FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-10-2013
Ran by ***** (administrator) on JFK1984-PC on 23-10-2013 12:49:38
Running from C:\Users\*****\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Telefónica) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Dropbox, Inc.) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\QuickSet.exe [3179288 2010-01-06] (Dell Inc.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-03-17] (Synaptics Incorporated)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-02-03] (Dell Inc.)
HKLM\...\Run: [CDAServer] - C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [438784 2010-12-17] ()
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] - "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [559616 2011-10-07] (Dell)
HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [842680 2012-10-11] (Samsung)
HKCU\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [309688 2012-10-11] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [Facebook Update] - C:\Users\*****\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [580096 2012-10-09] (Samsung Electronics)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [966072 2012-10-11] (Samsung)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [842680 2012-10-11] (Samsung)
MountPoints2: E - E:\AutoRun.exe
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-06-08] (Intel Corporation)
HKLM-x32\...\Run: [Desktop Disc Tool] - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160 2009-10-15] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-20] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807680 2010-02-09] ()
HKLM-x32\...\Run: [DivXUpdate] - "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1564872 2012-06-06] (Ask)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] - C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [929272 2013-07-16] (Sophos Limited)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [527864 2012-12-10] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL [217672 2013-10-21] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL [275352 2013-10-21] (Sophos Limited)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {FCA07C89-18AE-4DF3-8337-2C0CC3B496B7} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=YYYYYYYYDE&apn_uid=A5EF5F74-B7CC-461A-B22B-B087A4A5783C&apn_sauid=23E1729D-96E4-4E37-8768-3CD4EC3C63B4
SearchScopes: HKCU - {FCA07C89-18AE-4DF3-8337-2C0CC3B496B7} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=YYYYYYYYDE&apn_uid=A5EF5F74-B7CC-461A-B22B-B087A4A5783C&apn_sauid=23E1729D-96E4-4E37-8768-3CD4EC3C63B4
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
BHO-x32: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [132904] (Sophos Limited)
Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [132904] (Sophos Limited)
Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [132904] (Sophos Limited)
Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [132904] (Sophos Limited)
Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [132904] (Sophos Limited)
Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [132904] (Sophos Limited)
Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [132904] (Sophos Limited)
Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [132904] (Sophos Limited)
Winsock: Catalog9-x64 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [132904] (Sophos Limited)
Tcpip\..\Interfaces\{C2D726E2-2BBE-47C2-9769-CC23DB1DC742}: [NameServer]192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default
FF user.js: detected! => C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\user.js
FF SearchEngineOrder.1: Ask.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\*****\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\icq-search.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\icqplugin.gif
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\icqplugin.src
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Yahoo! Toolbar - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: No Name - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: DivXWebPlayer - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\Extensions\DivXWebPlayer@divx.com.xpi
FF Extension: groovesharkUnlocker - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vcbdu1yj.default\Extensions\groovesharkUnlocker@overlord1337.xpi
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
Chrome:
=======
CHR Extension: (DivX HiQ) - C:\Users\JULIUS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\JULIUS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx
==================== Services (Whitelisted) =================
S3 COMSysApp; C:\Windows\SysWow64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S3 msiserver; C:\Windows\SysWow64\msiexec.exe [73216 2010-11-20] (Microsoft Corporation)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [290296 2013-10-21] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [206328 2013-10-21] (Sophos Limited)
R2 Sophos Agent; C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe [289856 2012-09-17] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [237048 2013-07-16] (Sophos Limited)
R2 Sophos Message Router; C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe [818240 2012-09-17] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [357400 2012-08-08] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3109880 2013-10-21] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2012152 2013-10-21] (Sophos Limited)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [201344 2012-01-10] (Telefónica)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE [48128 2010-02-03] (Dell Inc.)
R2 WSearch; C:\Windows\SysWow64\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20568 2010-05-25] (Devguru Co., Ltd)
S3 L6PODHD3; C:\Windows\System32\Drivers\L6PODHD364.sys [772096 2012-07-11] (Line 6)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2010-10-15] (ZTE Incorporated)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [154952 2013-07-16] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [36640 2012-08-08] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [25608 2012-08-08] (Sophos Plc)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-23 12:36 - 2013-10-23 12:49 - 00053466 _____ C:\Users\*****\Desktop\FRST.txt
2013-10-23 12:36 - 2013-10-23 12:36 - 00000017 _____ C:\Users\*****\AppData\Local\resmon.resmoncfg
2013-10-23 11:32 - 2013-10-23 11:32 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2013-10-23 11:04 - 2013-10-23 11:04 - 00000000 ____D C:\FRST
2013-10-23 11:03 - 2013-10-23 12:09 - 00000486 _____ C:\Users\*****\Desktop\defogger_disable.log
2013-10-23 11:03 - 2013-10-23 11:03 - 00000000 _____ C:\Users\*****\defogger_reenable
2013-10-23 11:01 - 2013-10-23 11:01 - 00377856 _____ C:\Users\*****\Desktop\gmer_2.1.19163.exe
2013-10-23 10:45 - 2013-10-23 10:45 - 01954682 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2013-10-23 10:44 - 2013-10-23 10:44 - 00050477 _____ C:\Users\*****\Desktop\Defogger.exe
2013-10-23 10:40 - 2013-10-23 10:43 - 00000000 ____D C:\Users\*****\AppData\Local\Mobogenie
2013-10-23 10:40 - 2013-10-23 10:40 - 00000000 ____D C:\Users\*****\Documents\Mobogenie
2013-10-23 10:40 - 2013-10-23 10:40 - 00000000 ____D C:\Users\*****\AppData\Local\cache
2013-10-23 10:40 - 2013-10-23 10:40 - 00000000 _____ C:\Users\*****\daemonprocess.txt
2013-10-23 10:39 - 2013-10-23 11:44 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-23 10:39 - 2013-10-23 10:51 - 00000000 ____D C:\Users\*****\AppData\Roaming\Systweak
2013-10-23 10:39 - 2013-10-23 10:50 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-23 10:39 - 2013-10-23 10:47 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-10-23 10:39 - 2013-10-23 10:39 - 00003278 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-23 10:39 - 2013-10-23 10:39 - 00000312 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-23 10:39 - 2013-10-23 10:39 - 00000000 ____D C:\Users\*****\AppData\Roaming\DigitalSite
2013-10-23 10:39 - 2013-10-23 10:39 - 00000000 ____D C:\Users\*****\AppData\Local\BonanzaDealsLive
2013-10-23 10:39 - 2013-10-23 10:39 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-23 10:39 - 2013-07-22 16:07 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2013-10-23 10:38 - 2013-10-23 10:38 - 00000000 ____D C:\ProgramData\Babylon
2013-10-23 09:55 - 2013-10-23 09:55 - 00602112 _____ (OldTimer Tools) C:\Users\*****\Desktop\OTL.exe
2013-10-23 09:35 - 2013-10-23 09:36 - 90791696 _____ (Microsoft Corporation) C:\Users\*****\Downloads\msert.exe
2013-10-21 18:28 - 2013-10-21 18:27 - 00037880 _____ (Sophos Limited) C:\Windows\system32\SophosBootTasks.exe
2013-10-21 17:30 - 2013-10-21 17:30 - 00000000 ____D C:\ProgramData\Oracle
2013-10-21 17:30 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-21 17:30 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-21 17:30 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-21 17:30 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-21 17:29 - 2013-10-21 17:30 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-19 13:59 - 2013-10-19 13:59 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-11 09:20 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-11 09:20 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-11 09:20 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-11 09:20 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-11 09:20 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-11 09:20 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-11 09:20 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-11 09:20 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-11 09:20 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-11 09:20 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-11 09:20 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-11 09:20 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-11 09:20 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-11 09:20 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-11 09:20 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-11 03:06 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-11 03:06 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-11 03:06 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-11 03:06 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-11 03:06 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-11 03:06 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-11 03:06 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-11 03:06 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-11 03:06 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-11 03:06 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-11 03:06 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-11 03:06 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-11 03:06 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-11 03:06 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-11 03:06 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-11 03:06 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-11 03:06 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-11 03:06 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-11 03:06 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-11 03:06 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-11 03:06 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-11 03:06 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-11 03:06 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-11 03:06 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-11 03:06 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-11 03:06 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-11 03:06 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-11 03:06 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-11 03:06 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-11 03:06 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 03:06 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-09 07:40 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-09 07:40 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-09 07:40 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 07:40 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-09 07:40 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-09 07:40 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-09 07:40 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-09 07:40 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 07:40 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-09 07:40 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-09 07:40 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-09 07:40 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 07:40 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 07:40 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 07:39 - 2013-09-14 03:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-09 07:39 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-09 07:39 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-09 07:39 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-09 07:39 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 07:39 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 07:39 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 07:39 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-09 07:39 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-09 07:39 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-09 07:39 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-09 07:39 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-09 07:39 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-09 07:39 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 07:39 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-09 07:38 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-09 07:38 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 07:37 - 2013-09-04 14:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-09 07:37 - 2013-09-04 14:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-09 07:37 - 2013-09-04 14:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-09 07:37 - 2013-09-04 14:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-09 07:37 - 2013-09-04 14:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-09 07:37 - 2013-09-04 14:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-09 07:37 - 2013-09-04 14:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-08 17:11 - 2013-10-08 17:11 - 00002114 _____ C:\Users\Public\Desktop\Mobile Connection Manager.lnk
2013-10-08 17:10 - 2013-10-08 17:10 - 00000000 ____D C:\Windows\massfilter
2013-10-08 17:10 - 2010-12-07 16:25 - 00234496 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbwwan.sys
2013-10-08 17:10 - 2010-11-26 13:33 - 00011776 _____ (MBB Incorporated) C:\Windows\system32\Drivers\massfilter.sys
2013-10-08 17:10 - 2010-11-19 15:38 - 00019968 _____ (ZTE Corporation) C:\Windows\system32\Drivers\zte_massejct.sys
2013-10-08 17:10 - 2010-10-15 08:50 - 00123520 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbser6k.sys
2013-10-08 17:10 - 2010-10-15 08:50 - 00123520 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbnmeaext2.sys
2013-10-08 17:10 - 2010-10-15 08:50 - 00123520 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbnmea.sys
2013-10-08 17:10 - 2010-10-15 08:50 - 00123520 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbmdm6k.sys
2013-10-08 17:10 - 2010-10-15 08:50 - 00018432 _____ (ZTE) C:\Windows\system32\Drivers\ZTEusbccid.sys
2013-10-08 17:10 - 2010-10-15 08:50 - 00012800 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\massfilter_hs.sys
2013-10-08 16:50 - 2013-10-08 17:09 - 00000000 ____D C:\Program Files (x86)\o2
2013-10-08 16:50 - 2013-10-08 16:50 - 00000000 ____D C:\Users\*****\AppData\Roaming\TGCMLog
2013-10-08 16:50 - 2013-10-08 16:50 - 00000000 ____D C:\Users\*****\AppData\Roaming\Telefónica
2013-10-07 08:07 - 2013-10-07 08:07 - 00001785 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-07 08:06 - 2013-10-07 08:07 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-07 08:06 - 2013-10-07 08:07 - 00000000 ____D C:\Program Files\iTunes
2013-10-07 08:06 - 2013-10-07 08:07 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-07 08:06 - 2013-10-07 08:06 - 00000000 ____D C:\Program Files\iPod
==================== One Month Modified Files and Folders =======
2013-10-23 12:49 - 2013-10-23 12:36 - 00053466 _____ C:\Users\*****\Desktop\FRST.txt
2013-10-23 12:36 - 2013-10-23 12:36 - 00000017 _____ C:\Users\*****\AppData\Local\resmon.resmoncfg
2013-10-23 12:22 - 2009-07-14 06:45 - 00013872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-23 12:22 - 2009-07-14 06:45 - 00013872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-23 12:18 - 2010-11-30 08:21 - 01326385 _____ C:\Windows\WindowsUpdate.log
2013-10-23 12:16 - 2011-07-17 11:08 - 00000000 ___RD C:\Users\*****\Dropbox
2013-10-23 12:16 - 2011-07-17 11:07 - 00000000 ____D C:\Users\*****\AppData\Roaming\Dropbox
2013-10-23 12:15 - 2010-12-06 19:45 - 00001118 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-23 12:15 - 2010-12-03 10:15 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2013-10-23 12:15 - 2010-12-03 10:15 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2013-10-23 12:15 - 2010-11-30 09:40 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-10-23 12:15 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-23 12:14 - 2009-07-14 06:51 - 00138716 _____ C:\Windows\setupact.log
2013-10-23 12:09 - 2013-10-23 11:03 - 00000486 _____ C:\Users\*****\Desktop\defogger_disable.log
2013-10-23 12:01 - 2012-07-19 14:55 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-23 12:00 - 2012-03-31 22:19 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-23 11:51 - 2012-04-13 14:41 - 00001166 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-531167019-474571096-1486909408-1001UA.job
2013-10-23 11:44 - 2013-10-23 10:39 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-23 11:32 - 2013-10-23 11:32 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2013-10-23 11:04 - 2013-10-23 11:04 - 00000000 ____D C:\FRST
2013-10-23 11:03 - 2013-10-23 11:03 - 00000000 _____ C:\Users\*****\defogger_reenable
2013-10-23 11:03 - 2010-12-03 10:13 - 00000000 ____D C:\Users\*****
2013-10-23 11:01 - 2013-10-23 11:01 - 00377856 _____ C:\Users\*****\Desktop\gmer_2.1.19163.exe
2013-10-23 10:52 - 2010-11-30 09:35 - 00068214 _____ C:\Windows\PFRO.log
2013-10-23 10:51 - 2013-10-23 10:39 - 00000000 ____D C:\Users\*****\AppData\Roaming\Systweak
2013-10-23 10:50 - 2013-10-23 10:39 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-23 10:47 - 2013-10-23 10:39 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-10-23 10:47 - 2010-12-03 10:13 - 00000000 ___RD C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-23 10:45 - 2013-10-23 10:45 - 01954682 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2013-10-23 10:44 - 2013-10-23 10:44 - 00050477 _____ C:\Users\*****\Desktop\Defogger.exe
2013-10-23 10:43 - 2013-10-23 10:40 - 00000000 ____D C:\Users\*****\AppData\Local\Mobogenie
2013-10-23 10:40 - 2013-10-23 10:40 - 00000000 ____D C:\Users\*****\Documents\Mobogenie
2013-10-23 10:40 - 2013-10-23 10:40 - 00000000 ____D C:\Users\*****\AppData\Local\cache
2013-10-23 10:40 - 2013-10-23 10:40 - 00000000 _____ C:\Users\*****\daemonprocess.txt
2013-10-23 10:39 - 2013-10-23 10:39 - 00003278 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-23 10:39 - 2013-10-23 10:39 - 00000312 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-23 10:39 - 2013-10-23 10:39 - 00000000 ____D C:\Users\*****\AppData\Roaming\DigitalSite
2013-10-23 10:39 - 2013-10-23 10:39 - 00000000 ____D C:\Users\*****\AppData\Local\BonanzaDealsLive
2013-10-23 10:39 - 2013-10-23 10:39 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-23 10:38 - 2013-10-23 10:38 - 00000000 ____D C:\ProgramData\Babylon
2013-10-23 10:26 - 2010-11-30 10:12 - 00654852 _____ C:\Windows\system32\perfh007.dat
2013-10-23 10:26 - 2010-11-30 10:12 - 00130434 _____ C:\Windows\system32\perfc007.dat
2013-10-23 10:26 - 2009-07-14 07:13 - 01500294 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-23 10:19 - 2012-01-15 15:56 - 00000099 _____ C:\Users\Public\LMDebug.log
2013-10-23 09:55 - 2013-10-23 09:55 - 00602112 _____ (OldTimer Tools) C:\Users\*****\Desktop\OTL.exe
2013-10-23 09:36 - 2013-10-23 09:35 - 90791696 _____ (Microsoft Corporation) C:\Users\*****\Downloads\msert.exe
2013-10-23 08:51 - 2012-04-13 14:41 - 00001144 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-531167019-474571096-1486909408-1001Core.job
2013-10-22 18:52 - 2010-12-06 17:38 - 00000000 ____D C:\Users\*****\Documents\Max Payne 2 Savegames
2013-10-21 18:28 - 2011-01-27 10:17 - 00000000 ____D C:\ProgramData\Sophos
2013-10-21 18:27 - 2013-10-21 18:28 - 00037880 _____ (Sophos Limited) C:\Windows\system32\SophosBootTasks.exe
2013-10-21 17:30 - 2013-10-21 17:30 - 00000000 ____D C:\ProgramData\Oracle
2013-10-21 17:30 - 2013-10-21 17:29 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-21 17:30 - 2011-07-06 15:22 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-19 16:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-10-19 13:59 - 2013-10-19 13:59 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-19 13:59 - 2013-07-29 21:32 - 00001933 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-14 19:10 - 2013-07-10 21:13 - 00000000 _____ C:\Windows\system32\vireng.log
2013-10-12 15:56 - 2010-12-06 19:45 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-12 15:56 - 2010-12-06 19:45 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-12 15:39 - 2011-07-17 11:08 - 00001048 _____ C:\Users\*****\Desktop\Dropbox.lnk
2013-10-12 15:39 - 2011-07-17 11:07 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-10-11 09:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-11 03:28 - 2009-07-14 06:45 - 00315536 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-09 17:01 - 2012-03-31 22:19 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 17:01 - 2012-03-31 22:19 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-09 17:01 - 2011-07-25 19:23 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 08:32 - 2012-03-31 22:21 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-09 08:32 - 2012-03-31 22:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-09 08:25 - 2013-07-17 20:02 - 00000000 ____D C:\Windows\system32\MRT
2013-10-09 08:23 - 2010-12-08 16:34 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-08 17:11 - 2013-10-08 17:11 - 00002114 _____ C:\Users\Public\Desktop\Mobile Connection Manager.lnk
2013-10-08 17:10 - 2013-10-08 17:10 - 00000000 ____D C:\Windows\massfilter
2013-10-08 17:10 - 2010-11-30 09:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-08 17:09 - 2013-10-08 16:50 - 00000000 ____D C:\Program Files (x86)\o2
2013-10-08 16:50 - 2013-10-08 16:50 - 00000000 ____D C:\Users\*****\AppData\Roaming\TGCMLog
2013-10-08 16:50 - 2013-10-08 16:50 - 00000000 ____D C:\Users\*****\AppData\Roaming\Telefónica
2013-10-08 07:50 - 2013-10-21 17:30 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 07:46 - 2013-10-21 17:30 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 07:46 - 2013-10-21 17:30 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 07:46 - 2013-10-21 17:30 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-07 08:07 - 2013-10-07 08:07 - 00001785 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-07 08:07 - 2013-10-07 08:06 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-07 08:07 - 2013-10-07 08:06 - 00000000 ____D C:\Program Files\iTunes
2013-10-07 08:07 - 2013-10-07 08:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-07 08:06 - 2013-10-07 08:06 - 00000000 ____D C:\Program Files\iPod
2013-09-27 10:35 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-24 16:55 - 2011-01-17 22:04 - 00000000 ____D C:\Users\*****\AppData\Roaming\SoftGrid Client
2013-09-23 01:28 - 2013-10-11 03:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-11 03:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-11 03:06 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-23 01:27 - 2013-10-11 03:06 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-11 03:06 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-11 03:06 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-11 03:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-11 03:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-11 03:06 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-23 01:27 - 2013-10-11 03:06 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-23 01:27 - 2013-10-11 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-23 01:27 - 2013-10-11 03:06 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-23 01:27 - 2013-10-11 03:06 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-23 00:55 - 2013-10-11 03:06 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 00:55 - 2013-10-11 03:06 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-11 03:06 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-11 03:06 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-11 03:06 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-11 03:06 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-11 03:06 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-11 03:06 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-11 03:06 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-23 00:54 - 2013-10-11 03:06 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-23 00:54 - 2013-10-11 03:06 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-23 00:54 - 2013-10-11 03:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-23 00:54 - 2013-10-11 03:06 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-23 00:54 - 2013-10-11 03:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
Files to move or delete:
====================
C:\Users\*****\MaxPayne2.exe
Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\0a50e25a83046228c11dcaa7eeed09bb.exe
C:\Users\*****\AppData\Local\Temp\20130824084532366jniverify.dll
C:\Users\*****\AppData\Local\Temp\ApnStub.exe
C:\Users\*****\AppData\Local\Temp\AskSLib.dll
C:\Users\*****\AppData\Local\Temp\BackupSetup.exe
C:\Users\*****\AppData\Local\Temp\card_setup.exe
C:\Users\*****\AppData\Local\Temp\fq6bcbtn.dll
C:\Users\*****\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\L6GPInst.dll
C:\Users\*****\AppData\Local\Temp\qjnxrluh.dll
C:\Users\*****\AppData\Local\Temp\setup.exe
C:\Users\*****\AppData\Local\Temp\tbt_9tfc.dll
C:\Users\*****\AppData\Local\Temp\txkgk6ln.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-21 11:48
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
--- --- ---
--- --- ---
--- --- ---
Additional txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-10-2013
Ran by ***** at 2013-10-23 12:50:19
Running from C:\Users\*****\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Sophos Anti-Virus (Enabled - Up to date) {65FBD860-96D8-75EF-C7ED-7BE27E6C498A}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Sophos Anti-Virus (Enabled - Up to date) {DE9A3984-B0E2-7A61-FD5D-409005EB0337}
==================== Installed Programs ======================
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader X (10.1.8) - Deutsch (x32 Version: 10.1.8)
Advanced Audio FX Engine (x32 Version: 1.12.05)
Age of Empires 3 : Napoleonic Era (x32 Version: 1.0.0)
Age of Empires III - The Asian Dynasties Trial (x32 Version: 1.00.0000)
Age of Empires III (x32 Version: 1.00.0000)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Ask Toolbar (x32 Version: 1.15.4.0)
Ask Toolbar Updater (HKCU Version: 1.2.2.23821)
ATI AVIVO64 Codecs (Version: 11.6.0.50601)
ATI Catalyst Install Manager (Version: 3.0.778.0)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0601.2152.37421)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0601.2152.37421)
Catalyst Control Center InstallProxy (x32 Version: 2010.0601.2152.37421)
Catalyst Control Center Localization All (x32 Version: 2010.0601.2152.37421)
CCC Help Chinese Standard (x32 Version: 2010.0601.2151.37421)
CCC Help Chinese Traditional (x32 Version: 2010.0601.2151.37421)
CCC Help Danish (x32 Version: 2010.0601.2151.37421)
CCC Help Dutch (x32 Version: 2010.0601.2151.37421)
CCC Help English (x32 Version: 2010.0601.2151.37421)
CCC Help Finnish (x32 Version: 2010.0601.2151.37421)
CCC Help French (x32 Version: 2010.0601.2151.37421)
CCC Help German (x32 Version: 2010.0601.2151.37421)
CCC Help Italian (x32 Version: 2010.0601.2151.37421)
CCC Help Japanese (x32 Version: 2010.0601.2151.37421)
CCC Help Korean (x32 Version: 2010.0601.2151.37421)
CCC Help Norwegian (x32 Version: 2010.0601.2151.37421)
CCC Help Portuguese (x32 Version: 2010.0601.2151.37421)
CCC Help Russian (x32 Version: 2010.0601.2151.37421)
CCC Help Spanish (x32 Version: 2010.0601.2151.37421)
CCC Help Swedish (x32 Version: 2010.0601.2151.37421)
ccc-core-static (x32 Version: 2010.0601.2152.37421)
ccc-utility64 (Version: 2010.0601.2152.37421)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.0.11042)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.0.11042)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
Cisco Systems VPN Client 5.0.07.0290 (Version: 5.0.7)
Common Desktop Agent (Version: 1.53.0)
Dell DataSafe Local Backup - Support Software (x32 Version: 9.4.60)
Dell DataSafe Local Backup (x32 Version: 9.4.60)
Dell DataSafe Online (x32 Version: 1.2.0011)
Dell Dock (Version: 2.0)
Dell Dock (x32 Version: 2.0)
Dell Getting Started Guide (x32 Version: 1.00.0000)
Dell Support Center (Version: 3.0.5621.01)
Dell Webcam Central (x32 Version: 2.00.35)
DesignPro 5 (x32 Version: 5.5.708)
DivX-Setup (x32 Version: 2.4.1.4)
Dropbox (HKCU Version: 2.4.2)
DW WLAN Card Utility (Version: 5.60.48.35)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
Google Chrome (x32 Version: 30.0.1599.101)
Google Earth (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.165)
Guitar Pro 5.0 (x32)
ICQ7.5 (x32 Version: 7.5)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.4.1002)
iTunes (Version: 11.1.1.11)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Junk Mail filter update (x32 Version: 14.0.8089.726)
Line 6 Uninstaller (x32 Version: )
Max Payne 2 (x32 Version: 1.0.98)
McAfee Security Scan Plus (Version: 3.8.130.8)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (x32 Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Mobile Connection Manager (x32 Version: 8.8.7.892)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MyFreeCodec (HKCU)
OpenOffice.org 3.4 (x32 Version: 3.4.9590)
Power Tab Editor 1.7 (x32)
Quickset64 (Version: 10.5.0)
QuickTime (x32 Version: 7.74.80.86)
Resource Hacker Version 3.6.0 (x32)
Roxio Burn (x32 Version: 1.01)
Samsung Easy Printer Manager (x32 Version: 1.00.62.00)
Samsung Kies (x32 Version: 2.0.0.11044_11)
Samsung ML-1670 Series (x32)
Samsung Printer Live Update (x32)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.15.0)
Skype Toolbars (x32 Version: 1.0.4051)
Skype™ 5.10 (x32 Version: 5.10.116)
SopCast 3.5.0 (x32 Version: 3.5.0)
Sophos Anti-Virus (x32 Version: 10.3.1)
Sophos AutoUpdate (x32 Version: 2.9.0.344)
Sophos Remote Management System (x32 Version: 3.4.1)
Synaptics Pointing Device Driver (Version: 15.0.0.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0)
WIDCOMM Bluetooth Software (Version: 6.2.1.1100)
WildTangent-Spiele (x32 Version: 1.0.0.71)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth (03/24/2010 6.3.0.2501) (Version: 03/24/2010 6.3.0.2501)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5)
Windows Live Call (x32 Version: 14.0.8064.0206)
Windows Live Communications Platform (x32 Version: 14.0.8064.206)
Windows Live Essentials (x32 Version: 14.0.8089.0726)
Windows Live Essentials (x32 Version: 14.0.8089.726)
Windows Live Fotogalerie (x32 Version: 14.0.8081.709)
Windows Live Mail (x32 Version: 14.0.8089.0726)
Windows Live Messenger (x32 Version: 14.0.8089.0726)
Windows Live Movie Maker (x32 Version: 14.0.8091.0730)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live Writer (x32 Version: 14.0.8089.0726)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
WinRAR 4.01 (32-Bit) (x32 Version: 4.01.0)
WinZip 14.5 (x32 Version: 14.5.9095)
ZTE USB Driver (Version: 1.0.1.31_TME)
==================== Restore Points =========================
24-09-2013 07:52:23 Windows Update
27-09-2013 13:40:35 Windows Update
01-10-2013 07:03:29 Windows Update
04-10-2013 07:15:23 Windows Update
08-10-2013 15:09:27 Instalado ZTE Drivers v1.2074.0.2
09-10-2013 05:36:29 Windows Update
09-10-2013 06:15:55 Windows Update
11-10-2013 01:01:53 Windows Update
11-10-2013 17:46:28 Windows Update
15-10-2013 15:05:01 Windows Update
19-10-2013 12:09:19 Windows Update
21-10-2013 15:28:10 Installed Java 7 Update 45
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1F5B23C7-2BD7-4C6B-B273-717AE43843FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-06] (Google Inc.)
Task: {2E0ED9B6-76CA-4651-A5C4-E1245A11F1AD} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-06-06] ()
Task: {48214C14-72EB-473A-9973-A8BAEB196D65} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {566C71C7-A608-4D50-8E6A-D7FE3F34D012} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-531167019-474571096-1486909408-1001Core => C:\Users\*****\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {6DCDE5DE-73F7-4F22-A957-F92B40F8E632} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B0A7AB75-003B-4851-A39F-9276EAAB69E6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-531167019-474571096-1486909408-1001UA => C:\Users\*****\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {B39E3D43-ABB2-4C75-B581-1F179834AF9D} - System32\Tasks\{174746D0-F2BD-4CD5-AEF9-D44D1522D246} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE [2013-07-23] (Microsoft Corporation)
Task: {D09478AC-E848-4B48-87B2-8085BF7C1DF4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-06] (Google Inc.)
Task: {D3E3FAF3-F726-4DAC-9421-24526B66DA1D} - System32\Tasks\DigitalSite => C:\Users\JULIUS~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE
Task: {D4D314E6-A200-474E-A874-D80A9BBA4E6A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\JULIUS~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-531167019-474571096-1486909408-1001Core.job => C:\Users\*****\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-531167019-474571096-1486909408-1001UA.job => C:\Users\*****\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2009-12-29 22:19 - 2009-12-29 22:19 - 00173344 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2011-06-26 13:00 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2011-01-27 09:32 - 2011-01-27 09:32 - 00027648 _____ () C:\Windows\System32\ssb7mlm.dll
2011-06-22 07:48 - 2011-06-22 07:48 - 00034304 _____ () C:\Windows\System32\ssp7ml6.dll
2010-12-17 19:13 - 2010-12-17 19:13 - 00050688 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2010-03-08 19:02 - 2010-03-08 19:02 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-02 05:50 - 2010-06-02 05:50 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 00087328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 01241888 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 14:26 - 2010-03-23 14:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2012-09-17 16:30 - 2012-09-17 16:30 - 01055808 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE.dll
2012-09-17 16:30 - 2012-09-17 16:30 - 01539136 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO.dll
2012-09-17 16:30 - 2012-09-17 16:30 - 00183360 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_DynamicAny.dll
2012-09-17 16:30 - 2012-09-17 16:30 - 00760896 _____ () C:\Program Files (x86)\Sophos\Remote Management System\LIBEAY32.dll
2012-09-17 16:30 - 2012-09-17 16:30 - 00146496 _____ () C:\Program Files (x86)\Sophos\Remote Management System\SSLEAY32.dll
2012-09-17 16:30 - 2012-09-17 16:30 - 00076864 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE_SSL.dll
2012-09-17 16:30 - 2012-09-17 16:30 - 00535616 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_PortableServer.dll
2012-09-17 16:30 - 2012-09-17 16:30 - 00244800 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.DLL
2012-09-17 16:30 - 2012-09-17 16:30 - 00740416 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Security.dll
2012-09-17 16:30 - 2012-09-17 16:30 - 00039488 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Valuetype.dll
2012-09-17 16:30 - 2012-09-17 16:30 - 00244800 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.dll
2010-02-09 21:34 - 2010-02-09 21:34 - 00275776 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2010-02-09 21:34 - 2010-02-09 21:34 - 00058688 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2010-02-09 21:34 - 2010-02-09 21:34 - 00095552 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2010-02-09 21:34 - 2010-02-09 21:34 - 00046400 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll
2010-02-09 21:34 - 2010-02-09 21:34 - 00365888 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll
2010-02-09 21:34 - 2010-02-09 21:34 - 00152896 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2010-02-09 21:34 - 2010-02-09 21:34 - 00017728 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\libcef.dll
2013-09-18 10:11 - 2013-09-18 10:12 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-08-16 12:30 - 2013-08-16 12:30 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\55ed9c64f5bf19f2110ff33b19f3ad35\IsdiInterop.ni.dll
2010-11-30 09:14 - 2010-06-08 18:44 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
==================== Faulty Device Manager Devices =============
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/23/2013 00:25:29 PM) (Source: Sophos Message Router) (User: NT-AUTORITÄT)
Description: DNS Lookup schlug bei Auflösung folgender Adressen fehl: wrz2041.%%3
Error: (10/23/2013 00:14:00 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 24.0.0.5001 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f68
Startzeit: 01cecfd76f1e2dac
Endzeit: 16
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: d192d367-3bcb-11e3-a16c-c0cb38b818f7
Error: (10/23/2013 00:04:24 PM) (Source: Sophos Message Router) (User: NT-AUTORITÄT)
Description: Die Netzwerkidentität (Interoperable Object Reference oder IOR) des lokalen Computers ist ungültig.%%3
Error: (10/23/2013 11:53:59 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: KiesPDLR.exe, Version: 1.0.0.1, Zeitstempel: 0x5075846e
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161, Zeitstempel: 0x4dace5b9
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0006ccd5
ID des fehlerhaften Prozesses: 0x12f8
Startzeit der fehlerhaften Anwendung: 0xKiesPDLR.exe0
Pfad der fehlerhaften Anwendung: KiesPDLR.exe1
Pfad des fehlerhaften Moduls: KiesPDLR.exe2
Berichtskennung: KiesPDLR.exe3
Error: (10/23/2013 11:15:27 AM) (Source: Sophos Message Router) (User: NT-AUTORITÄT)
Description: Die Netzwerkidentität (Interoperable Object Reference oder IOR) des lokalen Computers ist ungültig.%%3
Error: (10/23/2013 11:05:18 AM) (Source: Sophos Message Router) (User: NT-AUTORITÄT)
Description: DNS Lookup schlug bei Auflösung folgender Adressen fehl: wrz2041.%%3
Error: (10/23/2013 10:56:07 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: KiesPDLR.exe, Version: 1.0.0.1, Zeitstempel: 0x5075846e
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161, Zeitstempel: 0x4dace5b9
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0006ccd5
ID des fehlerhaften Prozesses: 0xff4
Startzeit der fehlerhaften Anwendung: 0xKiesPDLR.exe0
Pfad der fehlerhaften Anwendung: KiesPDLR.exe1
Pfad des fehlerhaften Moduls: KiesPDLR.exe2
Berichtskennung: KiesPDLR.exe3
Error: (10/23/2013 10:55:38 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: KiesPDLR.exe, Version: 1.0.0.1, Zeitstempel: 0x5075846e
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161, Zeitstempel: 0x4dace5b9
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0006ccd5
ID des fehlerhaften Prozesses: 0x13e0
Startzeit der fehlerhaften Anwendung: 0xKiesPDLR.exe0
Pfad der fehlerhaften Anwendung: KiesPDLR.exe1
Pfad des fehlerhaften Moduls: KiesPDLR.exe2
Berichtskennung: KiesPDLR.exe3
Error: (10/23/2013 10:39:36 AM) (Source: MsiInstaller) (User: JFK1984-PC)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\GoogleUpdateHelper.msi
Error: (10/23/2013 10:13:23 AM) (Source: Application Hang) (User: )
Description: Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1e48
Startzeit: 01cecfc5f311426d
Endzeit: 0
Anwendungspfad: C:\Users\*****\Desktop\OTL.exe
Berichts-ID: f8bdb0e9-3bba-11e3-a275-c0cb38b818f7
System errors:
=============
Error: (10/23/2013 08:48:56 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.
Error: (10/22/2013 08:42:12 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.
Error: (10/22/2013 08:41:42 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.
Error: (10/19/2013 01:57:51 PM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (10/14/2013 05:28:52 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.
Error: (10/13/2013 01:16:18 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.
Error: (10/12/2013 03:36:51 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.
Error: (10/11/2013 07:45:27 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (10/11/2013 07:19:25 PM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (10/11/2013 03:04:10 PM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Microsoft Office Sessions:
=========================
Error: (10/23/2013 00:25:29 PM) (Source: Sophos Message Router)(User: NT-AUTORITÄT)
Description: wrz2041
Error: (10/23/2013 00:14:00 PM) (Source: Application Hang)(User: )
Description: firefox.exe24.0.0.5001f6801cecfd76f1e2dac16C:\Program Files (x86)\Mozilla Firefox\firefox.exed192d367-3bcb-11e3-a16c-c0cb38b818f7
Error: (10/23/2013 00:04:24 PM) (Source: Sophos Message Router)(User: NT-AUTORITÄT)
Description:
Error: (10/23/2013 11:53:59 AM) (Source: Application Error)(User: )
Description: KiesPDLR.exe1.0.0.15075846eMSVCR90.dll9.0.30729.61614dace5b9c00004170006ccd512f801cecfd5c141f953C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll0953c6a5-3bc9-11e3-9d93-c0cb38b818f7
Error: (10/23/2013 11:15:27 AM) (Source: Sophos Message Router)(User: NT-AUTORITÄT)
Description:
Error: (10/23/2013 11:05:18 AM) (Source: Sophos Message Router)(User: NT-AUTORITÄT)
Description: wrz2041
Error: (10/23/2013 10:56:07 AM) (Source: Application Error)(User: )
Description: KiesPDLR.exe1.0.0.15075846eMSVCR90.dll9.0.30729.61614dace5b9c00004170006ccd5ff401cecfcdb4c74895C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dllf4250de7-3bc0-11e3-829b-88ccc3f6d512
Error: (10/23/2013 10:55:38 AM) (Source: Application Error)(User: )
Description: KiesPDLR.exe1.0.0.15075846eMSVCR90.dll9.0.30729.61614dace5b9c00004170006ccd513e001cecfcda07e28c5C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dlle296e7e2-3bc0-11e3-829b-88ccc3f6d512
Error: (10/23/2013 10:39:36 AM) (Source: MsiInstaller)(User: JFK1984-PC)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\GoogleUpdateHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (10/23/2013 10:13:23 AM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.01e4801cecfc5f311426d0C:\Users\*****\Desktop\OTL.exef8bdb0e9-3bba-11e3-a275-c0cb38b818f7
==================== Memory info ===========================
Percentage of memory in use: 51%
Total physical RAM: 3958.68 MB
Available physical RAM: 1912.89 MB
Total Pagefile: 7915.55 MB
Available Pagefile: 5440.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:277.26 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (TOSHIBA EXT) (Fixed) (Total:465.76 GB) (Free:333.14 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: B7CFF39C)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 980B498F)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
==================== End Of Log ============================
gmer.txt Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-10-23 13:14:07
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\*****~1\AppData\Local\Temp\uxdirfog.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe[1156] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe[1156] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Windows\Explorer.EXE[1620] C:\Windows\system32\kernel32.dll!CopyFileExW 00000000779023d0 5 bytes JMP 000000016fff00d8
.text C:\Windows\Explorer.EXE[1620] C:\Windows\system32\kernel32.dll!MoveFileWithProgressW 000000007797f6c0 8 bytes JMP 000000016fff0110
.text C:\Windows\Explorer.EXE[1620] C:\Windows\system32\ole32.dll!CoCreateInstance 000007feffa27490 11 bytes JMP 000007ffff8e00d8
.text C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe[1868] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe[1868] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1852] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1852] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2108] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2108] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2524] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2524] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2960] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2960] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe[3024] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe[3024] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe[3080] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe[3080] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe[3144] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe[3144] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe[3192] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe[3192] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe[3252] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe[3252] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[3420] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[3420] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[3484] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[3484] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3984] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3984] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4720] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4720] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe[4784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe[4784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[4816] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 0000000077d0000c 1 byte [C3]
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[4816] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 0000000077d8f8ea 5 bytes JMP 0000000177d3d5c1
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[4816] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[4816] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe[4940] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe[4940] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[4972] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[4972] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe[4996] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe[4996] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Ask.com\Updater\Updater.exe[5052] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Ask.com\Updater\Updater.exe[5052] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe[5076] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe[5076] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[5116] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\iTunes\iTunesHelper.exe[5116] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe[5132] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe[5132] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe[2804] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe[2804] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[5956] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[5956] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[2996] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[2996] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
.text C:\Users\*****\Desktop\gmer_2.1.19163.exe[4900] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766d1465 2 bytes [6D, 76]
.text C:\Users\*****\Desktop\gmer_2.1.19163.exe[4900] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766d14bb 2 bytes [6D, 76]
.text ... * 2
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0cb38b818f7
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0cb38b818f7@101dc0896720 0x7C 0x38 0xC5 0xD1 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0cb38b818f7 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0cb38b818f7@101dc0896720 0x7C 0x38 0xC5 0xD1 ...
---- EOF - GMER 2.1 ----
Vielen Dank schon mal für Deine Hilfe!! :) |
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
WARNUNG an die MITLESER: 
