 - 2014-02-14 02:09 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-14 16:48 - 2013-09-17 16:07 - 00043632 _____ () C:\Windows\PFRO.log
2014-02-14 14:20 - 2009-07-03 21:38 - 00000000 ___RD () C:\Users\Sajad&Reshad\Musik
2014-02-14 14:15 - 2009-07-03 21:38 - 00000000 ____D () C:\Users\Sajad&Reshad
2014-02-14 14:10 - 2011-12-04 20:23 - 00000000 ____D () C:\Users\Sajad&Reshad\AppData\Local\CrashDumps
2014-02-14 14:00 - 2014-02-14 13:59 - 81785509 _____ () C:\Users\Sajad&Reshad\Downloads\pmn lb.rar
2014-02-14 03:57 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-14 03:54 - 2006-11-02 11:33 - 01560144 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-14 03:19 - 2013-07-29 02:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 03:15 - 2006-11-02 11:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-14 02:08 - 2014-02-14 02:08 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-14 02:01 - 2014-02-14 02:00 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Sajad&Reshad\Downloads\mbar-1.07.0.1009.exe
2014-02-12 15:50 - 2014-02-12 15:50 - 00380416 _____ () C:\Users\Sajad&Reshad\Downloads\s54m59e0.exe
2014-02-12 15:48 - 2014-02-12 15:48 - 00068800 _____ () C:\Users\Sajad&Reshad\Desktop\FRST.txt
2014-02-12 15:48 - 2014-02-12 15:48 - 00038227 _____ () C:\Users\Sajad&Reshad\Desktop\Addition.txt
2014-02-12 15:48 - 2014-02-12 15:46 - 00038181 _____ () C:\Users\Sajad&Reshad\Downloads\Addition.txt
2014-02-12 15:43 - 2014-02-12 15:42 - 00000486 _____ () C:\Users\Sajad&Reshad\Downloads\defogger_disable.log
2014-02-12 15:42 - 2014-02-12 15:42 - 00000000 _____ () C:\Users\Sajad&Reshad\defogger_reenable
2014-02-12 15:41 - 2014-02-12 15:41 - 00050477 _____ () C:\Users\Sajad&Reshad\Downloads\Defogger.exe
2014-02-12 12:32 - 2014-02-12 11:33 - 180395067 _____ () C:\Users\Sajad&Reshad\Downloads\13450_psprt.rar
2014-02-12 11:12 - 2010-12-20 16:21 - 00000868 _____ () C:\Windows\Tasks\Google Software Updater.job
2014-02-11 14:13 - 2014-02-11 14:13 - 00017068 _____ () C:\Users\Sajad&Reshad\Desktop\lebenslauf.odt
2014-02-11 11:50 - 2009-08-25 19:02 - 00000000 ____D () C:\Users\salim sayed nesar\AppData\Roaming\Skype
2014-02-11 11:45 - 2013-12-28 13:22 - 00000000 ____D () C:\Users\Sajad&Reshad\AppData\Local\Spotify
2014-02-11 11:24 - 2013-06-24 18:48 - 00000000 ____D () C:\Users\salim sayed nesar\AppData\Local\HTC MediaHub
2014-02-11 11:22 - 2009-07-03 20:31 - 00133432 _____ () C:\Users\salim sayed nesar\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-09 21:48 - 2013-08-23 22:24 - 00022111 _____ () C:\Windows\setupact.log
2014-02-08 21:08 - 2014-02-08 21:06 - 03715736 _____ () C:\Users\Sajad&Reshad\Downloads\Lodovico Satana - Lob des Sexismus - Frauen verstehen verfuehren und behalten.rar
2014-02-06 20:00 - 2009-07-05 11:27 - 00000000 ____D () C:\Users\Sajad&Reshad\AppData\Local\Adobe
2014-02-06 15:33 - 2014-02-06 14:42 - 156544276 _____ () C:\Users\Sajad&Reshad\Downloads\The Weeknd - Kiss Land (Deluxe Edition) (2013).015.rar
2014-02-06 14:18 - 2014-02-06 14:16 - 25180430 _____ () C:\Users\Sajad&Reshad\Downloads\Chris James feat. Pusha T - Love Hates Me [EP] (iTunes).zip
2014-02-05 19:51 - 2012-07-27 13:56 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-05 19:51 - 2011-06-06 17:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-05 09:58 - 2014-02-14 03:03 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-05 09:56 - 2014-02-14 03:03 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-05 09:53 - 2014-02-14 03:03 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-05 09:51 - 2014-02-14 03:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-05 09:50 - 2014-02-14 03:03 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-05 09:49 - 2014-02-14 03:03 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-05 09:49 - 2014-02-14 03:03 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-05 09:48 - 2014-02-14 03:03 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-05 09:48 - 2014-02-14 03:03 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-05 09:48 - 2014-02-14 03:03 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-05 09:48 - 2014-02-14 03:03 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-05 09:48 - 2014-02-14 03:03 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-05 09:47 - 2014-02-14 03:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-05 09:47 - 2014-02-14 03:03 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-05 09:47 - 2014-02-14 03:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-05 09:46 - 2014-02-14 03:03 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-04 22:57 - 2013-03-31 19:45 - 00001967 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-02 19:07 - 2014-02-02 18:58 - 103246267 _____ () C:\Users\Sajad&Reshad\Downloads\Toni Braxton & Babyface - Love, Marriage & Divorce (Album) [mp3].zip
2014-02-02 19:01 - 2014-02-02 18:59 - 06879828 _____ () C:\Users\Sajad&Reshad\Downloads\Mobb Deep - Taking You off Here (iTunes).m4a
2014-01-31 01:44 - 2014-01-31 00:46 - 175553038 _____ () C:\Users\Sajad&Reshad\Downloads\gapogmtkaorgapo.rar
2014-01-31 00:41 - 2014-01-31 00:40 - 102933243 _____ () C:\Users\Sajad&Reshad\Downloads\Lana Del Rey - Quiet Now + From the End [EP].zip
2014-01-30 02:54 - 2014-01-30 02:54 - 00159472 _____ () C:\Windows\Minidump\Mini013014-01.dmp
2014-01-30 02:54 - 2013-11-21 05:26 - 497241836 _____ () C:\Windows\MEMORY.DMP
2014-01-30 02:54 - 2010-01-16 13:54 - 00000000 ____D () C:\Windows\Minidump
2014-01-28 14:37 - 2014-01-28 14:37 - 09799895 _____ () C:\Users\Sajad&Reshad\Downloads\01 Radioactive (ft. Kendrick Lamar).m4a
2014-01-28 14:22 - 2014-01-28 14:11 - 99277397 _____ () C:\Users\Sajad&Reshad\Downloads\Isaiah Rashad - Cilvia Demo (iTunes).zip
2014-01-28 14:15 - 2014-01-28 14:15 - 07562012 _____ () C:\Users\Sajad&Reshad\Downloads\Romeo Santos feat. Drake - Odio (iTunes).m4a
2014-01-28 14:08 - 2014-01-28 14:08 - 05807244 _____ () C:\Users\Sajad&Reshad\Downloads\Icona Pop - Just Another Night (Radio Edit) [iTunes].m4a
2014-01-28 14:08 - 2014-01-28 14:07 - 08908716 _____ () C:\Users\Sajad&Reshad\Downloads\Steve Aoki & Coone - Can't Stop The Swag (iTunes).m4a
2014-01-27 20:55 - 2014-01-27 20:55 - 00020881 _____ () C:\Users\Sajad&Reshad\Desktop\hena präsentation1.odt
2014-01-27 18:01 - 2014-01-27 18:01 - 00163584 _____ () C:\Windows\Minidump\Mini012714-01.dmp
2014-01-27 16:10 - 2014-01-27 15:27 - 131412094 _____ () C:\Users\Sajad&Reshad\Downloads\1Krewella - Get Wet (Deluxe Edition) (2013).rar
2014-01-27 15:41 - 2014-01-27 15:28 - 114695789 _____ () C:\Users\Sajad&Reshad\Downloads\Ace Hood - Starvation 3 (Mixtape).zip
2014-01-26 18:14 - 2014-01-26 18:13 - 08627674 _____ () C:\Users\Sajad&Reshad\Downloads\Will.i.am feat. Miley Cyrus, Wiz Khalifa, French Montana & DJ Mustard - Feelin' Myself (iTunes).m4a
2014-01-25 19:04 - 2010-10-21 20:46 - 00002344 ____H () C:\Users\Sajad&Reshad\Downloads\.picasa.ini
2014-01-24 19:16 - 2014-01-24 19:16 - 00001668 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-24 19:16 - 2014-01-24 19:15 - 00000000 ___DC () C:\Program Files\iTunes
2014-01-24 19:16 - 2014-01-24 19:15 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-01-24 19:15 - 2014-01-24 19:15 - 00000000 ___DC () C:\Program Files\iPod
2014-01-24 19:15 - 2011-04-23 20:54 - 00000000 ___DC () C:\Program Files\Common Files\Apple
2014-01-24 19:05 - 2011-04-23 20:54 - 00000000 ____D () C:\ProgramData\Apple
2014-01-24 14:10 - 2014-01-24 14:10 - 00000000 ___DC () C:\iPod
2014-01-24 00:50 - 2014-01-24 00:50 - 00029220 _____ () C:\Users\Sajad&Reshad\Downloads\Fachbegriffe.odt
2014-01-21 23:17 - 2014-01-21 22:41 - 111618810 _____ () C:\Users\Sajad&Reshad\Downloads\11896__cspr.rar
Files to move or delete:
====================
C:\Users\Sajad&Reshad\hpothb07.dat
C:\Users\salim sayed nesar\hpothb07.dat
Some content of TEMP:
====================
C:\Users\Hena Salim\AppData\Local\Temp\DivXSetup.exe
C:\Users\Hena Salim\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Hena Salim\AppData\Local\Temp\Update_b703.exe
C:\Users\Hena Salim\AppData\Local\Temp\wlsetup-cvr.exe
C:\Users\Sajad&Reshad\AppData\Local\Temp\a1ziquhr.dll
C:\Users\Sajad&Reshad\AppData\Local\Temp\fhxpdjcj.dll
C:\Users\Sajad&Reshad\AppData\Local\Temp\MsgPlusUninstall.exe
C:\Users\Sajad&Reshad\AppData\Local\Temp\pa4oaquk.dll
C:\Users\Sajad&Reshad\AppData\Local\Temp\Quarantine.exe
C:\Users\Sajad&Reshad\AppData\Local\Temp\uninst1.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\DivXSetup.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\FlashPlayerUpdate02.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\FlashPlayerUpdate03.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\GoogleChromeInstaller.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\jre-6u17-windows-i586-iftw-rv.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\MessengerPlusLive_Germany_TB.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\Messenger_Plus_Live_Germany.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\MSNA1F9.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\SkypeSetup.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\Update_17d9.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\Update_5868.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\Update_8186.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\Update_8afb.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\Update_8c99.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\Update_ea88.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\_is3C2C.exe
C:\Users\salim sayed nesar\AppData\Local\Temp\_isC3EA.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-19 12:32
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-02-2014
Ran by Sajad&Reshad at 2014-02-19 13:39:13
Running from C:\Users\Sajad&Reshad\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
Adobe AIR (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.4.0.2540 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader X (10.1.2) - Deutsch (Version: 10.1.2 - Adobe Systems Incorporated)
Apple Application Support (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.41 - Research in Motion Ltd.)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.41 - Research in Motion Ltd.) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
CCleaner (Version: 3.22 - Piriform)
Content Manager 2 (Version: 3.10.0.52790 - NNG Llc.)
Corel MediaOne (Version: 2.100.0000 - Corel Corporation)
CyberLink LabelPrint (Version: 2.5.1616 - CyberLink Corp.)
CyberLink LabelPrint (Version: 2.5.1616 - CyberLink Corp.) Hidden
CyberLink MediaShow (Version: 4.1.2609 - CyberLink Corp.)
CyberLink MediaShow (Version: 4.1.2609 - CyberLink Corp.) Hidden
CyberLink PhotoNow (Version: 1.1.5615 - CyberLink Corp.)
CyberLink PhotoNow (Version: 1.1.5615 - CyberLink Corp.) Hidden
CyberLink Power2Go (Version: 6.1.2806 - CyberLink Corp.)
CyberLink Power2Go (Version: 6.1.2806 - CyberLink Corp.) Hidden
CyberLink PowerDirector (Version: 7.0.2718 - CyberLink Corp.)
CyberLink PowerDirector (Version: 7.0.2718 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (Version: 9.0.1531 - CyberLink Corp.)
CyberLink PowerDVD 9 (Version: 9.0.1531 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (Version: 1.0.5611 - CyberLink Corp.)
CyberLink PowerProducer (Version: 5.0.1.1412 - CyberLink Corp.)
CyberLink PowerProducer (Version: 5.0.1.1412 - CyberLink Corp.) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
devolo dLAN Cockpit (Version: 4.1.3.0 - devolo AG)
DivX-Setup (Version: 2.6.1.9 - DivX, LLC)
dLAN Cockpit (Version: 3.2.28 - devolo AG) Hidden
dLAN Cockpit (Version: 3.23.12 - devolo AG) Hidden
Facebook Video Calling 2.0.0.447 (Version: 2.0.447 - Skype Limited)
Favorit (Version: - )
FormatFactory 3.0.1 (Version: 3.0.1 - Free Time)
Free System Utilities (Version: 1.0.0 - Covus Freemium GmbH)
Free SystemUtilities (Version: 1.0.0 - Covus Freemium GmbH) Hidden
Google Chrome (Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
Google Updater (Version: 2.4.2432.1652 - Google Inc.)
HashTab 4.0.0.1 (Version: 4.0.0.1 - Implbits Software)
Hercules DualPix Exchange Webcam (Version: 2.8.0.0 - Hercules)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (Version: 140.0.61.61 - Hewlett Packard)
HP Foto- und Bildbearbeitung 2.0 - All-in-One (Version: 1.10.0000 - Hewlett-Packard Company) Hidden
HP Foto- und Bildbearbeitung 2.0 All-in-One Treiber (Version: 1.10.0000 - Hewlett-Packard Company) Hidden
HP Photo Creations (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
HP Update (Version: 5.002.005.003 - Hewlett-Packard)
HTC Driver Installer (Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (Version: 2.4.11.0 - HTC)
Intel(R) Matrix Storage Manager (Version: - )
IPTInstaller (Version: 4.0.8 - HTC)
iTunes (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 21 (Version: 7.0.210 - Oracle)
Java Auto Updater (Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG Bluetooth Drivers (Version: 1.1 - LG Electronics)
LG On-Screen Phone (Version: 4.0.004.130823 - LG Electronics)
LG PC Suite (Version: 5.2.33.20130406 - LG Electronics)
LG United Mobile Drivers (Version: 3.10.1.0 - LG Electronics)
LightScribe System Software (Version: 1.18.1.1 - LightScribe)
MCE Software Encoder 1.1 (Version: 1.1.0.1918 - CyberLink Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Search Enhancement Pack (Version: 3.0.133.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (Version: 9.7.0621 - Microsoft Corporation)
MotoHelper MergeModules (Version: 1.0.0 - Motorola) Hidden
MotoHelper MergeModules (Version: 1.2.0 - Motorola) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0 - Microsoft Corporation)
Naviextras Toolbox Prerequesities (Version: 1.0.0 - NNG Llc.)
Norton Internet Security (Version: 21.1.0.18 - Symantec Corporation)
NVIDIA Display Control Panel (Version: 6.14.11.9745 - NVIDIA Corporation)
NVIDIA Drivers (Version: 1.10.59.37 - NVIDIA Corporation)
NVIDIA PhysX (Version: 9.09.0203 - NVIDIA Corporation)
O&O MediaRecovery (Version: 4.1.1322 - O&O Software GmbH)
OpenOffice.org 3.4.1 (Version: 3.41.9593 - Apache Software Foundation)
PDF Creator (Remove Only) (Version: - )
PhotoScape (Version: - )
Picasa 3 (Version: 3.9 - Google, Inc.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Radio.fx (Version: - Tobit.Software)
Realtek High Definition Audio Driver (Version: 6.0.1.5783 - Realtek Semiconductor Corp.)
Samsung Kies (Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skype™ 6.3 (Version: 6.3.105 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0 - Adobe Systems Incorporated)
Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)
Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten (Version: 22.0.334.0 - Hewlett-Packard Co.)
Text-To-Speech-Runtime (Version: 1.0.0.0 - Magix Development GmbH)
TI Connect 1.6 (Version: 1.6 - Texas Instruments Incorporated)
TubeBox (Version: 4.3.0.29 - Freetec)
TubeBox (Version: 4.3.0.29 - Freetec) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update Manager (Version: 4.60 - Corel Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VirtualDJ PRO Full (Version: 7.0.5 - Atomix Productions)
Vista Codec Package (Version: 6.5.2 - Shark007)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live OneCare safety scanner (Version: - Microsoft Corporation)
Windows Live OneCare safety scanner (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR (Version: - )
==================== Restore Points =========================
10-02-2014 19:31:49 Geplanter Prüfpunkt
12-02-2014 22:31:11 Geplanter Prüfpunkt
14-02-2014 02:00:23 Windows Update
14-02-2014 15:41:40 Malwarebytes Anti-Rootkit Restore Point
16-02-2014 01:06:49 Geplanter Prüfpunkt
16-02-2014 23:50:42 Geplanter Prüfpunkt
17-02-2014 16:11:32 Geplanter Prüfpunkt
18-02-2014 17:55:30 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0154C0A6-51E7-4DE8-85FA-136835883FDA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-08-22] (Piriform Ltd)
Task: {0AE1DC1E-549C-4125-9E04-74F074A17715} - System32\Tasks\{1D950037-A881-455E-B930-76952ED22F84} => C:\Program Files\Skype\Phone\Skype.exe [2013-03-01] (Skype Technologies S.A.)
Task: {0C399BEB-CF46-4910-934E-C830EDCE2455} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2F3AE6DA-BB0B-43A7-817B-ABFC0E20DD12} - System32\Tasks\B2CNotiAgent => C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [2011-09-28] (LG Electronics)
Task: {2F866152-B08A-4BF8-ADC0-A20A75D75B36} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {31D068BD-E9EA-49D3-A67C-74A663605B7F} - System32\Tasks\{00C9DD31-3756-42D6-BD46-060BEA52D39A} => C:\Program Files\Skype\\Phone\Skype.exe [2013-03-01] (Skype Technologies S.A.)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3DA1AB8B-D5A3-4F81-9B95-38A782E55053} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {49033FBF-1255-4E36-91E4-792C5097090E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-12] (Google Inc.)
Task: {4ABDD762-2BB7-40EB-AD20-868FD6D035FB} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {87B7FF0B-4B1F-4EA6-81B7-7F58126D03E6} - System32\Tasks\{8351B51D-20CF-459E-BF86-359CFC19F62E} => C:\Program Files\Skype\\Phone\Skype.exe [2013-03-01] (Skype Technologies S.A.)
Task: {9307F5CB-CF8F-4375-96E4-F756A87E73E3} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29] ()
Task: {940B6BCF-A8ED-471E-94EB-72B18C639343} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09] (Sun Microsystems, Inc.)
Task: {98FE7D77-AA1D-4BFE-99EC-FC9B59FD8A48} - System32\Tasks\Freemium1ClickMaint => C:\Program Files\Covus Freemium\Free System Utilities\1Click.exe [2013-02-21] ()
Task: {B568C5F8-DA1F-4F60-9758-0AA2F9C335AB} - System32\Tasks\motorola software update => C:\Program Files\Motorola\Software Update\mumservice.exe
Task: {B84D064F-A601-4489-9B86-785DF12F6CDA} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {C5C3829E-8351-488A-BBAE-2B58FCAD079D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-141697217-1107933014-2458016846-1002Core => C:\Users\Sajad&Reshad\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {CA048E24-EF7E-47A7-B19D-7502D5F9E809} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-141697217-1107933014-2458016846-1002UA => C:\Users\Sajad&Reshad\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {D77889E9-F2C4-4F00-9C55-79A804762D6E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-12] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {E85339A6-AF7C-4D55-A184-33236D5BA833} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {FCDCF9BB-309D-4271-852C-034E852215BE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-141697217-1107933014-2458016846-1002Core.job => C:\Users\Sajad&Reshad\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-141697217-1107933014-2458016846-1002UA.job => C:\Users\Sajad&Reshad\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2010-02-24 17:48 - 2009-12-12 15:12 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-14 03:29 - 2014-02-14 03:29 - 01952256 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\20f765310056b5791cc831866489f9d4\Kies.UI.ni.dll
2014-02-14 03:29 - 2014-02-14 03:29 - 00079360 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\068a8a30ae4dc072dc039d515893f7ec\Kies.MVVM.ni.dll
2014-02-14 03:29 - 2014-02-14 03:29 - 00189952 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\b32019341f62a3cab9e1c14a9c880ad8\Kies.Common.DeviceServiceLib.Interface.ni.dll
2014-02-14 03:30 - 2014-02-14 03:30 - 00367104 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\6fe562827bdb1873e2f20b5d71ae0029\DevicePhoto.ni.dll
2014-02-14 03:30 - 2014-02-14 03:30 - 00301568 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\5f67b90182e16f4230c2323d80f39137\DeviceVideo.ni.dll
2014-02-14 03:30 - 2014-02-14 03:30 - 00616448 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\c6d03299096f3231057d9b071795c365\DevicePodcast.ni.dll
2014-02-14 03:30 - 2014-02-14 03:30 - 00307200 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\64e4588e7e5b0fed092f978ca2ebad09\DummyStorePlugin.ni.dll
2014-02-14 03:30 - 2014-02-14 03:30 - 14972928 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\dd32f6be1ff32171e2ac31c1ae4d6b32\Kies.Theme.ni.dll
2014-02-14 03:30 - 2014-02-14 03:30 - 00581632 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\ee366104238f42a349bdbcd1f305aced\Kies.Common.DeviceServiceLib.FileService.ni.dll
2014-02-14 03:29 - 2014-02-14 03:29 - 00046592 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\3183da5abb5bc10e45fdc6de5b0d13a7\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
2014-02-14 03:30 - 2014-02-14 03:30 - 01002496 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\e040ae0c4688228ccc0f7574b91d035a\DeviceCommonLib.ni.dll
2014-02-14 03:30 - 2014-02-14 03:30 - 00232960 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\27af83e8dc27ee77fd22031801f3c5f1\ASF_cSharpAPI.ni.dll
2013-11-15 16:46 - 2013-11-15 16:46 - 00821600 ____C () C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
2013-04-04 10:00 - 2013-04-04 10:00 - 03502080 ____C () C:\Program Files\VistaCodecPack\filters\ffdshow.ax
2009-08-11 14:19 - 2009-08-11 14:19 - 00797184 ____C () C:\Program Files\FreeTime\FormatFactory\FFModules\Filters\ac3filter.ax
2014-02-04 22:56 - 2014-02-02 00:42 - 04055368 ____C () C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-04 22:56 - 2014-02-02 00:42 - 00399688 ____C () C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-04 22:56 - 2014-02-02 00:41 - 01634632 ____C () C:\Program Files\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
2014-02-14 01:23 - 2014-02-14 01:23 - 00358400 _____ () C:\Users\Sajad&Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.6.5_0\plugins\screen_capture.dll
2014-02-04 22:56 - 2014-02-02 00:42 - 13616456 ____C () C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:671329E4
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: B2C_AGENT => C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
MSCONFIG\startupreg: PlusService => C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
==================== Faulty Device Manager Devices =============
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: isatap.{514FEB48-714A-4513-8F99-C9DB7EA20FBA}
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Generic Flash HS-CF USB Device
Description: Laufwerk
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardlaufwerke)
Service: disk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Generic Flash HS-SM USB Device
Description: Laufwerk
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardlaufwerke)
Service: disk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/19/2014 00:27:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/18/2014 11:53:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/18/2014 05:05:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/18/2014 01:38:24 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/17/2014 11:00:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/17/2014 05:46:36 PM) (Source: MsiInstaller) (User: Salim-PC)
Description: Produkt: Adobe Reader X (10.1.9) - Deutsch - Update "Adobe Reader X (10.1.9)" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (02/17/2014 05:46:35 PM) (Source: MsiInstaller) (User: Salim-PC)
Description: Produkt: Adobe Reader X (10.1.9) - Deutsch -- Fehler 1606. Zugriff auf die Netzwerkadresse 0\ war nicht möglich.
Error: (02/17/2014 05:46:35 PM) (Source: MsiInstaller) (User: Salim-PC)
Description: Produkt: Adobe Reader X (10.1.9) - Deutsch -- Fehler 1606. Zugriff auf die Netzwerkadresse 0\ war nicht möglich.
Error: (02/17/2014 11:18:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/16/2014 10:30:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (02/19/2014 00:30:58 PM) (Source: Service Control Manager) (User: )
Description: UPnP-GerätehostSSDP-Suche%%1058
Error: (02/19/2014 00:29:34 PM) (Source: Service Control Manager) (User: )
Description: UPnP-GerätehostSSDP-Suche%%1058
Error: (02/19/2014 00:29:33 PM) (Source: DCOM) (User: )
Description: 1068upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}
Error: (02/19/2014 00:28:08 PM) (Source: DCOM) (User: )
Description: {0228576F-6E6C-4E1A-B175-0E46A316AFE2}
Error: (02/19/2014 00:27:51 PM) (Source: Service Control Manager) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1068
Error: (02/19/2014 00:27:51 PM) (Source: Service Control Manager) (User: )
Description: UPnP-GerätehostSSDP-Suche%%1058
Error: (02/19/2014 00:27:48 PM) (Source: Service Control Manager) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1068
Error: (02/19/2014 00:27:48 PM) (Source: Service Control Manager) (User: )
Description: UPnP-GerätehostSSDP-Suche%%1058
Error: (02/19/2014 00:25:25 PM) (Source: Microsoft-Windows-TaskScheduler) (User: NT-AUTORITÄT)
Description: 2147942402
Error: (02/19/2014 00:06:44 AM) (Source: Service Control Manager) (User: )
Description: UPnP-GerätehostSSDP-Suche%%1058
Microsoft Office Sessions:
=========================
Error: (02/19/2014 00:27:19 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/18/2014 11:53:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/18/2014 05:05:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/18/2014 01:38:24 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/17/2014 11:00:56 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/17/2014 05:46:36 PM) (Source: MsiInstaller)(User: Salim-PC)
Description: Adobe Reader X (10.1.9) - DeutschAdobe Reader X (10.1.9)1603(NULL)(NULL)
Error: (02/17/2014 05:46:35 PM) (Source: MsiInstaller)(User: Salim-PC)
Description: Produkt: Adobe Reader X (10.1.9) - Deutsch -- Fehler 1606. Zugriff auf die Netzwerkadresse 0\ war nicht möglich.(NULL)(NULL)(NULL)(NULL)
Error: (02/17/2014 05:46:35 PM) (Source: MsiInstaller)(User: Salim-PC)
Description: Produkt: Adobe Reader X (10.1.9) - Deutsch -- Fehler 1606. Zugriff auf die Netzwerkadresse 0\ war nicht möglich.(NULL)(NULL)(NULL)(NULL)
Error: (02/17/2014 11:18:38 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/16/2014 10:30:05 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-02-19 13:38:42.012
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-19 13:38:41.545
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-19 13:38:41.069
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-19 13:38:40.613
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-19 13:38:40.150
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-19 13:38:39.670
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-19 13:38:39.221
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-19 13:38:38.774
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-19 13:38:23.515
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-19 13:38:23.044
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 61%
Total physical RAM: 3325.27 MB
Available physical RAM: 1296.84 MB
Total Pagefile: 6844.48 MB
Available Pagefile: 4513.81 MB
Total Virtual: 2047.88 MB
Available Virtual: 1904.45 MB
==================== Drives ================================
Drive c: (BOOT) (Fixed) (Total:911.51 GB) (Free:218.72 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:7.63 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: F98D6E74)
Partition 1: (Active) - (Size=912 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
|
| Themen zu Windows Vista : SoftwareUpdater.ui.exe Problem beheben |
| 4d36e972-e325-11ce-bfc1-08002be10318, askbar, browser, desktop, error, fehlercode 1, flash player, freemium, helper, home, homepage, installation, internet, mail.de, minidump, mozilla, mp3, msiinstaller, nicht installiert, ntdll.dll, problem, prozess, registry, required, scan, security, server, shark, smartbar, software, spotify web helper, svchost.exe, symantec, trojaner, usb, vista, windows |
