Malwarebytes findet u.a PUP.Optional.Babylon.A und mehr Hallo zusammen,
Malwarebytes Adware findet auf meinem Rechner 45 infizierte Objekte.
Diese habe ich alle löschen lassen. Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2013.10.23.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Cedric :: CEDRIC-LAPTOP [Administrator]
23.10.2013 18:22:14
mbam-log-2013-10-23 (18-22-14).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 223110
Laufzeit: 2 Minute(n), 14 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 1
C:\Users\Cedric\AppData\Roaming\BabSolution\Shared\enhancedNT.dll (PUP.Optional.BabSolution.A) -> Löschen bei Neustart.
Infizierte Registrierungsschlüssel: 7
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\BabSolution\Redir (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Registrierungswerte: 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|NTRedirect (PUP.Optional.BabSolution.A) -> Daten: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Cedric\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 10
C:\Users\Cedric\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> Löschen bei Neustart.
C:\Users\Cedric\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> Löschen bei Neustart.
C:\Users\Cedric\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Roaming\OpenCandy\55EFA43E2FAD4D5AB05DB72C02EEBA9B (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Roaming\OpenCandy\DFDBBEBD3FFD4D268E2016C30FB0B57B (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.22.0 (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Dateien: 26
C:\Users\Cedric\AppData\Roaming\BabSolution\Shared\BabMaint.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Roaming\BabSolution\Shared\NTRedirect.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Roaming\DVDVideoSoft\FreeYouTubeDownload.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Roaming\OpenCandy\55EFA43E2FAD4D5AB05DB72C02EEBA9B\DeltaTB.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Local\Temp\bus2885\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Local\Temp\DAB90143-BAB0-7891-8A16-A74CF2CF798F\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Local\Temp\DAB90143-BAB0-7891-8A16-A74CF2CF798F\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Local\Temp\DAB90143-BAB0-7891-8A16-A74CF2CF798F\Latest\BUSolution.dll (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Local\Temp\DAB90143-BAB0-7891-8A16-A74CF2CF798F\Latest\ccp.exe (PUP.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Local\Temp\DAB90143-BAB0-7891-8A16-A74CF2CF798F\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Local\Temp\DAB90143-BAB0-7891-8A16-A74CF2CF798F\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Local\Temp\DAB90143-BAB0-7891-8A16-A74CF2CF798F\Latest\MyDeltaTB.exe (PUP.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Local\Temp\DAB90143-BAB0-7891-8A16-A74CF2CF798F\Latest\NTRedirect.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Local\Temp\DAB90143-BAB0-7891-8A16-A74CF2CF798F\Latest\Setup.exe (PUP.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\Downloads\Free31213YouTubeToMP3Converter.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Roaming\BabSolution\Shared\enhancedNT.dll (PUP.Optional.BabSolution.A) -> Löschen bei Neustart.
C:\Users\Cedric\AppData\Roaming\BabSolution\CR\Delta.crx (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Roaming\BabSolution\Shared\chu.js (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Roaming\BabSolution\Shared\Delta.ico (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Roaming\BabSolution\Shared\GUninstaller.exe (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Roaming\BabSolution\Shared\SetupParams.ini (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Roaming\BabSolution\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Cedric\AppData\Roaming\OpenCandy\DFDBBEBD3FFD4D268E2016C30FB0B57B\TuneUpUtilities2013-2200217_de-DE.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende) Danach habe ich noch mit FRST gescannt
FRST.txt Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-10-2013
Ran by Cedric (administrator) on CEDRIC-LAPTOP on 23-10-2013 18:42:07
Running from C:\Users\Cedric\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Akamai Technologies, Inc.) C:\Users\Cedric\AppData\Local\Akamai\netsession_win.exe
(Facebook Inc.) C:\Users\Cedric\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Akamai Technologies, Inc.) C:\Users\Cedric\AppData\Local\Akamai\netsession_win.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(GoPro) C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\ipmGui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelPAN] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-07-27] (Intel(R) Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()
HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Cedric\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Facebook Update] - C:\Users\Cedric\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-12-08] (Facebook Inc.)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1476104 2012-12-20] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2012-12-18] (Samsung Electronics)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310280 2012-12-20] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [250504 2013-03-15] (NVIDIA Corporation)
Startup: C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk
ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6CCE80FF806ACE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=A2FABC7737543F72&affID=121564&tt=070813_wc1&tsp=4968
BHO: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - No File
DPF: HKLM-x32 {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.19.1
FireFox:
========
FF ProfilePath: C:\Users\Cedric\AppData\Roaming\Mozilla\Firefox\Profiles\dq0ow7hc.default
FF user.js: detected! => C:\Users\Cedric\AppData\Roaming\Mozilla\Firefox\Profiles\dq0ow7hc.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Cedric\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Cedric\AppData\Roaming\Mozilla\Firefox\Profiles\dq0ow7hc.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
Chrome:
=======
CHR Extension: (Chrome In-App Payments service) - C:\Users\Cedric\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-06] (Avira Operations GmbH & Co. KG)
S3 COMSysApp; C:\Windows\SysWow64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9464680 2010-09-21] (DisplayLink Corp.)
S3 msiserver; C:\Windows\SysWow64\msiexec.exe [73216 2010-11-21] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-27] ()
R2 WSearch; C:\Windows\SysWow64\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-06] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-04-04] (Avira Operations GmbH & Co. KG)
S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_5.5.27797.0.sys [17408 2013-04-04] (hxxp://libusb-win32.sourceforge.net)
S3 DWA; C:\Windows\System32\DRIVERS\WSR_DWA.SYS [543232 2010-05-10] ()
S3 hwa; C:\Windows\System32\DRIVERS\WSR_HWA.SYS [916480 2010-05-10] ()
S3 HWARadio; C:\Windows\System32\DRIVERS\WSR_RCI.SYS [162304 2010-05-10] ()
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-03-15] (NVIDIA Corporation)
S3 XONE_4D; C:\Windows\System32\Drivers\XONE_4D.sys [422640 2011-08-17] (Allen & Heath)
S3 XONE_4dm; C:\Windows\System32\drivers\XONE_4dm.sys [31984 2011-08-17] (Ploytec GmbH)
S3 XONE_4D_WDM; C:\Windows\System32\drivers\XONE_4DW.sys [54000 2011-08-17] (Allen & Heath)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-23 18:39 - 2013-10-23 18:39 - 00000000 ____D C:\FRST
2013-10-23 18:23 - 2013-10-23 18:23 - 01955374 _____ (Farbar) C:\Users\Cedric\Downloads\FRST64.exe
2013-10-23 18:08 - 2013-10-23 18:08 - 00000000 ____D C:\ProgramData\Oracle
2013-10-23 18:06 - 2013-10-23 18:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-23 18:06 - 2013-10-23 18:06 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-23 18:06 - 2013-10-23 18:06 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-23 18:06 - 2013-10-23 18:06 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-23 18:01 - 2013-10-23 18:01 - 00000011 ____R C:\Windows\amunres.lsl
2013-10-23 17:56 - 2013-10-23 17:56 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-23 17:55 - 2013-10-23 17:56 - 00000000 ____D C:\Users\Cedric\AppData\Local\Google
2013-10-23 17:55 - 2013-10-23 17:55 - 00819192 _____ (Google Inc.) C:\Users\Cedric\Downloads\ChromeSetup.exe
2013-10-23 17:55 - 2013-10-23 17:55 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-23 17:55 - 2013-10-23 17:55 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-23 17:49 - 2013-10-23 17:50 - 30694824 _____ (Oracle Corporation) C:\Users\Cedric\Downloads\jre-7u45-windows-x64.exe
2013-10-22 19:00 - 2013-10-22 19:00 - 00000000 ____D C:\Users\Cedric\AppData\Roaming\Apple Computer
2013-10-22 18:58 - 2013-10-22 18:58 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-10-22 18:57 - 2013-10-22 18:57 - 00000000 ____D C:\Users\Cedric\AppData\Local\Apple
2013-10-22 18:57 - 2013-10-22 18:57 - 00000000 ____D C:\ProgramData\Apple Computer
2013-10-22 18:57 - 2013-10-22 18:57 - 00000000 ____D C:\ProgramData\Apple
2013-10-22 18:57 - 2013-10-22 18:57 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-10-22 18:56 - 2013-10-22 18:56 - 41404760 _____ (Apple Inc.) C:\Users\Cedric\Downloads\QuickTimeInstaller.exe
2013-10-19 22:35 - 2013-10-19 22:35 - 00001536 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-10-19 22:35 - 2013-10-19 22:35 - 00000000 ___RD C:\Users\Public\Desktop\DVDVideoSoft
2013-10-17 14:21 - 2013-10-17 14:21 - 00000000 ____D C:\Users\Cedric\AppData\Local\GoPro
2013-10-17 14:05 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-17 14:05 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-17 14:05 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-17 14:05 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-17 14:05 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-17 14:05 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-17 14:05 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-17 14:05 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-17 14:05 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-17 14:05 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-17 14:05 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-17 14:05 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-17 14:05 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-17 14:05 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-17 14:05 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-17 14:05 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-17 14:05 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-17 14:05 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-17 14:05 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-17 14:05 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-17 14:05 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-17 14:05 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-17 14:05 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-17 14:05 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-17 14:05 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-17 14:05 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-17 14:05 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-17 14:05 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-17 14:05 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-17 14:05 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-17 14:05 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-16 16:43 - 2013-10-16 16:43 - 00000000 _____ C:\Users\Cedric\Desktop\google.txt
2013-10-16 15:07 - 2013-09-14 03:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-16 15:07 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-16 15:07 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-16 15:07 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-16 15:07 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-16 15:07 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-16 15:07 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-16 15:07 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-16 15:07 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-16 15:07 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-16 15:07 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-16 15:07 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-16 15:07 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-16 15:07 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-16 15:07 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-16 15:07 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-16 15:07 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-16 15:07 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-16 15:07 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-16 15:07 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-16 15:07 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-16 15:07 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-16 15:07 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-16 15:07 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-16 15:07 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-16 15:07 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-16 15:07 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-16 15:07 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-16 15:07 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-16 15:07 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-16 15:07 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-16 15:07 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-16 15:07 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-16 15:07 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-16 15:07 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-16 15:07 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-16 15:07 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-16 15:07 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-16 15:07 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-16 15:07 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-16 15:07 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-16 15:07 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-16 15:07 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-16 15:07 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-16 15:07 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-16 15:07 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-09-26 17:53 - 2013-10-22 19:07 - 00000000 ____D C:\Users\Public\CineForm
2013-09-26 17:53 - 2013-10-22 18:58 - 00000000 ____D C:\Users\Cedric\AppData\Roaming\GoPro
2013-09-26 17:53 - 2013-10-22 18:58 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-09-26 17:53 - 2013-09-26 17:53 - 00001112 _____ C:\Users\Cedric\Desktop\GoPro Studio.lnk
2013-09-26 17:53 - 2013-09-26 17:53 - 00000000 ____D C:\Program Files\DIFX
2013-09-26 17:53 - 2013-09-26 17:53 - 00000000 ____D C:\Program Files (x86)\GoPro
2013-09-26 17:53 - 2013-09-26 17:53 - 00000000 ____D C:\Program Files (x86)\CineForm
2013-09-26 17:40 - 2013-09-26 17:44 - 117548912 _____ C:\Users\Cedric\Downloads\GoProStudioPC-2.0.0.285.exe
2013-09-26 13:22 - 2013-09-26 13:32 - 680525824 _____ C:\Users\Cedric\Downloads\ophcrack-vista-livecd-3.6.0.iso
==================== One Month Modified Files and Folders =======
2013-10-23 18:39 - 2013-10-23 18:39 - 00000000 ____D C:\FRST
2013-10-23 18:39 - 2013-05-18 09:39 - 00000000 ____D C:\Users\Cedric\AppData\Roaming\Skype
2013-10-23 18:39 - 2012-12-06 19:13 - 01603043 _____ C:\Windows\WindowsUpdate.log
2013-10-23 18:36 - 2013-08-08 14:13 - 00000000 ____D C:\Users\Cedric\AppData\Roaming\BabSolution
2013-10-23 18:36 - 2012-12-06 21:01 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-23 18:36 - 2010-11-21 05:47 - 00131646 _____ C:\Windows\PFRO.log
2013-10-23 18:36 - 2009-07-14 06:51 - 00023391 _____ C:\Windows\setupact.log
2013-10-23 18:34 - 2013-02-11 12:23 - 00000000 ____D C:\Users\Cedric\AppData\Roaming\DVDVideoSoft
2013-10-23 18:23 - 2013-10-23 18:23 - 01955374 _____ (Farbar) C:\Users\Cedric\Downloads\FRST64.exe
2013-10-23 18:08 - 2013-10-23 18:08 - 00000000 ____D C:\ProgramData\Oracle
2013-10-23 18:06 - 2013-10-23 18:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-23 18:06 - 2013-10-23 18:06 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-23 18:06 - 2013-10-23 18:06 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-23 18:06 - 2013-10-23 18:06 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-23 18:03 - 2012-12-08 10:01 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-23 18:03 - 2012-12-08 10:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-23 18:01 - 2013-10-23 18:01 - 00000011 ____R C:\Windows\amunres.lsl
2013-10-23 18:01 - 2013-04-05 21:35 - 00000000 ____D C:\ProgramData\Origin
2013-10-23 18:00 - 2013-09-21 12:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-23 17:57 - 2013-08-09 20:52 - 00000000 ____D C:\Program Files (x86)\Cain
2013-10-23 17:56 - 2013-10-23 17:56 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-23 17:56 - 2013-10-23 17:55 - 00000000 ____D C:\Users\Cedric\AppData\Local\Google
2013-10-23 17:55 - 2013-10-23 17:55 - 00819192 _____ (Google Inc.) C:\Users\Cedric\Downloads\ChromeSetup.exe
2013-10-23 17:55 - 2013-10-23 17:55 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-23 17:55 - 2013-10-23 17:55 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-23 17:50 - 2013-10-23 17:49 - 30694824 _____ (Oracle Corporation) C:\Users\Cedric\Downloads\jre-7u45-windows-x64.exe
2013-10-23 16:20 - 2009-07-14 06:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-23 16:20 - 2009-07-14 06:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-22 19:07 - 2013-09-26 17:53 - 00000000 ____D C:\Users\Public\CineForm
2013-10-22 19:04 - 2011-04-12 09:43 - 00654400 _____ C:\Windows\system32\perfh007.dat
2013-10-22 19:04 - 2011-04-12 09:43 - 00130240 _____ C:\Windows\system32\perfc007.dat
2013-10-22 19:04 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-22 19:00 - 2013-10-22 19:00 - 00000000 ____D C:\Users\Cedric\AppData\Roaming\Apple Computer
2013-10-22 18:58 - 2013-10-22 18:58 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-10-22 18:58 - 2013-09-26 17:53 - 00000000 ____D C:\Users\Cedric\AppData\Roaming\GoPro
2013-10-22 18:58 - 2013-09-26 17:53 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-10-22 18:57 - 2013-10-22 18:57 - 00000000 ____D C:\Users\Cedric\AppData\Local\Apple
2013-10-22 18:57 - 2013-10-22 18:57 - 00000000 ____D C:\ProgramData\Apple Computer
2013-10-22 18:57 - 2013-10-22 18:57 - 00000000 ____D C:\ProgramData\Apple
2013-10-22 18:57 - 2013-10-22 18:57 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-10-22 18:56 - 2013-10-22 18:56 - 41404760 _____ (Apple Inc.) C:\Users\Cedric\Downloads\QuickTimeInstaller.exe
2013-10-19 22:35 - 2013-10-19 22:35 - 00001536 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-10-19 22:35 - 2013-10-19 22:35 - 00000000 ___RD C:\Users\Public\Desktop\DVDVideoSoft
2013-10-19 22:35 - 2013-08-08 14:08 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-10-17 15:03 - 2012-12-06 23:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-17 15:03 - 2012-12-06 23:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-17 15:03 - 2012-12-06 23:20 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-17 14:23 - 2013-05-11 16:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-17 14:23 - 2013-05-11 16:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-17 14:23 - 2009-07-14 06:45 - 00276584 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-17 14:21 - 2013-10-17 14:21 - 00000000 ____D C:\Users\Cedric\AppData\Local\GoPro
2013-10-17 14:00 - 2013-09-08 09:37 - 00000000 ____D C:\Windows\system32\MRT
2013-10-17 13:59 - 2012-12-06 22:02 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-16 16:43 - 2013-10-16 16:43 - 00000000 _____ C:\Users\Cedric\Desktop\google.txt
2013-10-01 03:45 - 2013-09-14 16:02 - 98602865 _____ C:\Windows\SysWOW64\뜄㭃蹬©
2013-09-26 17:53 - 2013-09-26 17:53 - 00001112 _____ C:\Users\Cedric\Desktop\GoPro Studio.lnk
2013-09-26 17:53 - 2013-09-26 17:53 - 00000000 ____D C:\Program Files\DIFX
2013-09-26 17:53 - 2013-09-26 17:53 - 00000000 ____D C:\Program Files (x86)\GoPro
2013-09-26 17:53 - 2013-09-26 17:53 - 00000000 ____D C:\Program Files (x86)\CineForm
2013-09-26 17:53 - 2012-12-06 19:31 - 00102476 _____ C:\Windows\DPINST.LOG
2013-09-26 17:44 - 2013-09-26 17:40 - 117548912 _____ C:\Users\Cedric\Downloads\GoProStudioPC-2.0.0.285.exe
2013-09-26 13:32 - 2013-09-26 13:22 - 680525824 _____ C:\Users\Cedric\Downloads\ophcrack-vista-livecd-3.6.0.iso
2013-09-25 06:52 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-23 13:08 - 2012-12-06 21:30 - 00000000 ____D C:\Users\Cedric\AppData\Local\Mozilla
2013-09-23 01:28 - 2013-10-17 14:05 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-17 14:05 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-17 14:05 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-23 01:27 - 2013-10-17 14:05 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-17 14:05 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-17 14:05 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-17 14:05 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-17 14:05 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-17 14:05 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-23 01:27 - 2013-10-17 14:05 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-23 01:27 - 2013-10-17 14:05 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-23 01:27 - 2013-10-17 14:05 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-23 01:27 - 2013-10-17 14:05 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-23 00:55 - 2013-10-17 14:05 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 00:55 - 2013-10-17 14:05 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-17 14:05 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-17 14:05 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-17 14:05 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-17 14:05 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-17 14:05 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-17 14:05 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-17 14:05 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-23 00:54 - 2013-10-17 14:05 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-23 00:54 - 2013-10-17 14:05 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-23 00:54 - 2013-10-17 14:05 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-23 00:54 - 2013-10-17 14:05 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-23 00:54 - 2013-10-17 14:05 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
Files to move or delete:
====================
C:\Users\Cedric\AppData\Roaming\skype.ini
Some content of TEMP:
====================
C:\Users\Cedric\AppData\Local\Temp\AskSLib.dll
C:\Users\Cedric\AppData\Local\Temp\installerdll23973500.dll
C:\Users\Cedric\AppData\Local\Temp\installerdll24001799.dll
C:\Users\Cedric\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Cedric\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Cedric\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Cedric\AppData\Local\Temp\Nv3DVStreaming.dll
C:\Users\Cedric\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Cedric\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Cedric\AppData\Local\Temp\nvStInst.exe
C:\Users\Cedric\AppData\Local\Temp\rootsupd.exe
C:\Users\Cedric\AppData\Local\Temp\Setup.exe
C:\Users\Cedric\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Cedric\AppData\Local\Temp\sonarinst.exe
C:\Users\Cedric\AppData\Local\Temp\uninst1.exe
C:\Users\Cedric\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Cedric\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Cedric\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-12 07:32
==================== End Of Log ============================ Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2013
Ran by Cedric at 2013-10-23 18:42:52
Running from C:\Users\Cedric\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
AccelerometerP11 (x32 Version: 2.00.11.22)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Akamai NetSession Interface (HKCU)
Apple Application Support (x32 Version: 2.3.4)
Apple Software Update (x32 Version: 2.1.3.127)
Avira Free Antivirus (x32 Version: 13.0.0.4052)
Dell System Detect (HKCU Version: 3.3.2.0)
DisplayLink Core Software (Version: 5.5.27797.0)
DisplayLink Graphics (Version: 5.5.27887.0)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
Free YouTube Download version 3.2.9.725 (x32 Version: 3.2.9.725)
Free YouTube to MP3 Converter version 3.12.13.925 (x32 Version: 3.12.13.925)
Google Chrome (x32 Version: 30.0.1599.101)
Google Update Helper (x32 Version: 1.3.21.165)
GoPro Studio 2.0.0 (x32 Version: 2.0.0)
Intel PROSet Wireless
Intel PROSet Wireless (x32)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2321)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 1.0.0.0454)
Intel(R) PROSet/Wireless WiFi-Software (Version: 14.2.0000)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft-Maus- und Tastatur-Center (Version: 2.1.177.0)
My Dell (Version: 3.3.6280.92)
MyFreeCodec (HKCU)
Native Instruments Controller Editor (Version: 1.4.1.822)
Native Instruments Controller Editor (x32)
Native Instruments Traktor 2 (Version: 2.1.1.11533)
Native Instruments Traktor 2 (x32)
Native Instruments Traktor Kontrol X1 (Version: 3.0.1.648)
Native Instruments Traktor Kontrol X1 (x32)
NVIDIA 3D Vision Treiber 314.22 (Version: 314.22)
NVIDIA Grafiktreiber 314.22 (Version: 314.22)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.115.743)
NVIDIA Optimus 1.12.12 (Version: 1.12.12)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1422)
NVIDIA Systemsteuerung 314.22 (Version: 314.22)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
QuickTime (x32 Version: 7.74.80.86)
Realtek Ethernet Controller Driver (x32 Version: 7.34.1130.2010)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.27.0)
Samsung Kies (x32 Version: 2.5.1.12123_2)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.16.0)
Skype™ 6.5 (x32 Version: 6.5.158)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.1.23.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
VLC media player 2.0.7 (x32 Version: 2.0.7)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (Version: 03/07/2012 )
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
XONE:4D USB ASIO driver
==================== Restore Points =========================
14-09-2013 08:02:09 Windows Update
26-09-2013 15:50:47 Microsoft Visual C++ 2005 Redistributable wird installiert
26-09-2013 15:51:47 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
26-09-2013 15:53:26 Gerätetreiber-Paketinstallation: GoPro
28-09-2013 07:06:09 Windows Update
17-10-2013 11:54:19 Windows Update
22-10-2013 16:57:21 Installed QuickTime
23-10-2013 16:05:32 Installed Java 7 Update 45
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {16511F47-37DA-46CA-A820-1B7B6E212BE4} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-05-07] (PC-Doctor, Inc.)
Task: {1FAEAF0E-C1E6-4BFD-8848-02C518C4AA11} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control
Task: {48E8F64B-387B-4764-9C1E-2302D88F79B3} - System32\Tasks\BrowserDefendert => Sc.exe start BrowserDefendert
Task: {597F770A-34BA-445E-B09B-DE1579318910} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {5EC4F966-6867-43BD-8575-BD099CE61A9A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {6E4E711A-AFD8-4874-ABB4-668EADFD5599} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2736519266-3041443792-1815456202-1000Core => C:\Users\Cedric\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-08] (Facebook Inc.)
Task: {9241DFC8-00BC-4114-8A61-F0BE0CE468C3} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {B7A9D97E-A339-4307-95EC-DF64A78735FD} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-07-18] (PC-Doctor, Inc.)
Task: {C98CE649-41D6-4A01-9D90-8D81C9C47D57} - System32\Tasks\SystemToolsDailyTest => C:\Windows\System32\uaclauncher.exe
Task: {D13CF723-CE7A-414C-AB3B-6342D51EF0A7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-17] (Adobe Systems Incorporated)
Task: {DDE6F746-5034-4442-B337-D21ED72877CA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2736519266-3041443792-1815456202-1000UA => C:\Users\Cedric\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-08] (Facebook Inc.)
Task: {F80F17A8-50DC-412A-9B21-C8D9059AA024} - System32\Tasks\EPUpdater => C:\Users\Cedric\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe
Task: {FAB8986C-3A51-46D4-9C3F-3A9FB4A646D4} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {FF53CD5C-8304-480E-B8FE-0C78F3ED029A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2736519266-3041443792-1815456202-1000Core.job => C:\Users\Cedric\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2736519266-3041443792-1815456202-1000UA.job => C:\Users\Cedric\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-07-27 21:07 - 2011-07-27 21:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2012-12-06 20:55 - 2011-03-07 05:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-11-29 16:04 - 2010-11-29 16:04 - 00403968 _____ () C:\Program Files\Intel\TurboBoost\de\SignalIslandUi.resources.dll
2012-12-07 19:12 - 2012-09-19 19:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-10-23 17:56 - 2013-10-09 02:01 - 00698832 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
2013-10-23 17:56 - 2013-10-09 02:01 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll
2013-10-23 17:56 - 2013-10-09 02:02 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
2013-10-23 17:56 - 2013-10-09 02:02 - 00415184 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
2013-10-23 17:56 - 2013-10-09 02:01 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
2013-10-23 17:56 - 2013-10-09 02:02 - 13584336 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:054203E4
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/23/2013 06:36:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/23/2013 05:59:57 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ICQ7.exe, Version: 14.0.0.162, Zeitstempel: 0x4626b2f4
Name des fehlerhaften Moduls: MoveIt.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4fa119ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x606acfde
ID des fehlerhaften Prozesses: 0x172c
Startzeit der fehlerhaften Anwendung: 0xICQ7.exe0
Pfad der fehlerhaften Anwendung: ICQ7.exe1
Pfad des fehlerhaften Moduls: ICQ7.exe2
Berichtskennung: ICQ7.exe3
Error: (10/23/2013 06:51:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/22/2013 07:13:59 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: GoPro Studio.exe, Version: 0.0.0.0, Zeitstempel: 0x5228ef43
Name des fehlerhaften Moduls: dlumd32.dll, Version: 8.5.5.27797, Zeitstempel: 0x4c98a78a
Ausnahmecode: 0xc000000d
Fehleroffset: 0x000286eb
ID des fehlerhaften Prozesses: 0xc64
Startzeit der fehlerhaften Anwendung: 0xGoPro Studio.exe0
Pfad der fehlerhaften Anwendung: GoPro Studio.exe1
Pfad des fehlerhaften Moduls: GoPro Studio.exe2
Berichtskennung: GoPro Studio.exe3
Error: (10/22/2013 07:00:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/17/2013 02:24:57 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Security, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (10/17/2013 02:24:57 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.ServiceModel.Web, Version=3.5.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil". The error returned was Error: The specified assembly is not installed.
.
Error: (10/17/2013 02:24:57 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Web.Extensions, Version=3.5.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil". The error returned was Error: The specified assembly is not installed.
.
Error: (10/17/2013 02:24:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/16/2013 02:59:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (10/23/2013 06:39:03 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (10/23/2013 06:39:03 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (10/23/2013 06:53:57 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (10/23/2013 06:53:57 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (10/23/2013 06:51:56 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/23/2013 06:51:55 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (10/23/2013 06:51:54 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (10/22/2013 07:02:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (10/22/2013 07:02:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (10/22/2013 07:01:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (10/23/2013 06:36:33 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/23/2013 05:59:57 PM) (Source: Application Error)(User: )
Description: ICQ7.exe14.0.0.1624626b2f4MoveIt.dll_unloaded0.0.0.04fa119efc0000005606acfde172c01ced008d068adedC:\Users\Cedric\AppData\Local\Temp\{D21D2A63-F60C-43E6-82B5-31691FEEFFFC}\ICQ7.exeMoveIt.dll294cff4c-3bfc-11e3-b781-bc7737543f75
Error: (10/23/2013 06:51:30 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/22/2013 07:13:59 PM) (Source: Application Error)(User: )
Description: GoPro Studio.exe0.0.0.05228ef43dlumd32.dll8.5.5.277974c98a78ac000000d000286ebc6401cecf4893862e6aC:\Program Files (x86)\GoPro\Tools\GoPro Studio.exeC:\Windows\system32\dlumd32.dll56a4dfad-3b3d-11e3-80f3-bc7737543f75
Error: (10/22/2013 07:00:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/17/2013 02:24:57 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Security, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (10/17/2013 02:24:57 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.ServiceModel.Web, Version=3.5.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil". The error returned was Error: The specified assembly is not installed.
.
Error: (10/17/2013 02:24:57 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Web.Extensions, Version=3.5.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil". The error returned was Error: The specified assembly is not installed.
.
Error: (10/17/2013 02:24:15 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/16/2013 02:59:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 41%
Total physical RAM: 6038.17 MB
Available physical RAM: 3541.82 MB
Total Pagefile: 12074.52 MB
Available Pagefile: 9394.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:304.53 GB) (Free:197.21 GB) NTFS
Drive d: (Volume) (Fixed) (Total:146.48 GB) (Free:6 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=305 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=146 GB) - (Type=OF Extended)
==================== End Of Log ============================ Ich hoffe sehr das mir jemand helfen kann.
Danke
Cedric |