Trojaner-Board - Windows Vista: Avira Gruppenrichtlinien-Block; Fehlermeldung beim Booten

Hallo Freunde,

Ich habe seit einger Zeit keine Möglichkeit mehr auf Avira zuzugreifen. Anscheinend wird es durch Gruppenrichtlinien blockiert. Auserdem bekomme ich beim Hochfahren immer zwei Fehlermeldungen. Die aufploppenden Fenster haben die Überschrift RegSvr32 und warnen mich das ich "nicht genügend Systemressourcen" besitze um die "angeforderten Dienste auszuführen".
Nach einigem Googlen bin ich auf diese Seite gestoßen. Ich hoffe es interessiert sich jemand für mein Problem. Ich wollte es nach Einlesen in ähnlichen Threads selber bearbeiten, jedoch wird ständig davon abgeraten solche Probleme als Laie im Alleingang anzugehen.
Mit Gmer hatte ich einige Probleme. Den Scan konnte ich erst im abgesicherten Modus ohne Häckchen bei "Devices" ausführen.
Mein System:

Windows Vista Home Premium
Service Pack 2
32-Bit Betriebssystem

Danke schon mal im Vorraus.

FRST

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-06-2014

Ran by Yamato (administrator) on YAMATO-PC on 20-06-2014 19:29:30

Running from C:\Users\Yamato\Desktop

Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)

Internet Explorer Version 9

Boot Mode: Normal
 

The only official download link for FRST:

Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 

Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(Validity Sensors, Inc.) C:\Windows\System32\vfsFPService.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe

(Agere Systems) C:\Windows\System32\agrsmsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe

(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

() C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe

(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe

(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsssvc.exe

(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

(Acer Inc.) C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

(Acer Incorporated) C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe

(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe

(Teruten) C:\Windows\System32\FsUsbExService.Exe

() C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe

(COMPANYVERS_NAME) C:\Program Files\MapsGalaxy_39\bar\1.bin\39barsvc.exe

() C:\ACER\Mobility Center\MobilityService.exe

(Nitro PDF Software) C:\Program Files\Canon\Easy-WebPrint EX\NitroPDFReaderDriverService2.exe

(NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

(Realtek Semiconductor Corp.) C:\Users\Yamato\AppData\Local\Temp\RtkBtMnt.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe

(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

(MusicLab, LLC) C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe

(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsui.exe

() C:\Program Files\DivX\DivX Update\DivXUpdate.exe

(VER_COMPANY_NAME) C:\Program Files\MapsGalaxy_39\bar\1.bin\39brmon.exe

(Microsoft Corporation) C:\Windows\ehome\ehtray.exe

(Google Inc.) C:\Users\Yamato\AppData\Local\Google\Update\GoogleUpdate.exe

(Facebook Inc.) C:\Users\Yamato\AppData\Local\Facebook\Update\FacebookUpdate.exe

(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe

(Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe

(Acer Inc.) C:\Program Files\Acer\Acer VCM\acp2HID.exe

(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-07-20] (Intel Corporation)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6139904 2008-05-07] (Realtek Semiconductor)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1037608 2008-04-04] (Synaptics, Inc.)

HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-21] (Google)

HKLM\...\Run: [ePower_DMC] => C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [405504 2008-08-01] (Acer Inc.)

HKLM\...\Run: [eAudio] => C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [544768 2008-05-30] (Acer Incorporated)

HKLM\...\Run: [eDataSecurity Loader] => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-07-29] (Egis Incorporated)

HKLM\...\Run: [BkupTray] => C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [28672 2008-04-25] ()

HKLM\...\Run: [ZPdtWzdVitaKey MC3000] => C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [3719680 2009-06-13] (Arachnoid Biometrics Identification Group Corp.)

HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [809480 2008-06-16] (Dritek System Inc.)

HKLM\...\Run: [eRecoveryService] => [X]

HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)

HKLM\...\Run: [NPSStartup] => [X]

HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2516296 2010-03-25] (CANON INC.)

HKLM\...\Run: [CanonSolutionMenuEx] => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)

HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM\...\Run: [DATAMNGR] => C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe [1822344 2012-06-06] (MusicLab, LLC)

HKLM\...\Run: [fssui] => C:\Program Files\Windows Live\Family Safety\fsui.exe [884584 2012-03-08] (Microsoft Corporation)

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-20] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)

HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()

HKLM\...\Run: [MapsGalaxy Search Scope Monitor] => C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrchMn.exe [44784 2013-08-10] (MindSpark)

HKLM\...\Run: [MapsGalaxy_39 Browser Plugin Loader] => C:\Program Files\MapsGalaxy_39\bar\1.bin\39brmon.exe [30096 2013-08-10] (VER_COMPANY_NAME)

HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION

HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION

HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION

Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)

HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-21-3122945756-3708475220-1533568220-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)

HKU\S-1-5-21-3122945756-3708475220-1533568220-1000\...\Run: [Google Update] => C:\Users\Yamato\AppData\Local\Google\Update\GoogleUpdate.exe [133104 2009-07-23] (Google Inc.)

HKU\S-1-5-21-3122945756-3708475220-1533568220-1000\...\Run: [Facebook Update] => C:\Users\Yamato\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)

HKU\S-1-5-21-3122945756-3708475220-1533568220-1000\...\Run: [Afifcoq] => C:\Users\Yamato\AppData\Roaming\Ikucy\ytgye.exe

HKU\S-1-5-21-3122945756-3708475220-1533568220-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2009-06-26] (Google Inc.)

HKU\S-1-5-21-3122945756-3708475220-1533568220-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)

HKU\S-1-5-21-3122945756-3708475220-1533568220-1000\...\Run: [OctoLzax] => regsvr32.exe "C:\ProgramData\OctoLzax.dat"

HKU\S-1-5-21-3122945756-3708475220-1533568220-1000\...\Run: [UnfejOwirm] => regsvr32.exe "C:\ProgramData\UnfejOwirm.dat"

AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-08-21] (Google)

Lsa: [Notification Packages] scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk

ShortcutTarget: Acer VCM.lnk -> C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)

ShellIconOverlayIdentifiers: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc.)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0609&m=aspire_8930

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x30104421ACBFCB01

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie

HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=120519&tt=gc_&babsrc=HP_ss&mntrId=24550022FA281B46

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0609&m=aspire_8930

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0609&m=aspire_8930

URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File

URLSearchHook: HKCU - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} -  No File

URLSearchHook: HKCU - (No Name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (MindSpark)

SearchScopes: HKLM - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW

SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW

SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=2&sr=0&q={searchTerms}

SearchScopes: HKLM - {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^UX^xdm279^YYA^de&si=maps4pc&ptb=52955F28-928C-4999-B71E-2DA1D2F67ECD&ind=2013081002&n=77fd2daa&psa=&st=sb&searchfor={searchTerms}

SearchScopes: HKCU - DefaultScope {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^UX^xdm279^YYA^de&si=maps4pc&ptb=52955F28-928C-4999-B71E-2DA1D2F67ECD&ind=2013081002&n=77fd2daa&psa=&st=sb&searchfor={searchTerms}

SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

SearchScopes: HKCU - {0553D95C-0578-4E7B-9DBD-48F05219A16E} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}

SearchScopes: HKCU - {0BE280BD-26BE-4656-8E6E-D42D6F1DE84E} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie

SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=120519&tt=gc_&babsrc=SP_ss_din2g&mntrId=24550022FA281B46

SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 

SearchScopes: HKCU - {5B64F938-F23A-40C8-992A-FBDC1FDE62B2} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}

SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE333DE333

SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=niACyDVEYWdcLR5x93xiFJEo0pQ?q={searchTerms}

SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=2&sr=0&q={searchTerms}

SearchScopes: HKCU - {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^UX^xdm279^YYA^de&si=maps4pc&ptb=52955F28-928C-4999-B71E-2DA1D2F67ECD&ind=2013081002&n=77fd2daa&psa=&st=sb&searchfor={searchTerms}

SearchScopes: HKCU - {F11CEAC6-F62D-4910-94F1-13111D62536C} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}

BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll (MindSpark)

BHO: No Name - {27B4851A-3207-45A2-B947-BE8AFE6163AB} -  No File

BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (MindSpark)

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO: No Name - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -  No File

BHO: DataMngr - {B939CF93-F2CB-443d-956C-DC523D85C9DB} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\BrowserConnection.dll (MusicLab, LLC)

BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)

BHO: Wincore Mediabar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll ()

BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)

Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File

Toolbar: HKLM - Wincore Mediabar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll ()

Toolbar: HKLM - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)

Toolbar: HKLM - MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll (MindSpark)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File

Toolbar: HKCU - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File

Toolbar: HKCU - No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  No File

Toolbar: HKCU - MapsGalaxy - {364EA597-E728-4CE4-BB4A-ED846EF47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll (MindSpark)

DPF: {03A89EFD-E023-A200-A22D-45F77558EB4C} https://man.netucate.net/download1026/AXCltInstall.dll

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx

DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

DPF: {CC679CB8-DC4B-458B-B817-D447B3B6AC31} https://asa1.rus.uni-stuttgart.de/CACHE/stc/10/binaries/vpnweb.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} hxxp://92.51.137.94/objects/NpFv501.dll

DPF: {E55FD215-A32E-43FE-A777-A7E8F165F560} hxxp://92.51.137.94/objects/NpFv522.dll

DPF: {E55FD215-A32E-43FE-A777-A7E8F165F561} hxxp://92.51.137.94/objects/NpFv530.dll

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File

FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin: @java.com/DTPlugin,version=1.6.0_37 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)

FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin: @MapsGalaxy_39.com/Plugin - C:\Program Files\MapsGalaxy_39\bar\1.bin\NP39Stub.dll (MindSpark)

FF Plugin: @mcafee.com/SAFFPlugin - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Yamato\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Yamato\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Yamato\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @www.flatcast.com/FlatViewer 5.2 - C:\Windows\DOWNLO~1\NpFv530.dll (1 mal 1 Software GmbH)

FF Plugin ProgramFiles/Appdata: C:\Users\Yamato\AppData\Roaming\mozilla\plugins\NpFv530.dll (1 mal 1 Software GmbH)

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor

FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5

FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-08-01]

FF HKLM\...\Firefox\Extensions: [39ffxtbr@MapsGalaxy_39.com] - C:\Program Files\MapsGalaxy_39\bar\1.bin

FF Extension: MapsGalaxy - C:\Program Files\MapsGalaxy_39\bar\1.bin [2013-08-10]
 

Chrome: 

=======

CHR HomePage: hxxp://search.babylon.com/?affID=120519&tt=gc_&babsrc=HP_ss_din2g&mntrId=24550022FA281B46

CHR RestoreOnStartup: "hxxp://search.babylon.com/?affID=120519&tt=gc_&babsrc=HP_ss_din2g&mntrId=24550022FA281B46", "hxxp://www.delta-search.com/?affID=120519&tt=gc_&babsrc=HP_ss&mntrId=24550022FA281B46"

CHR DefaultSearchKeyword: babylon.com

CHR DefaultSearchProvider: Babylon

CHR DefaultSearchURL: hxxp://search.babylon.com/?q={searchTerms}&affID=120519&tt=gc_&babsrc=SP_ss_din2g&mntrId=24550022FA281B46

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\Yamato\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll No File

CHR Plugin: (Chrome PDF Viewer) - C:\Users\Yamato\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll No File

CHR Plugin: (Shockwave Flash) - C:\Users\Yamato\AppData\Local\Google\Chrome\Application\28.0.1500.95\gcswf32.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Yamato\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll No File

CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)

CHR Plugin: (Flatcast Viewer Plugin 5.3.0.752) - C:\Users\Yamato\AppData\Roaming\Mozilla\plugins\NpFv530.dll (1 mal 1 Software GmbH)

CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File

CHR Plugin: (Java(TM) Platform SE 6 U32) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

CHR Plugin: (Java Deployment Toolkit 6.0.320.5) - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)

CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File

CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Yamato\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Yamato\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll No File

CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

CHR Extension: (YouTube) - C:\Users\Yamato\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-15]

CHR Extension: (Google-Suche) - C:\Users\Yamato\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-15]

CHR Extension: (Delta Toolbar) - C:\Users\Yamato\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-06-16]

CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Yamato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-08-06]

CHR Extension: (Google Mail) - C:\Users\Yamato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-15]

CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Yamato\AppData\Roaming\BabSolution\CR\Delta.crx [2013-05-26]

CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2013-05-26]

CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]
 

========================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1039440 2014-05-20] (Avira Operations GmbH & Co. KG)

R2 BUNAgentSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384 2008-03-03] (NewTech Infosystems, Inc.) [File not signed]

R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-06-02] () [File not signed]

R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [815104 2008-04-30] (Intel(R) Corporation) [File not signed]

R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2009-04-07] (Teruten) [File not signed]

S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-21] (Google)

S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3520512 2009-06-13] () [File not signed]

R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]

R2 MapsGalaxy_39Service; C:\Program Files\MapsGalaxy_39\bar\1.bin\39barsvc.exe [42504 2013-08-10] (COMPANYVERS_NAME)

R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] () [File not signed]

R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [File not signed]

R2 NitroReaderDriverReadSpool2; C:\Program Files\Canon\Easy-WebPrint EX\NitroPDFReaderDriverService2.exe [196904 2011-10-25] (Nitro PDF Software)

R2 NTIBackupSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [45056 2008-04-25] (NewTech InfoSystems, Inc.) [File not signed]

R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-25] () [File not signed]

R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [File not signed]

R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-04-30] (Intel(R) Corporation) [File not signed]

R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [233472 2008-07-19] (Acer Incorporated) [File not signed]
 

==================== Drivers (Whitelisted) ====================
 

R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2009-06-13] (Alfa Corporation)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-05-20] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-20] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-27] (Avira Operations GmbH & Co. KG)

R1 DritekPortIO; C:\Program Files\Launch Manager\DPortIO.sys [20112 2006-11-02] (Dritek System Inc.)

R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-04-07] () [File not signed]

R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] () [File not signed]

R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [54784 2007-12-18] (ITE Tech. Inc. )

R3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)

R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [48640 2009-08-05] (Atheros Communications, Inc.)

R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [130424 2008-08-26] (McAfee, Inc.)

R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-24] (Avira GmbH)

S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [90112 2009-03-20] (MCCI)

S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14976 2009-03-20] (MCCI Corporation)

S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [121856 2009-03-20] (MCCI Corporation)

S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-12-15] (The OpenVPN Project)

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]

S3 vpnva; system32\DRIVERS\vpnva.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-06-20 19:26 - 2014-06-20 19:29 - 00034619 _____ () C:\Users\Yamato\Desktop\FRST.txt

2014-06-20 19:26 - 2014-06-20 19:26 - 00000000 ____D () C:\Users\Yamato\Desktop\FRST-OlderVersion

2014-06-20 10:39 - 2014-06-20 10:39 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{0DBC397D-861E-4F0E-91F0-7CC82967EC05}

2014-06-19 13:57 - 2014-06-19 13:57 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{690122E6-23EE-4459-B24B-D121C17FD619}

2014-06-18 23:39 - 2014-06-18 23:40 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{FE3FF2A3-560F-4A65-8350-F319FCA7BA53}

2014-06-18 20:25 - 2014-06-20 19:29 - 00000000 ____D () C:\FRST

2014-06-18 20:24 - 2014-06-20 19:26 - 01073152 _____ (Farbar) C:\Users\Yamato\Desktop\FRST.exe

2014-06-18 11:08 - 2014-06-18 11:09 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{B3D43444-B64C-4647-A8DF-FE714472019E}

2014-06-18 10:42 - 2014-06-18 10:42 - 00000000 ____D () C:\ProgramData\30308

2014-06-17 23:07 - 2014-06-17 23:07 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{A6A5F6BF-C7B3-4FB9-B81E-0A69C29D7915}

2014-06-17 11:06 - 2014-06-17 11:06 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{7907AE9C-1D6B-4824-94A9-CB8F37311408}

2014-06-16 22:14 - 2014-06-16 22:14 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{6A875167-E938-48E5-9F46-A9A965DDA5C1}

2014-06-16 08:49 - 2014-06-16 08:49 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{8FBA4528-F932-4FEF-B497-D3F5FA0073B1}

2014-06-15 11:17 - 2014-06-15 11:17 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{C835ABD3-D0E0-4773-AACC-5DA7B288963B}

2014-06-14 12:51 - 2014-06-14 12:51 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{81737980-0211-4A7E-8F35-0D05F766138C}

2014-06-13 20:21 - 2014-06-13 20:21 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{0D0B381A-4C47-451E-B682-8A37DEAEABE6}

2014-06-12 17:31 - 2014-06-12 17:31 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{C9D80693-2517-4A0A-BCA8-2277C01CDDCD}

2014-06-11 20:26 - 2014-05-28 18:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-06-11 20:26 - 2014-05-28 18:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-06-11 20:26 - 2014-05-28 18:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-06-11 20:26 - 2014-05-28 18:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-06-11 20:26 - 2014-05-28 18:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-06-11 20:26 - 2014-05-28 18:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-06-11 20:26 - 2014-05-28 18:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-06-11 20:26 - 2014-05-28 18:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-06-11 20:26 - 2014-05-28 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-06-11 20:26 - 2014-05-28 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-06-11 20:26 - 2014-05-28 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-06-11 20:26 - 2014-05-28 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-06-11 20:26 - 2014-05-28 18:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-06-11 20:26 - 2014-05-28 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-06-11 20:26 - 2014-05-28 18:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-06-11 20:26 - 2014-05-28 18:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-06-11 20:26 - 2014-05-28 18:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-06-11 20:26 - 2014-05-28 18:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-06-11 20:26 - 2014-05-28 18:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-06-11 20:26 - 2014-05-28 18:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-06-11 20:26 - 2014-05-28 18:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-06-11 20:26 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-06-11 20:26 - 2014-04-05 04:42 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-06-11 20:26 - 2014-03-10 03:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-06-11 20:26 - 2014-03-10 03:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-06-11 20:10 - 2014-06-11 20:10 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{59632276-A320-47EF-9FF6-28E3FAF21847}

2014-06-10 18:54 - 2014-06-10 18:55 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{91A5CD88-3A72-4E8D-84A1-91C86159E675}

2014-06-09 11:48 - 2014-06-09 11:48 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{54CF442A-D053-4C40-8A96-9DADAA193D9D}

2014-06-08 11:06 - 2014-06-08 23:07 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{41E4176B-FD81-41B4-B0D1-C55167B51620}

2014-06-07 20:35 - 2014-06-14 16:34 - 00242456 _____ (Microsoft Corporation) C:\ProgramData\UnfejOwirm.dat

2014-06-07 19:08 - 2014-06-07 19:09 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{EED650E0-500B-4F6B-971D-877DA404B49A}

2014-06-06 22:26 - 2014-06-06 22:26 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{AE60D31A-F92D-4307-BDDE-28CEAC5B18AA}

2014-06-05 22:55 - 2014-06-05 22:55 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{F3A70E39-4C44-4ADB-9938-BC2ACF2033F9}

2014-06-04 10:57 - 2014-06-04 10:57 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{35F75953-25F6-4727-97DD-994D59AC6BF8}

2014-06-03 22:56 - 2014-06-03 22:56 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{ED4C6593-F3F3-4CED-9DA6-06510F2DFC77}

2014-06-03 10:56 - 2014-06-03 10:56 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{12232888-AD4A-4C2C-B907-B2FF0F70B2E9}

2014-06-02 22:02 - 2014-06-02 22:03 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{4AB40D7F-F144-415D-90E3-F8904566380F}

2014-06-02 09:54 - 2014-06-02 09:54 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{A82BC3FF-C7F9-43A3-856E-6A40FF63E2AF}

2014-05-31 11:25 - 2014-05-31 11:25 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{9DEAFDE2-8A50-4057-8C5D-7780A8C8BB0E}

2014-05-30 21:34 - 2014-05-30 21:34 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{2B5AE793-6F12-4ED9-832D-A2B130AD7742}

2014-05-29 12:35 - 2014-05-29 12:35 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{3F86E997-41D0-4BE3-924C-FEE6C4D2814A}

2014-05-28 19:27 - 2014-05-28 19:28 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{24954C10-9213-4B78-AD2C-B69995338A4F}

2014-05-27 19:39 - 2014-05-27 19:39 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{93700F99-C280-4951-B503-E482FC688066}

2014-05-25 16:20 - 2014-05-25 16:20 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{659DDB84-91E5-4863-B0AF-B086038840A3}

2014-05-24 23:35 - 2014-05-24 23:35 - 00261265 _____ (Microsoft Corporation) C:\ProgramData\OctoLzax.dat

2014-05-24 23:03 - 2014-05-24 23:03 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{46DABFF6-B376-4DDD-BBE3-02FDCAB8D13A}

2014-05-23 22:35 - 2014-05-23 22:35 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{31039176-9AB0-406D-95E3-E7B991DE7E04}

2014-05-23 10:34 - 2014-05-23 10:34 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{EAD8B466-97A3-43A2-89BA-63850CD3349A}

2014-05-22 22:17 - 2014-05-22 22:17 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{BC1E5F48-0EF2-424E-9F74-18CF7822F3F0}

2014-05-22 10:16 - 2014-05-22 10:17 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{2DF9065B-3A74-4EFB-88EE-D268EEF73B27}

2014-05-21 10:12 - 2014-05-21 10:12 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{55BD349E-6BE9-48B8-BF72-F57C8103F6C2}
 

==================== One Month Modified Files and Folders =======
 

2014-06-20 19:29 - 2014-06-20 19:26 - 00034619 _____ () C:\Users\Yamato\Desktop\FRST.txt

2014-06-20 19:29 - 2014-06-18 20:25 - 00000000 ____D () C:\FRST

2014-06-20 19:26 - 2014-06-20 19:26 - 00000000 ____D () C:\Users\Yamato\Desktop\FRST-OlderVersion

2014-06-20 19:26 - 2014-06-18 20:24 - 01073152 _____ (Farbar) C:\Users\Yamato\Desktop\FRST.exe

2014-06-20 18:53 - 2009-06-13 08:52 - 02048229 _____ () C:\Windows\WindowsUpdate.log

2014-06-20 18:48 - 2009-06-13 09:06 - 00000000 _____ () C:\Windows\system32\LogConfigTemp.xml

2014-06-20 18:42 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-06-20 18:42 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-06-20 18:41 - 2009-02-02 14:15 - 00000147 _____ () C:\Windows\system32\agent.log

2014-06-20 18:41 - 2008-01-21 04:47 - 08405276 _____ () C:\Windows\PFRO.log

2014-06-20 10:39 - 2014-06-20 10:39 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{0DBC397D-861E-4F0E-91F0-7CC82967EC05}

2014-06-19 14:24 - 2013-09-04 22:23 - 00000000 ____D () C:\Users\Yamato\AppData\Roaming\Skype

2014-06-19 13:57 - 2014-06-19 13:57 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{690122E6-23EE-4459-B24B-D121C17FD619}

2014-06-18 23:40 - 2014-06-18 23:39 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{FE3FF2A3-560F-4A65-8350-F319FCA7BA53}

2014-06-18 11:27 - 2011-03-26 18:46 - 00000000 ____D () C:\Users\Yamato\AppData\Local\BearShare

2014-06-18 11:09 - 2014-06-18 11:08 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{B3D43444-B64C-4647-A8DF-FE714472019E}

2014-06-18 10:42 - 2014-06-18 10:42 - 00000000 ____D () C:\ProgramData\30308

2014-06-17 23:07 - 2014-06-17 23:07 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{A6A5F6BF-C7B3-4FB9-B81E-0A69C29D7915}

2014-06-17 11:06 - 2014-06-17 11:06 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{7907AE9C-1D6B-4824-94A9-CB8F37311408}

2014-06-16 22:14 - 2014-06-16 22:14 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{6A875167-E938-48E5-9F46-A9A965DDA5C1}

2014-06-16 08:49 - 2014-06-16 08:49 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{8FBA4528-F932-4FEF-B497-D3F5FA0073B1}

2014-06-15 11:17 - 2014-06-15 11:17 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{C835ABD3-D0E0-4773-AACC-5DA7B288963B}

2014-06-14 16:34 - 2014-06-07 20:35 - 00242456 _____ (Microsoft Corporation) C:\ProgramData\UnfejOwirm.dat

2014-06-14 12:51 - 2014-06-14 12:51 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{81737980-0211-4A7E-8F35-0D05F766138C}

2014-06-13 20:21 - 2014-06-13 20:21 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{0D0B381A-4C47-451E-B682-8A37DEAEABE6}

2014-06-12 17:46 - 2009-02-02 13:28 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-06-12 17:41 - 2013-08-15 11:22 - 00000000 ____D () C:\Windows\system32\MRT

2014-06-12 17:41 - 2006-11-02 12:24 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2014-06-12 17:31 - 2014-06-12 17:31 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{C9D80693-2517-4A0A-BCA8-2277C01CDDCD}

2014-06-11 20:10 - 2014-06-11 20:10 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{59632276-A320-47EF-9FF6-28E3FAF21847}

2014-06-10 18:55 - 2014-06-10 18:54 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{91A5CD88-3A72-4E8D-84A1-91C86159E675}

2014-06-09 11:48 - 2014-06-09 11:48 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{54CF442A-D053-4C40-8A96-9DADAA193D9D}

2014-06-08 23:07 - 2014-06-08 11:06 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{41E4176B-FD81-41B4-B0D1-C55167B51620}

2014-06-08 16:16 - 2013-11-24 13:00 - 00000000 ____D () C:\Users\Yamato\Desktop\youtube musik

2014-06-07 19:09 - 2014-06-07 19:08 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{EED650E0-500B-4F6B-971D-877DA404B49A}

2014-06-06 22:26 - 2014-06-06 22:26 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{AE60D31A-F92D-4307-BDDE-28CEAC5B18AA}

2014-06-05 22:55 - 2014-06-05 22:55 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{F3A70E39-4C44-4ADB-9938-BC2ACF2033F9}

2014-06-04 10:57 - 2014-06-04 10:57 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{35F75953-25F6-4727-97DD-994D59AC6BF8}

2014-06-03 22:56 - 2014-06-03 22:56 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{ED4C6593-F3F3-4CED-9DA6-06510F2DFC77}

2014-06-03 10:56 - 2014-06-03 10:56 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{12232888-AD4A-4C2C-B907-B2FF0F70B2E9}

2014-06-02 22:03 - 2014-06-02 22:02 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{4AB40D7F-F144-415D-90E3-F8904566380F}

2014-06-02 09:54 - 2014-06-02 09:54 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{A82BC3FF-C7F9-43A3-856E-6A40FF63E2AF}

2014-05-31 11:25 - 2014-05-31 11:25 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{9DEAFDE2-8A50-4057-8C5D-7780A8C8BB0E}

2014-05-30 21:34 - 2014-05-30 21:34 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{2B5AE793-6F12-4ED9-832D-A2B130AD7742}

2014-05-29 12:35 - 2014-05-29 12:35 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{3F86E997-41D0-4BE3-924C-FEE6C4D2814A}

2014-05-28 19:28 - 2014-05-28 19:27 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{24954C10-9213-4B78-AD2C-B69995338A4F}

2014-05-28 18:48 - 2014-06-11 20:26 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-28 18:39 - 2014-06-11 20:26 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-05-28 18:38 - 2014-06-11 20:26 - 09711104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-05-28 18:33 - 2014-06-11 20:26 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-05-28 18:32 - 2014-06-11 20:26 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-05-28 18:32 - 2014-06-11 20:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-05-28 18:31 - 2014-06-11 20:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-05-28 18:31 - 2014-06-11 20:26 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-05-28 18:30 - 2014-06-11 20:26 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-05-28 18:30 - 2014-06-11 20:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-05-28 18:30 - 2014-06-11 20:26 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-05-28 18:30 - 2014-06-11 20:26 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-05-28 18:30 - 2014-06-11 20:26 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-05-28 18:30 - 2014-06-11 20:26 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-05-28 18:30 - 2014-06-11 20:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-05-28 18:29 - 2014-06-11 20:26 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-28 18:29 - 2014-06-11 20:26 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-05-28 18:29 - 2014-06-11 20:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-28 18:29 - 2014-06-11 20:26 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-05-28 18:29 - 2014-06-11 20:26 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-05-28 18:28 - 2014-06-11 20:26 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-05-27 19:39 - 2014-05-27 19:39 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{93700F99-C280-4951-B503-E482FC688066}

2014-05-25 16:20 - 2014-05-25 16:20 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{659DDB84-91E5-4863-B0AF-B086038840A3}

2014-05-24 23:35 - 2014-05-24 23:35 - 00261265 _____ (Microsoft Corporation) C:\ProgramData\OctoLzax.dat

2014-05-24 23:03 - 2014-05-24 23:03 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{46DABFF6-B376-4DDD-BBE3-02FDCAB8D13A}

2014-05-23 22:35 - 2014-05-23 22:35 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{31039176-9AB0-406D-95E3-E7B991DE7E04}

2014-05-23 10:34 - 2014-05-23 10:34 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{EAD8B466-97A3-43A2-89BA-63850CD3349A}

2014-05-22 22:17 - 2014-05-22 22:17 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{BC1E5F48-0EF2-424E-9F74-18CF7822F3F0}

2014-05-22 10:17 - 2014-05-22 10:16 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{2DF9065B-3A74-4EFB-88EE-D268EEF73B27}

2014-05-21 10:12 - 2014-05-21 10:12 - 00000000 ____D () C:\Users\Yamato\AppData\Local\{55BD349E-6BE9-48B8-BF72-F57C8103F6C2}
 

Files to move or delete:

====================

C:\Users\Yamato\AppData\Roaming\desktop.ini

C:\ProgramData\l_u0_0.pad

C:\ProgramData\OctoLzax.dat

C:\ProgramData\UnfejOwirm.dat
 
 

Some content of TEMP:

====================

C:\Users\Yamato\AppData\Local\Temp\1402.dll

C:\Users\Yamato\AppData\Local\Temp\ApnStub.exe

C:\Users\Yamato\AppData\Local\Temp\AutoRun.exe

C:\Users\Yamato\AppData\Local\Temp\AutoRunGUI.dll

C:\Users\Yamato\AppData\Local\Temp\avgnt.exe

C:\Users\Yamato\AppData\Local\Temp\BearShare_1771531.exe

C:\Users\Yamato\AppData\Local\Temp\BearShare_3500724.exe

C:\Users\Yamato\AppData\Local\Temp\BearShare_setup.exe

C:\Users\Yamato\AppData\Local\Temp\bpuninstall.exe

C:\Users\Yamato\AppData\Local\Temp\BrowserPlus.exe

C:\Users\Yamato\AppData\Local\Temp\DivXSetup.exe

C:\Users\Yamato\AppData\Local\Temp\drm_dialogs.dll

C:\Users\Yamato\AppData\Local\Temp\drm_dyndata_7330017.dll

C:\Users\Yamato\AppData\Local\Temp\drm_dyndata_7360010.dll

C:\Users\Yamato\AppData\Local\Temp\drm_dyndata_7380009.dll

C:\Users\Yamato\AppData\Local\Temp\drm_dyndata_7390006.dll

C:\Users\Yamato\AppData\Local\Temp\drm_dyndata_7400006.dll

C:\Users\Yamato\AppData\Local\Temp\EAD5D0D.exe

C:\Users\Yamato\AppData\Local\Temp\EAD925F.exe

C:\Users\Yamato\AppData\Local\Temp\EADAB5B.exe

C:\Users\Yamato\AppData\Local\Temp\FileSystemView.dll

C:\Users\Yamato\AppData\Local\Temp\FlashPlayerUpdate.exe

C:\Users\Yamato\AppData\Local\Temp\FlashPlayerUpdate01.exe

C:\Users\Yamato\AppData\Local\Temp\FlashPlayerUpdate02.exe

C:\Users\Yamato\AppData\Local\Temp\FlashPlayerUpdate03.exe

C:\Users\Yamato\AppData\Local\Temp\FlashPlayerUpdate04.exe

C:\Users\Yamato\AppData\Local\Temp\FlashPlayerUpdate05.exe

C:\Users\Yamato\AppData\Local\Temp\Installhelper.dll

C:\Users\Yamato\AppData\Local\Temp\install_flashplayer11x32axau_chra_awa_aih.exe

C:\Users\Yamato\AppData\Local\Temp\install_flashplayer11x32axau_chrd_awa_aih.exe

C:\Users\Yamato\AppData\Local\Temp\install_flashplayer11x32ax_gtbp_chra_aih.exe

C:\Users\Yamato\AppData\Local\Temp\install_flashplayer13x32axau_chra_awa_aih.exe

C:\Users\Yamato\AppData\Local\Temp\install_flash_player.exe

C:\Users\Yamato\AppData\Local\Temp\jre-6u17-windows-i586-iftw-rv.exe

C:\Users\Yamato\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exe

C:\Users\Yamato\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe

C:\Users\Yamato\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe

C:\Users\Yamato\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe

C:\Users\Yamato\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe

C:\Users\Yamato\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe

C:\Users\Yamato\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe

C:\Users\Yamato\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe

C:\Users\Yamato\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe

C:\Users\Yamato\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe

C:\Users\Yamato\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe

C:\Users\Yamato\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe

C:\Users\Yamato\AppData\Local\Temp\MSETUP4.EXE

C:\Users\Yamato\AppData\Local\Temp\msgC3DB.exe

C:\Users\Yamato\AppData\Local\Temp\msgE918.exe

C:\Users\Yamato\AppData\Local\Temp\MSN66EF.exe

C:\Users\Yamato\AppData\Local\Temp\NEWB71E.tmp.exe

C:\Users\Yamato\AppData\Local\Temp\patchw32.dll

C:\Users\Yamato\AppData\Local\Temp\RtkBtMnt.exe

C:\Users\Yamato\AppData\Local\Temp\SearchWithGoogleUpdate.exe

C:\Users\Yamato\AppData\Local\Temp\SRAssetsHelper.dll

C:\Users\Yamato\AppData\Local\Temp\Uninst.exe

C:\Users\Yamato\AppData\Local\Temp\UninstAP.exe

C:\Users\Yamato\AppData\Local\Temp\WEB.DE_Toolbar_IE_Setup_quiet.exe

C:\Users\Yamato\AppData\Local\Temp\_is58C9.exe

C:\Users\Yamato\AppData\Local\Temp\_is62A8.exe

C:\Users\Yamato\AppData\Local\Temp\_is6366.exe

C:\Users\Yamato\AppData\Local\Temp\_is8A95.exe

C:\Users\Yamato\AppData\Local\Temp\_is8C47.exe

C:\Users\Yamato\AppData\Local\Temp\_is9E9F.exe

C:\Users\Yamato\AppData\Local\Temp\_isCB99.exe

C:\Users\Yamato\AppData\Local\Temp\_isE1C6.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-06-20 18:54
 

==================== End Of Log ============================

Addition

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version:20-06-2014

Ran by Yamato at 2014-06-20 19:30:36

Running from C:\Users\Yamato\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 
 

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)

32 Bit HP CIO Components Installer (Version: 6.1.2 - Hewlett-Packard) Hidden

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )

AAV 6.0.00.15 (HKLM\...\Acer Acer Bio Protection 6.0.00.15) (Version:  - )

AC3Filter 1.63b (HKLM\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)

Access 97rt PAN EURO G (HKLM\...\Access 97rt PAN EURO G) (Version:  - )

Acer Bio Protection

Acer eAudio Management (HKLM\...\{57265292-228A-41FA-9AEC-4620CBCC2739}) (Version: 3.0.3008 - CyberLink Corp.)

Acer eDataSecurity Management (HKLM\...\{A5633652-3795-4829-BB0B-644F0279E279}) (Version: 3.0.3065 - Egis Inc.)

Acer Empowering Technology (HKLM\...\{8F1B6239-FEA0-450A-A950-B05276CE177C}) (Version: 3.0.3009 - Acer Incorporated)

Acer ePower Management (HKLM\...\{58E5844B-7CE2-413D-83D1-99294BF6C74F}) (Version: 3.0.3014 - Acer Incorporated)

Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.0.3014 - Acer Incorporated)

Acer eSettings Management (HKLM\...\{13D85C14-2B85-419F-AC41-C7F21E68B25D}) (Version: 3.0.3011 - Acer Incorporated)

Acer GridVista (HKLM\...\GridVista) (Version: 2.72.317 - )

Acer Mobility Center Plug-In (HKLM\...\{11316260-6666-467B-AC34-183FCB5D4335}) (Version: 3.0.3000 - Acer Inc.)

Acer Product Registration (HKLM\...\{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}) (Version: 3.0.0.10 - Acer Incorporated)

Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 1.13.1301 - Acer Inc.)

Acer VCM (HKLM\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 3.2.3002 - Acer Incorporated)

Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.45.2 - Adobe Systems Incorporated)

Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)

Adobe Reader 9.5.5 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)

Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - Agere Systems)

Apple Application Support (HKLM\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.30 - Atheros Communications Inc.)

Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)

BearShare (HKLM\...\BearShare) (Version: 10.0.0.125075 - Musiclab, LLC)

BearShare (Version: 10.0.0.125075 - Musiclab, LLC) Hidden

Canon Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )

Canon MP Navigator EX 4.0 (HKLM\...\MP Navigator EX 4.0) (Version:  - )

Canon MP280 series Benutzerregistrierung (HKLM\...\Canon MP280 series Benutzerregistrierung) (Version:  - )

Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version:  - )

Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )

Canon Solution Menu EX (HKLM\...\CanonSolutionMenuEX) (Version:  - )

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

Delta Chrome Toolbar (HKLM\...\Delta Chrome Toolbar) (Version:  - Visual Tools) <==== ATTENTION

Delta toolbar   (HKLM\...\delta) (Version: 1.8.21.5 - Delta) <==== ATTENTION

DivX Converter (HKLM\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)

DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)

DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)

DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.2 - DivX, Inc.)

DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)

Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)

Free YouTube to MP3 Converter version 3.12.16.1030 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.16.1030 - DVDVideoSoft Ltd.)

Gemeinsam genutzte Internet-Komponenten von Westwood (HKLM\...\WOLAPI) (Version:  - )

Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)

Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)

Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)

Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden

iLinc Client (HKLM\...\uninstall.exe) (Version:  - )

InfraRecorder (HKLM\...\InfraRecorder) (Version:  - )

Intel PROSet Wireless (Version:  - ) Hidden

Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{26921B2E-3E62-47F9-A514-1FC4A83BD738}) (Version: 12.00.0004 - Intel(R) Corporation)

Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)

ITECIR (HKLM\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.6 - ITE)

Java(TM) 6 Update 37 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.370 - Oracle)

JMicron JMB38X Flash Media Controller (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.12.07 - JMicron Technology Corp.)

Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Launch Manager (HKLM\...\LManager) (Version:  - )

LightScribe  1.4.142.1 (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden

Making History II (HKLM\...\Making History II) (Version:  - )

MapsGalaxy Firefox Toolbar (HKLM\...\MapsGalaxy_39bar Uninstall Firefox) (Version:  - Mindspark Interactive Network) <==== ATTENTION

MapsGalaxy Internet Explorer Toolbar (HKLM\...\MapsGalaxy_39bar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION

MATLAB R2011b (HKLM\...\Matlab R2011b) (Version: 7.13 - The MathWorks, Inc.)

Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden

Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden

Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)

Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)

MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Nitro PDF Reader 2 (HKLM\...\{F0FF219A-6233-440A-BC76-5CC144CDCDB6}) (Version: 2.1.0.13 - Nitro PDF Software)

NTI Backup Now 5 (HKLM\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.606 - NewTech Infosystems)

NTI Backup Now Standard (Version: 5.1.2.606 - NewTech Infosystems) Hidden

NTI Media Maker 8 (HKLM\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6329 - NewTech Infosystems)

NTI Media Maker 8 (Version: 8.0.2.6329 - NewTech Infosystems) Hidden

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - NVIDIA Corporation)

NVIDIA PhysX (HKLM\...\{DD1865F0-AD73-40FB-B23E-1822E02396FF}) (Version: 9.09.0203 - NVIDIA Corporation)

OpenOffice.org 3.2 (HKLM\...\{8D1E61D1-1395-4E97-997F-D002DB3A5074}) (Version: 3.2.9502 - OpenOffice.org)

PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)

PhotoNow! (HKLM\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.4619 - CyberLink Corp.)

QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5618 - Realtek Semiconductor Corp.)

SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )

Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version:  - )

SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )

Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version:  - )

SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )

SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )

Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)

Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden

SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )

SamsungConnectivityCableDriver (HKLM\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)

Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden

Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)

Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)

Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.2.4.1 - Synaptics)

System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )

Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)

VAFPlayer (HKLM\...\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}) (Version: 1.6.8 - Tuguu SL) <==== ATTENTION

Validity Sensors software (HKLM\...\{567E8236-C414-4888-8211-3D61608D57AE}) (Version: 2.7.44 - Validity Sensors, Inc.)

VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden

Wincore MediaBar (HKLM\...\Wincore MediaBar) (Version: 4.0.0.2790 - Musiclab, LLC) <==== ATTENTION

Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden

Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Fotoğraf Galerisi (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden

Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Sync (HKLM\...\{A1DA00CE-AA3E-45BC-91D6-66739D9E16F1}) (Version: 14.0.8117.416 - Microsoft Corporation)

Windows Live Temel Parçalar (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

Windows Live Temel Parçalar (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 

==================== Restore Points  =========================
 

10-04-2014 10:25:19 Windows Update

15-04-2014 16:21:46 Windows Update

22-04-2014 08:14:03 Windows Update

25-04-2014 08:46:41 Windows Update

30-04-2014 08:54:11 Windows Update

03-05-2014 17:53:59 Windows Update

09-05-2014 15:53:54 Windows Update

14-05-2014 17:48:48 Windows Update

15-05-2014 19:29:21 Windows Update

21-05-2014 08:19:05 Windows Update

30-05-2014 19:40:27 Windows Update

03-06-2014 09:22:44 Windows Update

06-06-2014 20:32:11 Windows Update

11-06-2014 18:16:51 Windows Update

12-06-2014 15:35:21 Windows Update

17-06-2014 09:18:03 Windows Update
 

==================== Hosts content: ==========================
 

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

::1             localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {02447C0B-B3A7-4C1C-B372-A76AB2B8579C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3122945756-3708475220-1533568220-1000UA => C:\Users\Yamato\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-23] (Google Inc.)

Task: {032B2B27-BEC4-4ACB-97B2-CCE23584D15C} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION

Task: {167D44CC-1621-4254-BB46-B17CCCF6B721} - System32\Tasks\MATLAB R2011b Startup Accelerator => C:\Program Files\MATLAB\R2011b\bin\win32\MATLABStartupAccelerator.exe [2011-07-08] ()

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM

Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages

Task: {42E71A70-D995-43E9-8B5E-5263156FF9D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-31] (Google Inc.)

Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)

Task: {6C073CC4-E543-4F7E-BEB5-86D4784EEFB3} - System32\Tasks\McQcTask => c:\PROGRA~1\mcafee\mqc\QcConsol.exe

Task: {7F319699-2326-4F54-B772-8BE47060A871} - System32\Tasks\McDefragTask => c:\PROGRA~1\mcafee\mqc\QcConsol.exe

Task: {858BA1A5-4721-4AB5-AECA-CB134D189A35} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {92226EAC-254E-4A21-943A-50BF0BFE743B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3122945756-3708475220-1533568220-1000Core => C:\Users\Yamato\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-23] (Google Inc.)

Task: {A2BEC7B8-7871-44A8-A893-1E083643C68A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {A540FD8A-25DB-485D-88DF-629DB0CE41AC} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)

Task: {AFC6F0A7-EFBD-41D3-BAB7-61ED3F4EC886} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-16] (Adobe Systems Incorporated)

Task: {B05E732A-DF01-4100-9850-DBCB95407C68} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Yamato => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)

Task: {BA66784C-8F0D-4851-BEE7-5977B861B21E} - System32\Tasks\EPUpdater => C:\Users\Yamato\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-05-09] () <==== ATTENTION

Task: {BFF2D2E5-5D41-4D8D-AD6C-1B86AE988CF5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3122945756-3708475220-1533568220-1000Core => C:\Users\Yamato\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)

Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()

Task: {EE331000-C50E-4498-B4D2-5E57512BE76A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3122945756-3708475220-1533568220-1000UA => C:\Users\Yamato\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)

Task: {F7E19372-1DE3-4F3F-BAE6-9DF98E8807CD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-31] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3122945756-3708475220-1533568220-1000Core.job => C:\Users\Yamato\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3122945756-3708475220-1533568220-1000UA.job => C:\Users\Yamato\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6bccb4935a90.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3122945756-3708475220-1533568220-1000Core1cf6a2161bee92f.job => C:\Users\Yamato\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3122945756-3708475220-1533568220-1000UA.job => C:\Users\Yamato\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\MATLAB R2011b Startup Accelerator.job => C:\Program Files\MATLAB\R2011b\bin\win32\MATLABStartupAccelerator.exe

Task: C:\Windows\Tasks\McDefragTask.job => C:\Windows\system32\defrag.exe

Task: C:\Windows\Tasks\McQcTask.job => c:\PROGRA~1\mcafee\mqc\QcConsol.exe
 

==================== Loaded Modules (whitelisted) =============
 

2009-06-13 09:02 - 2009-06-13 09:02 - 00080896 _____ () C:\Program Files\Acer\Acer Bio Protection\PwdFilter.dll

2011-11-13 18:33 - 2001-10-28 18:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll

2008-04-30 20:13 - 2008-04-30 20:13 - 00200704 _____ () C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL

2007-06-24 20:09 - 2007-06-24 20:09 - 01024000 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll

2007-06-24 20:09 - 2007-06-24 20:09 - 00098304 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll

2007-06-24 20:09 - 2007-06-24 20:09 - 00061440 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll

2009-02-02 13:43 - 2008-06-02 10:25 - 00024576 _____ () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

2009-02-02 13:43 - 2009-02-02 13:43 - 00032768 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3009.0__14bcaafdb44b5951\Framework.Model.Controller.dll

2009-02-02 13:43 - 2009-02-02 13:43 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3009.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll

2009-02-02 13:43 - 2009-02-02 13:43 - 00061440 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll

2009-02-02 13:43 - 2009-02-02 13:43 - 00015360 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3009.0__672b450de5a7e94a\Framework.Host.dll

2009-02-02 13:43 - 2009-02-02 13:43 - 00006144 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3009.0__9ecdf03bb2054f94\Framework.PluginInterface.dll

2009-02-02 13:51 - 2008-05-30 13:22 - 00016384 _____ () C:\Program Files\Acer\Empowering Technology\eAudio\eAudioSrvPlugin.dll

2009-02-02 13:43 - 2009-02-02 13:43 - 00036864 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll

2009-02-02 13:50 - 2008-10-27 15:01 - 00016384 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.ServicePlugin.dll

2009-02-02 13:50 - 2008-10-27 15:00 - 00016384 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Logger.dll

2009-02-02 13:50 - 2008-10-27 15:01 - 00143360 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Model.Computer.dll

2009-02-02 13:50 - 2008-10-27 15:00 - 00036864 _____ () C:\Program Files\Acer\Empowering Technology\Service\eSettings.Model.ComputerInterface.dll

2008-07-29 18:52 - 2008-07-29 18:52 - 00227888 _____ () C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll

2008-04-25 22:36 - 2008-04-25 22:36 - 00028672 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

2008-04-28 10:49 - 2008-04-28 10:49 - 00003072 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll

2009-06-13 09:02 - 2009-06-13 09:02 - 03520512 _____ () C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

2009-02-02 14:20 - 2007-12-06 17:15 - 00110592 _____ () C:\Acer\Mobility Center\MobilityService.exe

2009-02-02 14:20 - 2007-11-27 16:08 - 00032768 _____ () C:\Acer\Mobility Center\MobilityInterface.dll

2008-04-25 22:36 - 2008-04-25 22:36 - 00131072 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

2009-02-02 20:33 - 2003-06-07 07:30 - 00057344 _____ () C:\Program Files\Launch Manager\PowerUtl.dll

2013-02-13 04:37 - 2013-02-13 04:37 - 01263952 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe

2013-02-13 04:38 - 2013-02-13 04:38 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll

2009-06-13 09:14 - 2007-09-11 11:12 - 00475136 _____ () C:\Program Files\Acer\Acer VCM\AcerControl.dll

2009-02-02 13:44 - 2010-08-21 17:35 - 00034816 _____ () C:\Program Files\Google\Google Desktop Search\gzlib.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
 

==================== Safe Mode (whitelisted) ===================
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
 

==================== EXE Association (whitelisted) =============
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (06/20/2014 06:49:36 PM) (Source: LoadPerf) (EventID: 3001) (User: )

Description: >16
 

Error: (06/20/2014 06:43:02 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (06/20/2014 10:51:35 AM) (Source: Windows Search Service) (EventID: 3013) (User: )

Description: Eintrag <C:\USERS\YAMATO\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\F32FKOU3\ACTIVEVIEW[1].GIF> in der Hash-Zuordnung kann nicht aktualisiert werden.
 

Kontext:  Anwendung, SystemIndex Katalog
 
 

Details:

        Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
 

Error: (06/20/2014 10:37:31 AM) (Source: LoadPerf) (EventID: 3001) (User: )

Description: >16
 

Error: (06/20/2014 10:33:35 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (06/19/2014 08:50:14 PM) (Source: LoadPerf) (EventID: 3001) (User: )

Description: >16
 

Error: (06/19/2014 08:44:31 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (06/19/2014 01:57:03 PM) (Source: LoadPerf) (EventID: 3001) (User: )

Description: >16
 

Error: (06/19/2014 01:51:23 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (06/18/2014 11:38:46 PM) (Source: LoadPerf) (EventID: 3001) (User: )

Description: >16
 
 

System errors:

=============

Error: (06/20/2014 06:48:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Windows Live Family Safety Service
 

Error: (06/20/2014 10:39:06 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Windows Live Family Safety Service
 

Error: (06/19/2014 08:51:09 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Windows Live Family Safety Service
 

Error: (06/19/2014 01:56:53 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Windows Live Family Safety Service
 

Error: (06/18/2014 11:39:22 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Windows Live Family Safety Service
 

Error: (06/18/2014 07:47:03 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Windows Live Family Safety Service
 

Error: (06/18/2014 10:20:32 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Windows Live Family Safety Service
 

Error: (06/17/2014 10:10:15 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Windows Live Family Safety Service
 

Error: (06/17/2014 11:05:33 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Windows Live Family Safety Service
 

Error: (06/16/2014 10:14:04 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Windows Live Family Safety Service
 
 

Microsoft Office Sessions:

=========================
 

==================== Memory info =========================== 
 

Percentage of memory in use: 51%

Total physical RAM: 3068.03 MB

Available physical RAM: 1487.67 MB

Total Pagefile: 6344.34 MB

Available Pagefile: 4473.12 MB

Total Virtual: 2047.88 MB

Available Virtual: 1923.5 MB
 

==================== Drives ================================
 

Drive c: (ACER) (Fixed) (Total:144.04 GB) (Free:47.98 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (DATA) (Fixed) (Total:137.5 GB) (Free:131.29 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 298 GB) (Disk ID: 4EBF5754)

Partition 1: (Not Active) - (Size=13 GB) - (Type=27)

Partition 2: (Active) - (Size=144 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=138 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=4 GB) - (Type=12)
 

==================== End Of Log ============================

defogger-disable

Code:

defogger_disable by jpshortstuff (23.02.10.1)

Log created at 20:05 on 20/06/2014 (Yamato)
 

Checking for autostart values...

HKCU\~\Run values retrieved.

HKLM\~\Run values retrieved.
 

Checking for services/drivers...
 
 

-=E.O.F=-

Gmer

Code:

GMER 2.1.19357 - hxxp://www.gmer.net

Rootkit scan 2014-06-22 13:14:17

Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.FB4O 298,09GB

Running: Gmer-19357.exe; Driver: C:\Users\Yamato\AppData\Local\Temp\kfriapow.sys
 
 

---- Disk sectors - GMER 2.1 ----
 

Disk  \Device\Harddisk0\DR0  unknown MBR code
 

---- EOF - GMER 2.1 ----

hallo,

ich habe leider bereits ausgeführt was du mir schon am 24.06. geschrieben hattest. Die Logdatein von FRST sind schon verändert. FRST logs zur Kontrolle konnte ich jetzt nicht mehr anfertigen, ich hoffe das ist nicht schlimm, tut mir leid.

FRST-Fix

Code:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:14-07-2014 01

Ran by Yamato at 2014-07-15 17:12:41 Run:1

Running from C:\Users\Yamato\Desktop

Boot Mode: Normal
 

==============================================
 

Content of fixlist:

*****************

start

HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION

HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION

HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION

Reboot:

end

         

*****************
 

HKLM => Group Policy Restriction on software restored successfully.

HKLM => Group Policy Restriction on software restored successfully.

HKLM => Group Policy Restriction on software restored successfully.
 
 

The system needed a reboot. 
 

==== End of Fixlog ====

ADW-Cleaner

Code:

# AdwCleaner v3.215 - Bericht erstellt am 15/07/2014 um 18:08:46

# Aktualisiert 09/07/2014 von Xplode

# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)

# Benutzername : Yamato - YAMATO-PC

# Gestartet von : C:\Users\Yamato\Desktop\adwcleaner_3.215.exe

# Option : Löschen
 

***** [ Dienste ] *****
 

Dienst Gelöscht : MapsGalaxy_39Service
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : C:\ProgramData\Ask

Ordner Gelöscht : C:\ProgramData\Babylon

Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAFPlayer

Ordner Gelöscht : C:\Program Files\BearShare Applications

Ordner Gelöscht : C:\Program Files\Delta

Ordner Gelöscht : C:\Program Files\Iminent

Ordner Gelöscht : C:\Program Files\mapsgalaxy_39

Ordner Gelöscht : C:\Program Files\tuguu sl

Ordner Gelöscht : C:\Program Files\Uninstaller

Ordner Gelöscht : C:\Users\Yamato\AppData\Local\mapsgalaxy_39

Ordner Gelöscht : C:\Users\Yamato\AppData\Local\PackageAware

Ordner Gelöscht : C:\Users\Yamato\AppData\LocalLow\DataMngr

Ordner Gelöscht : C:\Users\Yamato\AppData\LocalLow\Delta

Ordner Gelöscht : C:\Users\Yamato\AppData\LocalLow\iac

Ordner Gelöscht : C:\Users\Yamato\AppData\LocalLow\mapsgalaxy_39

Ordner Gelöscht : C:\Users\Yamato\AppData\Roaming\BabSolution

Ordner Gelöscht : C:\Users\Yamato\AppData\Roaming\Babylon

Ordner Gelöscht : C:\Users\Yamato\AppData\Roaming\Delta

Ordner Gelöscht : C:\Users\Yamato\AppData\Roaming\pdfforge

Ordner Gelöscht : C:\Users\Yamato\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde

Datei Gelöscht : C:\Users\Yamato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

Datei Gelöscht : C:\Users\Yamato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage

Datei Gelöscht : C:\Users\Yamato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal

Datei Gelöscht : C:\Windows\System32\Tasks\BrowserProtect

Datei Gelöscht : C:\Windows\System32\Tasks\EPUpdater
 

***** [ Verknüpfungen ] *****
 

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BearShare\Uninstall BearShare.lnk
 

***** [ Registrierungsdatenbank ] *****
 

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [39ffxtbr@MapsGalaxy_39.com]

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{032B2B27-BEC4-4ACB-97B2-CCE23584D15C}

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{032B2B27-BEC4-4ACB-97B2-CCE23584D15C}

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA66784C-8F0D-4851-BEE7-5977B861B21E}

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA66784C-8F0D-4851-BEE7-5977B861B21E}

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\NCTAudioFileWMA3.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BearShareIEHelper.DNSGuard.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DnsBHO.BHO

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\imweb.imwebcontrol

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\nctaudiocdwriter2.audiocdwriter2

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\nctaudiocdwriter2.audiocdwriter2.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]

Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@MapsGalaxy_39.com/Plugin

Schlüssel Gelöscht : HKCU\Software\592dbdce534ed15

Schlüssel Gelöscht : HKLM\SOFTWARE\592dbdce534ed15

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MapsGalaxy_39 Browser Plugin Loader]

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{756C097C-6BDB-45DE-A8F1-83E01AB86BA4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{01AD9322-02FF-4F4F-AC52-92FDA5AE65F0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5D9E7BE9-95E5-4392-8CD2-D82DE89589ED}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{74322BF9-DF26-493F-B0DA-6D2FC5E6429E}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0BBF19A5-BE50-4E06-A340-6777A505E490}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{869E753F-BD0D-4832-8131-94FEEE058AE3}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2D77AC8A-0A4C-40D0-9557-51907A575E45}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C424171E-592A-415A-9EB1-DFD6D95D3530}]

Schlüssel Gelöscht : HKCU\Software\Conduit

Schlüssel Gelöscht : HKCU\Software\Convesoft

Schlüssel Gelöscht : HKCU\Software\DataMngr

[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar

Schlüssel Gelöscht : HKCU\Software\Delta

Schlüssel Gelöscht : HKCU\Software\Iminent

Schlüssel Gelöscht : HKCU\Software\MapsGalaxy_39

Schlüssel Gelöscht : HKCU\Software\tuguu sl

Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\MapsGalaxy_39

Schlüssel Gelöscht : HKLM\Software\Babylon

Schlüssel Gelöscht : HKLM\Software\bearsharemediabartb

Schlüssel Gelöscht : HKLM\Software\Delta

Schlüssel Gelöscht : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar

Schlüssel Gelöscht : HKLM\Software\DomaIQ

Schlüssel Gelöscht : HKLM\Software\Iminent

Schlüssel Gelöscht : HKLM\Software\MapsGalaxy_39

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wincore MediaBar

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wincore MediaBar

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0C776EBEBCBCFBE408892EE7B12517FC

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0C776EBEBCBCFBE408892EE7B12517FC

Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\0C776EBEBCBCFBE408892EE7B12517FC

Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\0C776EBEBCBCFBE408892EE7B12517FC
 

***** [ Browser ] *****
 

-\\ Internet Explorer v9.0.8112.16561
 
 

-\\ Google Chrome v
 

[ Datei : C:\Users\Yamato\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 

Gelöscht [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&appid=0&systemid=2&sr=0&q={searchTerms}

Gelöscht [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&affID=120519&tt=gc_&babsrc=SP_ss&mntrId=24550022FA281B46

Gelöscht [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=120519&tt=gc_&babsrc=SP_ss_din2g&mntrId=24550022FA281B46

Gelöscht [Homepage] : hxxp://search.babylon.com/?affID=120519&tt=gc_&babsrc=HP_ss_din2g&mntrId=24550022FA281B46

Gelöscht [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo

Gelöscht [Extension] : eooncjejnppfjjklapaamhcdmjbilmde

Gelöscht [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg

Gelöscht [Extension] : hphibigbodkkohoglgfkddblldpfohjl

Gelöscht [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej

Gelöscht [Extension] : kincjchfokkeneeofpeefomkikfkiedl

Gelöscht [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc

Gelöscht [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc
 

*************************
 

AdwCleaner[R0].txt - [25946 octets] - [15/07/2014 18:05:50]

AdwCleaner[S0].txt - [25659 octets] - [15/07/2014 18:08:46]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [25720 octets] ##########

MBAM

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 
 

Update, 15.07.2014 18:34:25, SYSTEM, YAMATO-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.7.14.1, 

Update, 15.07.2014 18:34:44, SYSTEM, YAMATO-PC, Manual, Malware Database, 2014.3.4.9, 2014.7.15.9, 
 

(end)

zoek

Code:

Zoek.exe v5.0.0.0 Updated 15-07-2014

Tool run by Yamato on 15.07.2014 at 19:15:18,71.

Microsoft® Windows Vista™ Home Premium  6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Yamato\Desktop\zoek.exe [Scan all users] [Script inserted] 
 

==== System Restore Info ======================
 

15.07.2014 19:23:11 Zoek.exe System Restore Point Created Succesfully.
 

==== Deleting CLSID Registry Keys ======================
 

HKEY_USERS\S-1-5-21-3122945756-3708475220-1533568220-1000\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f} deleted successfully

HKEY_USERS\S-1-5-21-3122945756-3708475220-1533568220-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully

HKEY_USERS\S-1-5-21-3122945756-3708475220-1533568220-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully

HKEY_USERS\S-1-5-21-3122945756-3708475220-1533568220-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully

HKEY_USERS\S-1-5-21-3122945756-3708475220-1533568220-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully
 

==== Deleting CLSID Registry Values ======================
 

HKEY_USERS\S-1-5-21-3122945756-3708475220-1533568220-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully

HKEY_USERS\S-1-5-21-3122945756-3708475220-1533568220-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully
 

==== Deleting Services ======================
 
 

==== Deleting Files \ Folders ======================
 

C:\Program Files\Common Files\DVDVideoSoft\bin deleted

C:\Users\Yamato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BearShare.lnk deleted

C:\Users\Yamato\AppData\Roaming\Smiley.ico deleted

C:\Users\Yamato\AppData\Roaming\WinHost deleted

C:\PROGRA~2\boost_interprocess deleted

C:\Users\Yamato\AppData\Local\APN deleted

C:\Users\Yamato\AppData\Local\BearShare deleted

C:\Users\Yamato\Searches deleted

C:\Users\Yamato\AppData\LocalLow\wincorebsband deleted

C:\Users\Yamato\AppData\LocalLow\mediabarbs deleted

C:\Windows\system32\config\systemprofile\Searches deleted

C:\Windows\System32\InstallUtil.InstallLog deleted

C:\Windows\System32\searchplugins deleted

C:\Windows\System32\Extensions deleted

"C:\Users\Yamato\AppData\Roaming\Oqlio\erdi.axi" deleted

"C:\Users\Yamato\AppData\Roaming\Oxesc\ugyt.pig" deleted

"C:\Users\Yamato\AppData\Roaming\Fufyyt\yswu.arx" deleted

"C:\Users\Yamato\AppData\Roaming\Ceky" deleted

"C:\Users\Yamato\AppData\Roaming\Ikucy" deleted

"C:\Users\Yamato\AppData\Roaming\Oqlio" deleted

"C:\Users\Yamato\AppData\Roaming\Oxesc" deleted

"C:\Users\Yamato\AppData\Roaming\Zuemv" deleted

"C:\Users\Yamato\AppData\Roaming\Fufyyt" deleted
 

==== Firefox Extensions Registry ======================
 

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5" [01.08.2013 13:20]
 

==== Chrome Look ======================
 

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx[]

nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[06.05.2013 10:12]
 
 

==== Chrome Fix ======================
 

C:\Users\Yamato\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully
 

==== Set IE to Default ======================
 

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="hxxp://google.de/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0609&m=aspire_8930"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="hxxp://www.google.com/search/?q=%s"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{b0441a0e-a49a-4e16-afc1-74ecced1921f}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}] not found
 

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="hxxp://google.de/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="hxxp://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
 

==== All HKCU SearchScopes ======================
 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="hxxp://www.google.com/search?q={searchTerms}"

{0553D95C-0578-4E7B-9DBD-48F05219A16E} 1und1 Suche Url="hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}"

{0BE280BD-26BE-4656-8E6E-D42D6F1DE84E} GMX search Url="hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie"

{5B64F938-F23A-40C8-992A-FBDC1FDE62B2} GMX Suche Url="hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}"

{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google  Url="hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE333DE333"

{8B13517F-CED6-4439-9BD4-DC2BE679C60E} Google  Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_deDE333DE333"

{F11CEAC6-F62D-4910-94F1-13111D62536C} WEB.DE Suche Url="hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}"
 

==== Reset Google Chrome ======================
 

C:\Users\Yamato\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully

C:\Users\Yamato\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
 

==== shortcuts on Users Desktops ======================
 

C:\Users\Yamato\Desktop\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe 

C:\Users\Yamato\Desktop\Solitaire.lnk - C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe 

C:\Users\Yamato\Desktop\Acer Crystal Eye Webcam\Acer Crystal Eye Webcam.lnk - C:\Users\Yamato\Pictures\19833_1327668839771_1472438852_857373_6396111_n.jpg 

C:\Users\Yamato\Desktop\Acer Crystal Eye Webcam\uninstall.lnk - C:\Users\Yamato\Pictures\Anne Samsung\Resim\türkiye\Fotograf0002.jpg -removeonly -runfromtemp -l0x0007

C:\Users\Yamato\Desktop\Kampanya\savas4 - Verknüpfung.lnk -  
 

==== shortcuts on All Users Desktop ======================
 

C:\Users\Public\Desktop\Adobe Reader 9.lnk - C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe 

C:\Users\Public\Desktop\Avira Control Center.lnk - C:\Program Files\Avira\AntiVir Desktop\avcenter.exe 

C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk - C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe 

C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe 

C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe 

C:\Users\Public\Desktop\VAFPlayer.lnk - C:\Windows\Installer\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}\_5A7BEEAA8B494FA662219A.exe 
 

==== shortcuts in Users Start Menu ======================
 

C:\Users\Yamato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Yamato\AppData\Local\Google\Chrome\Application\chrome.exe 
 

==== shortcuts in All Users Start Menu ======================
 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BearShare\Uninstall BearShare.lnk - C:\Program Files\BearShare Applications\BearShare\UninstallSurvey.exe 
 

==== shortcuts in Quick Launch ======================
 

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

C:\Users\Yamato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Users\Yamato\AppData\Local\Google\Chrome\Application\chrome.exe 

C:\Users\Yamato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\InfraRecorder.lnk - C:\Program Files\InfraRecorder\InfraRecorder.exe 

C:\Users\Yamato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe 

C:\Users\Yamato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung New PC Studio.lnk - C:\Program Files\Samsung\Samsung New PC Studio\NPSGuide.exe 

C:\Users\Yamato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  

C:\Users\Yamato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WEB.DE.lnk - C:\Program Files\Internet Explorer\iexplore.exe hxxp://go.web.de/tb/ie_desktop_portal

C:\Users\Yamato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

C:\Users\Yamato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
 

==== shortcuts After Repair ======================
 

C:\Users\Yamato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WEB.DE.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
 

==== Reset IE Proxy ======================
 

Value(s) before fix:

"ProxyEnable"=dword:00000000
 

Value(s) after fix:

"ProxyEnable"=dword:00000000
 

==== Deleting Registry Keys ======================
 

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MapsGalaxy_39bar Uninstall Firefox deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MapsGalaxy_39bar Uninstall Internet Explorer deleted successfully
 

==== Empty IE Cache ======================
 

C:\Users\Yamato\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Yamato\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
 

==== Empty FireFox Cache ======================
 

No FireFox Profiles found
 

==== Empty Chrome Cache ======================
 

C:\Users\Yamato\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 

==== Empty All Flash Cache ======================
 

Flash Cache Emptied Successfully
 

==== Empty All Java Cache ======================
 

Java Cache cleared successfully
 

==== C:\zoek_backup content ======================
 

C:\zoek_backup (files=330 folders=48 156656772 bytes)
 

==== Empty Temp Folders ======================
 

C:\Users\Default\AppData\Local\temp emptied successfully

C:\Users\Default User\AppData\Local\temp emptied successfully

C:\Users\Public\AppData\Local\temp emptied successfully

C:\Users\Yamato\AppData\Local\temp will be emptied at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot
 

==== After Reboot ======================
 

==== Empty Temp Folders ======================
 

C:\Windows\Temp successfully emptied

C:\Users\Yamato\AppData\Local\Temp successfully emptied
 

==== Empty Recycle Bin ======================
 

C:\$RECYCLE.BIN successfully emptied
 

==== Deleting Files / Folders ======================
 

"C:\Users\Yamato\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
 

==== EOF on 15.07.2014 at 19:56:04,55 ======================

FRST (neu)

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-07-2014 01

Ran by Yamato (administrator) on YAMATO-PC on 15-07-2014 20:10:00

Running from C:\Users\Yamato\Desktop

Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)

Internet Explorer Version 9

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(Validity Sensors, Inc.) C:\Windows\System32\vfsFPService.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe

(Agere Systems) C:\Windows\System32\agrsmsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe

(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

() C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsssvc.exe

(Teruten) C:\Windows\System32\FsUsbExService.Exe

() C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe

() C:\ACER\Mobility Center\MobilityService.exe

(Nitro PDF Software) C:\Program Files\Canon\Easy-WebPrint EX\NitroPDFReaderDriverService2.exe

(NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe

(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe

(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

(Acer Inc.) C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

(Acer Incorporated) C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe

(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe

(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe

(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsui.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

() C:\Program Files\DivX\DivX Update\DivXUpdate.exe

(Microsoft Corporation) C:\Windows\ehome\ehtray.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

(Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe

(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Realtek Semiconductor Corp.) C:\Users\Yamato\AppData\Local\Temp\RtkBtMnt.exe

(Acer Inc.) C:\Program Files\Acer\Acer VCM\acp2HID.exe

(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-07-20] (Intel Corporation)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6139904 2008-05-07] (Realtek Semiconductor)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1037608 2008-04-04] (Synaptics, Inc.)

HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-21] (Google)

HKLM\...\Run: [ePower_DMC] => C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [405504 2008-08-01] (Acer Inc.)

HKLM\...\Run: [eAudio] => C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [544768 2008-05-30] (Acer Incorporated)

HKLM\...\Run: [eDataSecurity Loader] => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-07-29] (Egis Incorporated)

HKLM\...\Run: [BkupTray] => C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [28672 2008-04-25] ()

HKLM\...\Run: [ZPdtWzdVitaKey MC3000] => C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [3719680 2009-06-13] (Arachnoid Biometrics Identification Group Corp.)

HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [809480 2008-06-16] (Dritek System Inc.)

HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2516296 2010-03-25] (CANON INC.)

HKLM\...\Run: [CanonSolutionMenuEx] => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)

HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM\...\Run: [fssui] => C:\Program Files\Windows Live\Family Safety\fsui.exe [884584 2012-03-08] (Microsoft Corporation)

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-03] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)

HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()

Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)

HKU\S-1-5-21-3122945756-3708475220-1533568220-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)

HKU\S-1-5-21-3122945756-3708475220-1533568220-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2009-06-26] (Google Inc.)

HKU\S-1-5-21-3122945756-3708475220-1533568220-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)

AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll => c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-08-21] (Google)

Lsa: [Notification Packages] scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk

ShortcutTarget: Acer VCM.lnk -> C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)

ShellIconOverlayIdentifiers: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc.)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x30104421ACBFCB01

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW

SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7ACAW_deDE333DE333

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE333DE333

BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

BHO: ShowBarObj Class -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)

DPF: {03A89EFD-E023-A200-A22D-45F77558EB4C} https://man.netucate.net/download1026/AXCltInstall.dll

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx

DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

DPF: {CC679CB8-DC4B-458B-B817-D447B3B6AC31} https://asa1.rus.uni-stuttgart.de/CACHE/stc/10/binaries/vpnweb.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} hxxp://92.51.137.94/objects/NpFv501.dll

DPF: {E55FD215-A32E-43FE-A777-A7E8F165F560} hxxp://92.51.137.94/objects/NpFv522.dll

DPF: {E55FD215-A32E-43FE-A777-A7E8F165F561} hxxp://92.51.137.94/objects/NpFv530.dll

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File

FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin: @java.com/DTPlugin,version=1.6.0_37 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)

FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin: @mcafee.com/SAFFPlugin - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Yamato\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Yamato\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File

FF Plugin HKCU: @www.flatcast.com/FlatViewer 5.2 - C:\Windows\DOWNLO~1\NpFv530.dll (1 mal 1 Software GmbH)

FF Plugin ProgramFiles/Appdata: C:\Users\Yamato\AppData\Roaming\mozilla\plugins\NpFv530.dll (1 mal 1 Software GmbH)

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-30]

FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5

FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-08-01]
 

========================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-07-03] (Avira Operations GmbH & Co. KG)

R2 BUNAgentSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384 2008-03-03] (NewTech Infosystems, Inc.) [File not signed]

R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-06-02] () [File not signed]

R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [815104 2008-04-30] (Intel(R) Corporation) [File not signed]

R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2009-04-07] (Teruten) [File not signed]

S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-21] (Google)

S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3520512 2009-06-13] () [File not signed]

R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]

R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] () [File not signed]

R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [File not signed]

R2 NitroReaderDriverReadSpool2; C:\Program Files\Canon\Easy-WebPrint EX\NitroPDFReaderDriverService2.exe [196904 2011-10-25] (Nitro PDF Software)

R2 NTIBackupSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [45056 2008-04-25] (NewTech InfoSystems, Inc.) [File not signed]

R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-25] () [File not signed]

R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [File not signed]

R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-04-30] (Intel(R) Corporation) [File not signed]

R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [233472 2008-07-19] (Acer Incorporated) [File not signed]
 

==================== Drivers (Whitelisted) ====================
 

R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2009-06-13] (Alfa Corporation)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-03] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-20] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-27] (Avira Operations GmbH & Co. KG)

R1 DritekPortIO; C:\Program Files\Launch Manager\DPortIO.sys [20112 2006-11-02] (Dritek System Inc.)

R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-04-07] () [File not signed]

R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] () [File not signed]

R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [54784 2007-12-18] (ITE Tech. Inc. )

R3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)

R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [48640 2009-08-05] (Atheros Communications, Inc.)

R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [130424 2008-08-26] (McAfee, Inc.)

R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-24] (Avira GmbH)

S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [90112 2009-03-20] (MCCI)

S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14976 2009-03-20] (MCCI Corporation)

S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [121856 2009-03-20] (MCCI Corporation)

S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-12-15] (The OpenVPN Project)

U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]

S3 vpnva; system32\DRIVERS\vpnva.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-07-15 20:05 - 2014-07-15 20:05 - 00014043 _____ () C:\Users\Yamato\Desktop\zoek-results.txt

2014-07-15 19:47 - 2014-07-15 19:15 - 00024064 _____ () C:\Windows\zoek-delete.exe

2014-07-15 19:22 - 2014-07-15 19:56 - 00014043 _____ () C:\zoek-results.log

2014-07-15 19:15 - 2014-07-15 19:43 - 00000000 ____D () C:\zoek_backup

2014-07-15 19:15 - 2014-07-15 19:15 - 01287168 _____ () C:\Users\Yamato\Desktop\zoek.exe

2014-07-15 19:12 - 2014-07-15 19:12 - 00000263 _____ () C:\Users\Yamato\Desktop\mbam.txt

2014-07-15 18:34 - 2014-07-15 19:10 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-15 18:33 - 2014-07-15 18:33 - 00000903 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-15 18:33 - 2014-07-15 18:33 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-15 18:33 - 2014-07-15 18:33 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-07-15 18:33 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-07-15 18:33 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-07-15 18:33 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-07-15 18:31 - 2014-07-15 18:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Yamato\Desktop\mbam-setup-2.0.2.1012.exe

2014-07-15 18:19 - 2014-07-15 18:19 - 00025801 _____ () C:\Users\Yamato\Desktop\AdwCleaner[S0].txt

2014-07-15 18:06 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll

2014-07-15 18:05 - 2014-07-15 18:09 - 00000000 ____D () C:\AdwCleaner

2014-07-15 18:04 - 2014-07-15 18:04 - 01348263 _____ () C:\Users\Yamato\Desktop\adwcleaner_3.215.exe

2014-07-09 21:31 - 2014-06-07 02:19 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-07-09 21:31 - 2014-06-07 02:05 - 12353024 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-07-09 21:31 - 2014-06-07 01:25 - 09711616 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-07-09 21:31 - 2014-06-07 01:12 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-07-09 21:31 - 2014-06-07 01:04 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-07-09 21:31 - 2014-06-07 01:03 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-07-09 21:31 - 2014-06-07 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-07-09 21:31 - 2014-06-07 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-07-09 21:31 - 2014-06-07 00:58 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-07-09 21:31 - 2014-06-07 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-07-09 21:31 - 2014-06-07 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-07-09 21:31 - 2014-06-07 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-07-09 21:31 - 2014-06-07 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-07-09 21:31 - 2014-06-07 00:54 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-07-09 21:31 - 2014-06-07 00:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-07-09 21:31 - 2014-06-07 00:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-07-09 21:31 - 2014-06-07 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-07-09 21:31 - 2014-06-07 00:53 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-07-09 21:31 - 2014-06-07 00:53 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-07-09 21:31 - 2014-06-07 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-07-09 21:31 - 2014-06-07 00:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-07-09 21:31 - 2014-06-07 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-07-09 21:31 - 2014-06-06 10:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-07-09 21:31 - 2014-05-30 08:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-07-05 21:33 - 2014-07-05 21:33 - 00000000 ____D () C:\ProgramData\7259

2014-06-26 21:02 - 2014-06-26 21:02 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf917135192628.job

2014-06-23 21:28 - 2014-06-23 21:28 - 00013359 _____ () C:\Users\Yamato\Desktop\combofix.txt

2014-06-23 21:13 - 2014-06-23 21:13 - 00013359 _____ () C:\ComboFix.txt

2014-06-23 20:25 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-06-23 20:25 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-06-23 20:25 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-06-23 20:25 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-06-23 20:25 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-06-23 20:25 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe

2014-06-23 20:25 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe

2014-06-23 20:25 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe

2014-06-23 20:22 - 2014-06-23 21:13 - 00000000 ____D () C:\Qoobox

2014-06-23 20:22 - 2014-06-23 21:10 - 00000000 ____D () C:\Windows\erdnt

2014-06-23 20:15 - 2014-06-23 20:15 - 05210951 ____R (Swearware) C:\Users\Yamato\Desktop\ComboFix.exe

2014-06-23 09:32 - 2014-06-23 09:32 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3122945756-3708475220-1533568220-1000Core1cf8eb53c017248.job

2014-06-22 13:14 - 2014-06-22 13:14 - 00000386 _____ () C:\Users\Yamato\Desktop\Gmer.txt

2014-06-22 12:50 - 2014-06-22 12:51 - 00139320 _____ () C:\Windows\Minidump\Mini062214-01.dmp

2014-06-22 12:15 - 2014-06-22 12:15 - 00104960 _____ (GMER) C:\kfriapow.sys

2014-06-20 20:09 - 2014-06-20 20:09 - 00380416 _____ () C:\Users\Yamato\Desktop\Gmer-19357.exe

2014-06-20 20:05 - 2014-06-20 20:05 - 00000474 _____ () C:\Users\Yamato\Desktop\defogger_disable.log

2014-06-20 20:05 - 2014-06-20 20:05 - 00000000 _____ () C:\Users\Yamato\defogger_reenable

2014-06-20 20:03 - 2014-06-20 20:03 - 00050477 _____ () C:\Users\Yamato\Desktop\Defogger.exe

2014-06-20 19:30 - 2014-06-20 19:34 - 00034219 _____ () C:\Users\Yamato\Desktop\Addition.txt

2014-06-20 19:26 - 2014-07-15 20:11 - 00020353 _____ () C:\Users\Yamato\Desktop\FRST.txt

2014-06-20 19:26 - 2014-07-15 20:09 - 00000000 ____D () C:\Users\Yamato\Desktop\FRST-OlderVersion

2014-06-18 20:25 - 2014-07-15 20:10 - 00000000 ____D () C:\FRST

2014-06-18 20:24 - 2014-07-15 20:09 - 01077248 _____ (Farbar) C:\Users\Yamato\Desktop\FRST.exe
 

==================== One Month Modified Files and Folders =======
 

2014-07-15 20:11 - 2014-06-20 19:26 - 00020353 _____ () C:\Users\Yamato\Desktop\FRST.txt

2014-07-15 20:10 - 2014-06-18 20:25 - 00000000 ____D () C:\FRST

2014-07-15 20:09 - 2014-06-20 19:26 - 00000000 ____D () C:\Users\Yamato\Desktop\FRST-OlderVersion

2014-07-15 20:09 - 2014-06-18 20:24 - 01077248 _____ (Farbar) C:\Users\Yamato\Desktop\FRST.exe

2014-07-15 20:05 - 2014-07-15 20:05 - 00014043 _____ () C:\Users\Yamato\Desktop\zoek-results.txt

2014-07-15 20:00 - 2009-06-13 08:52 - 01840389 _____ () C:\Windows\WindowsUpdate.log

2014-07-15 19:56 - 2014-07-15 19:22 - 00014043 _____ () C:\zoek-results.log

2014-07-15 19:56 - 2009-06-13 09:06 - 00000000 _____ () C:\Windows\system32\LogConfigTemp.xml

2014-07-15 19:54 - 2008-01-21 09:16 - 00011410 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-07-15 19:49 - 2009-02-02 14:15 - 00000147 _____ () C:\Windows\system32\agent.log

2014-07-15 19:49 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-15 19:49 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-15 19:48 - 2008-01-21 04:47 - 08465848 _____ () C:\Windows\PFRO.log

2014-07-15 19:43 - 2014-07-15 19:15 - 00000000 ____D () C:\zoek_backup

2014-07-15 19:43 - 2013-11-15 19:56 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft

2014-07-15 19:43 - 2009-06-26 21:35 - 00000000 ____D () C:\Users\Yamato

2014-07-15 19:15 - 2014-07-15 19:47 - 00024064 _____ () C:\Windows\zoek-delete.exe

2014-07-15 19:15 - 2014-07-15 19:15 - 01287168 _____ () C:\Users\Yamato\Desktop\zoek.exe

2014-07-15 19:12 - 2014-07-15 19:12 - 00000263 _____ () C:\Users\Yamato\Desktop\mbam.txt

2014-07-15 19:10 - 2014-07-15 18:34 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-15 18:56 - 2013-05-26 23:40 - 00000000 ____D () C:\Users\Yamato\AppData\Roaming\player

2014-07-15 18:33 - 2014-07-15 18:33 - 00000903 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-15 18:33 - 2014-07-15 18:33 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-15 18:33 - 2014-07-15 18:33 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-07-15 18:31 - 2014-07-15 18:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Yamato\Desktop\mbam-setup-2.0.2.1012.exe

2014-07-15 18:19 - 2014-07-15 18:19 - 00025801 _____ () C:\Users\Yamato\Desktop\AdwCleaner[S0].txt

2014-07-15 18:09 - 2014-07-15 18:05 - 00000000 ____D () C:\AdwCleaner

2014-07-15 18:09 - 2011-03-26 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BearShare

2014-07-15 18:04 - 2014-07-15 18:04 - 01348263 _____ () C:\Users\Yamato\Desktop\adwcleaner_3.215.exe

2014-07-13 13:34 - 2013-09-04 22:23 - 00000000 ____D () C:\Users\Yamato\AppData\Roaming\Skype

2014-07-10 19:04 - 2006-11-02 14:47 - 00331968 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-07-10 19:01 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-10 18:44 - 2013-08-15 11:22 - 00000000 ____D () C:\Windows\system32\MRT

2014-07-10 18:38 - 2006-11-02 12:24 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2014-07-05 21:33 - 2014-07-05 21:33 - 00000000 ____D () C:\ProgramData\7259

2014-07-03 22:04 - 2013-02-24 14:42 - 00097648 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2014-06-26 21:02 - 2014-06-26 21:02 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf917135192628.job

2014-06-23 21:28 - 2014-06-23 21:28 - 00013359 _____ () C:\Users\Yamato\Desktop\combofix.txt

2014-06-23 21:13 - 2014-06-23 21:13 - 00013359 _____ () C:\ComboFix.txt

2014-06-23 21:13 - 2014-06-23 20:22 - 00000000 ____D () C:\Qoobox

2014-06-23 21:13 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default

2014-06-23 21:13 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public

2014-06-23 21:10 - 2014-06-23 20:22 - 00000000 ____D () C:\Windows\erdnt

2014-06-23 21:07 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini

2014-06-23 20:15 - 2014-06-23 20:15 - 05210951 ____R (Swearware) C:\Users\Yamato\Desktop\ComboFix.exe

2014-06-23 09:32 - 2014-06-23 09:32 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3122945756-3708475220-1533568220-1000Core1cf8eb53c017248.job

2014-06-22 13:14 - 2014-06-22 13:14 - 00000386 _____ () C:\Users\Yamato\Desktop\Gmer.txt

2014-06-22 12:51 - 2014-06-22 12:50 - 00139320 _____ () C:\Windows\Minidump\Mini062214-01.dmp

2014-06-22 12:50 - 2009-10-29 04:27 - 164515895 _____ () C:\Windows\MEMORY.DMP

2014-06-22 12:50 - 2009-10-29 04:27 - 00000000 ____D () C:\Windows\Minidump

2014-06-22 12:15 - 2014-06-22 12:15 - 00104960 _____ (GMER) C:\kfriapow.sys

2014-06-20 20:09 - 2014-06-20 20:09 - 00380416 _____ () C:\Users\Yamato\Desktop\Gmer-19357.exe

2014-06-20 20:05 - 2014-06-20 20:05 - 00000474 _____ () C:\Users\Yamato\Desktop\defogger_disable.log

2014-06-20 20:05 - 2014-06-20 20:05 - 00000000 _____ () C:\Users\Yamato\defogger_reenable

2014-06-20 20:03 - 2014-06-20 20:03 - 00050477 _____ () C:\Users\Yamato\Desktop\Defogger.exe

2014-06-20 19:34 - 2014-06-20 19:30 - 00034219 _____ () C:\Users\Yamato\Desktop\Addition.txt
 

Some content of TEMP:

====================

C:\Users\Yamato\AppData\Local\Temp\avgnt.exe

C:\Users\Yamato\AppData\Local\Temp\RtkBtMnt.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-07-15 20:01
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Addition (neu)

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version:15-07-2014 01

Ran by Yamato at 2014-07-15 20:12:08

Running from C:\Users\Yamato\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Avira Desktop (Disabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}

AS: Avira Desktop (Disabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 
 

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)

32 Bit HP CIO Components Installer (Version: 6.1.2 - Hewlett-Packard) Hidden

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )

AAV 6.0.00.15 (HKLM\...\Acer Acer Bio Protection 6.0.00.15) (Version:  - )

AC3Filter 1.63b (HKLM\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)

Access 97rt PAN EURO G (HKLM\...\Access 97rt PAN EURO G) (Version:  - )

Acer Bio Protection

Acer eAudio Management (HKLM\...\{57265292-228A-41FA-9AEC-4620CBCC2739}) (Version: 3.0.3008 - CyberLink Corp.)

Acer eDataSecurity Management (HKLM\...\{A5633652-3795-4829-BB0B-644F0279E279}) (Version: 3.0.3065 - Egis Inc.)

Acer Empowering Technology (HKLM\...\{8F1B6239-FEA0-450A-A950-B05276CE177C}) (Version: 3.0.3009 - Acer Incorporated)

Acer ePower Management (HKLM\...\{58E5844B-7CE2-413D-83D1-99294BF6C74F}) (Version: 3.0.3014 - Acer Incorporated)

Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.0.3014 - Acer Incorporated)

Acer eSettings Management (HKLM\...\{13D85C14-2B85-419F-AC41-C7F21E68B25D}) (Version: 3.0.3011 - Acer Incorporated)

Acer GridVista (HKLM\...\GridVista) (Version: 2.72.317 - )

Acer Mobility Center Plug-In (HKLM\...\{11316260-6666-467B-AC34-183FCB5D4335}) (Version: 3.0.3000 - Acer Inc.)

Acer Product Registration (HKLM\...\{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}) (Version: 3.0.0.10 - Acer Incorporated)

Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 1.13.1301 - Acer Inc.)

Acer VCM (HKLM\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 3.2.3002 - Acer Incorporated)

Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.45.2 - Adobe Systems Incorporated)

Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)

Adobe Reader 9.5.5 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)

Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - Agere Systems)

Apple Application Support (HKLM\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.30 - Atheros Communications Inc.)

Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)

BearShare (HKLM\...\BearShare) (Version: 10.0.0.125075 - Musiclab, LLC)

BearShare (Version: 10.0.0.125075 - Musiclab, LLC) Hidden

Canon Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )

Canon MP Navigator EX 4.0 (HKLM\...\MP Navigator EX 4.0) (Version:  - )

Canon MP280 series Benutzerregistrierung (HKLM\...\Canon MP280 series Benutzerregistrierung) (Version:  - )

Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version:  - )

Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )

Canon Solution Menu EX (HKLM\...\CanonSolutionMenuEX) (Version:  - )

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

DivX Converter (HKLM\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)

DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)

DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)

DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.2 - DivX, Inc.)

DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)

Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)

Free YouTube to MP3 Converter version 3.12.16.1030 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.16.1030 - DVDVideoSoft Ltd.)

Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)

Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)

Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden

iLinc Client (HKLM\...\uninstall.exe) (Version:  - )

InfraRecorder (HKLM\...\InfraRecorder) (Version:  - )

Intel PROSet Wireless (Version:  - ) Hidden

Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{26921B2E-3E62-47F9-A514-1FC4A83BD738}) (Version: 12.00.0004 - Intel(R) Corporation)

Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)

ITECIR (HKLM\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.6 - ITE)

Java(TM) 6 Update 37 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.370 - Oracle)

JMicron JMB38X Flash Media Controller (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.12.07 - JMicron Technology Corp.)

Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Launch Manager (HKLM\...\LManager) (Version:  - )

LightScribe  1.4.142.1 (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden

Making History II (HKLM\...\Making History II) (Version:  - )

Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

MATLAB R2011b (HKLM\...\Matlab R2011b) (Version: 7.13 - The MathWorks, Inc.)

Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden

Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden

Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)

Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)

MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Nitro PDF Reader 2 (HKLM\...\{F0FF219A-6233-440A-BC76-5CC144CDCDB6}) (Version: 2.1.0.13 - Nitro PDF Software)

NTI Backup Now 5 (HKLM\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.606 - NewTech Infosystems)

NTI Backup Now Standard (Version: 5.1.2.606 - NewTech Infosystems) Hidden

NTI Media Maker 8 (HKLM\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6329 - NewTech Infosystems)

NTI Media Maker 8 (Version: 8.0.2.6329 - NewTech Infosystems) Hidden

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - NVIDIA Corporation)

NVIDIA PhysX (HKLM\...\{DD1865F0-AD73-40FB-B23E-1822E02396FF}) (Version: 9.09.0203 - NVIDIA Corporation)

OpenOffice.org 3.2 (HKLM\...\{8D1E61D1-1395-4E97-997F-D002DB3A5074}) (Version: 3.2.9502 - OpenOffice.org)

PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)

PhotoNow! (HKLM\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.4619 - CyberLink Corp.)

QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5618 - Realtek Semiconductor Corp.)

SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )

Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version:  - )

SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )

Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version:  - )

SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )

SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )

Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)

Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden

SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )

SamsungConnectivityCableDriver (HKLM\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)

Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden

Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)

Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)

Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.2.4.1 - Synaptics)

System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )

Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)

Validity Sensors software (HKLM\...\{567E8236-C414-4888-8211-3D61608D57AE}) (Version: 2.7.44 - Validity Sensors, Inc.)

VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden

Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden

Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Fotoğraf Galerisi (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden

Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Sync (HKLM\...\{A1DA00CE-AA3E-45BC-91D6-66739D9E16F1}) (Version: 14.0.8117.416 - Microsoft Corporation)

Windows Live Temel Parçalar (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

Windows Live Temel Parçalar (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 

==================== Restore Points  =========================
 

21-05-2014 08:19:05 Windows Update

30-05-2014 19:40:27 Windows Update

03-06-2014 09:22:44 Windows Update

06-06-2014 20:32:11 Windows Update

11-06-2014 18:16:51 Windows Update

12-06-2014 15:35:21 Windows Update

17-06-2014 09:18:03 Windows Update

24-06-2014 17:11:18 Windows Update

27-06-2014 23:46:15 Windows Update

02-07-2014 07:31:32 Windows Update

09-07-2014 19:20:00 Windows Update

10-07-2014 16:34:20 Windows Update

15-07-2014 15:05:28 Windows Update

15-07-2014 17:22:23 zoek.exe restore point
 

==================== Hosts content: ==========================
 

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

::1             localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {02447C0B-B3A7-4C1C-B372-A76AB2B8579C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3122945756-3708475220-1533568220-1000UA => C:\Users\Yamato\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-23] (Google Inc.)

Task: {167D44CC-1621-4254-BB46-B17CCCF6B721} - System32\Tasks\MATLAB R2011b Startup Accelerator => C:\Program Files\MATLAB\R2011b\bin\win32\MATLABStartupAccelerator.exe [2011-07-08] ()

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM

Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages

Task: {42E71A70-D995-43E9-8B5E-5263156FF9D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-31] (Google Inc.)

Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)

Task: {6C073CC4-E543-4F7E-BEB5-86D4784EEFB3} - System32\Tasks\McQcTask => c:\PROGRA~1\mcafee\mqc\QcConsol.exe

Task: {7F319699-2326-4F54-B772-8BE47060A871} - System32\Tasks\McDefragTask => c:\PROGRA~1\mcafee\mqc\QcConsol.exe

Task: {858BA1A5-4721-4AB5-AECA-CB134D189A35} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {92226EAC-254E-4A21-943A-50BF0BFE743B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3122945756-3708475220-1533568220-1000Core => C:\Users\Yamato\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-23] (Google Inc.)

Task: {A2BEC7B8-7871-44A8-A893-1E083643C68A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {A540FD8A-25DB-485D-88DF-629DB0CE41AC} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)

Task: {AFC6F0A7-EFBD-41D3-BAB7-61ED3F4EC886} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-16] (Adobe Systems Incorporated)

Task: {B05E732A-DF01-4100-9850-DBCB95407C68} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Yamato => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)

Task: {BFF2D2E5-5D41-4D8D-AD6C-1B86AE988CF5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3122945756-3708475220-1533568220-1000Core => C:\Users\Yamato\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)

Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()

Task: {EE331000-C50E-4498-B4D2-5E57512BE76A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3122945756-3708475220-1533568220-1000UA => C:\Users\Yamato\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)

Task: {F7E19372-1DE3-4F3F-BAE6-9DF98E8807CD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-31] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3122945756-3708475220-1533568220-1000Core.job => C:\Users\Yamato\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3122945756-3708475220-1533568220-1000UA.job => C:\Users\Yamato\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf917135192628.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3122945756-3708475220-1533568220-1000Core1cf8eb53c017248.job => C:\Users\Yamato\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3122945756-3708475220-1533568220-1000UA.job => C:\Users\Yamato\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\MATLAB R2011b Startup Accelerator.job => C:\Program Files\MATLAB\R2011b\bin\win32\MATLABStartupAccelerator.exe
 

==================== Loaded Modules (whitelisted) =============
 

2011-11-13 18:33 - 2001-10-28 18:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll

2008-04-30 20:13 - 2008-04-30 20:13 - 00200704 _____ () C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL

2007-06-24 20:09 - 2007-06-24 20:09 - 01024000 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll

2007-06-24 20:09 - 2007-06-24 20:09 - 00098304 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll

2007-06-24 20:09 - 2007-06-24 20:09 - 00061440 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll

2009-02-02 13:43 - 2008-06-02 10:25 - 00024576 _____ () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

2009-02-02 13:43 - 2009-02-02 13:43 - 00032768 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3009.0__14bcaafdb44b5951\Framework.Model.Controller.dll

2009-02-02 13:43 - 2009-02-02 13:43 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3009.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll

2009-02-02 13:43 - 2009-02-02 13:43 - 00061440 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll

2009-02-02 13:43 - 2009-02-02 13:43 - 00015360 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3009.0__672b450de5a7e94a\Framework.Host.dll

2009-02-02 13:43 - 2009-02-02 13:43 - 00006144 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3009.0__9ecdf03bb2054f94\Framework.PluginInterface.dll

2009-02-02 13:51 - 2008-05-30 13:22 - 00016384 _____ () C:\Program Files\Acer\Empowering Technology\eAudio\eAudioSrvPlugin.dll

2009-02-02 13:43 - 2009-02-02 13:43 - 00036864 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll

2009-02-02 13:50 - 2008-10-27 15:01 - 00016384 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.ServicePlugin.dll

2009-02-02 13:50 - 2008-10-27 15:00 - 00016384 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Logger.dll

2009-02-02 13:50 - 2008-10-27 15:01 - 00143360 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Model.Computer.dll

2009-02-02 13:50 - 2008-10-27 15:00 - 00036864 _____ () C:\Program Files\Acer\Empowering Technology\Service\eSettings.Model.ComputerInterface.dll

2009-06-13 09:02 - 2009-06-13 09:02 - 03520512 _____ () C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

2009-02-02 14:20 - 2007-12-06 17:15 - 00110592 _____ () C:\Acer\Mobility Center\MobilityService.exe

2009-02-02 14:20 - 2007-11-27 16:08 - 00032768 _____ () C:\Acer\Mobility Center\MobilityInterface.dll

2008-04-25 22:36 - 2008-04-25 22:36 - 00131072 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

2008-07-29 18:52 - 2008-07-29 18:52 - 00227888 _____ () C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll

2008-04-25 22:36 - 2008-04-25 22:36 - 00028672 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

2008-04-28 10:49 - 2008-04-28 10:49 - 00003072 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll

2009-02-02 20:33 - 2003-06-07 07:30 - 00057344 _____ () C:\Program Files\Launch Manager\PowerUtl.dll

2013-02-13 04:37 - 2013-02-13 04:37 - 01263952 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe

2013-02-13 04:38 - 2013-02-13 04:38 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll

2009-06-13 09:14 - 2007-09-11 11:12 - 00475136 _____ () C:\Program Files\Acer\Acer VCM\AcerControl.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
 

==================== Safe Mode (whitelisted) ===================
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
 

==================== EXE Association (whitelisted) =============
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (07/15/2014 07:54:50 PM) (Source: LoadPerf) (EventID: 3001) (User: )

Description: WMI-Objekte16
 

Error: (07/15/2014 07:50:28 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/15/2014 07:06:10 PM) (Source: LoadPerf) (EventID: 3001) (User: )

Description: WMI-Objekte16
 

Error: (07/15/2014 07:00:46 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/15/2014 06:18:25 PM) (Source: LoadPerf) (EventID: 3001) (User: )

Description: WMI-Objekte16
 

Error: (07/15/2014 06:11:46 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/15/2014 05:30:19 PM) (Source: LoadPerf) (EventID: 3001) (User: )

Description: WMI-Objekte16
 

Error: (07/15/2014 05:24:04 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/15/2014 05:23:52 PM) (Source: SideBySide) (EventID: 33) (User: )

Description: Fehler beim Generieren des Aktivierungskontextes für "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"1".

Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"" konnte nicht gefunden werden.

Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
 

Error: (07/15/2014 05:15:25 PM) (Source: Windows Search Service) (EventID: 3024) (User: )

Description: Die Aktualisierung kann nicht gestartet werden, da kein Zugriff auf die Inhaltsquellen bestand. Beheben Sie die Fehler, und starten Sie die Aktualisierung erneut.
 

Kontext:  Anwendung, SystemIndex Katalog
 
 

System errors:

=============

Error: (07/15/2014 07:56:00 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Windows Live Family Safety Service
 

Error: (07/15/2014 07:42:44 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: PEVSystemStart
 

Error: (07/15/2014 07:42:44 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: PEVSystemStart
 

Error: (07/15/2014 07:42:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: PEVSystemStart
 

Error: (07/15/2014 07:42:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: PEVSystemStart
 

Error: (07/15/2014 07:42:42 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: PEVSystemStart
 

Error: (07/15/2014 07:06:19 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Windows Live Family Safety Service
 

Error: (07/15/2014 06:18:21 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Windows Live Family Safety Service
 

Error: (07/15/2014 05:31:14 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Windows Live Family Safety Service
 

Error: (07/15/2014 04:58:32 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Windows Live Family Safety Service
 
 

Microsoft Office Sessions:

=========================
 

CodeIntegrity Errors:

===================================

  Date: 2014-07-15 20:11:58.552

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-15 20:11:57.975

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-15 20:11:57.398

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-15 20:11:56.805

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-15 20:11:56.009

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-15 20:11:55.416

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-15 20:11:54.855

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-15 20:11:54.262

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-15 18:43:52.643

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-15 18:43:51.996

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 43%

Total physical RAM: 3068.03 MB

Available physical RAM: 1743.27 MB

Total Pagefile: 6340.34 MB

Available Pagefile: 4867.63 MB

Total Virtual: 2047.88 MB

Available Virtual: 1935.58 MB
 

==================== Drives ================================
 

Drive c: (ACER) (Fixed) (Total:144.04 GB) (Free:55.82 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (DATA) (Fixed) (Total:137.5 GB) (Free:131.33 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 298 GB) (Disk ID: 4EBF5754)

Partition 1: (Not Active) - (Size=13 GB) - (Type=27)

Partition 2: (Active) - (Size=144 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=138 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=4 GB) - (Type=12)
 

==================== End Of Log ============================

Vielen dank fürs Analysieren.