Hi, danke schonmal für die schnelle Antwort,
ich habe noch nichts laufen lassen, auch Microsoft Security Essentials hat nichts gemeldet und andere Anti-Viren/Malwareprogramme habe ich nicht installiert.
Im folgenden der Inhalt der FRST.txt
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Maddin (administrator) on MADDIN-PC on 07-10-2013 23:48:44
Running from C:\Users\Maddin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe
(Hauppauge Computer Works, Inc.) C:\PROGRA~2\HAUPPA~1\DEVICE~1\HCWDEV~1.EXE
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060832 2010-02-09] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [344872 2010-03-09] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860192 2010-02-05] (Acer Incorporated)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Runonce: [virtualrouterplussetup] - [x]
HKCU\...\Run: [MusicManager] - C:\Users\Maddin\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7342592 2013-09-23] (Google Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Maddin\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-10] (Google Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
MountPoints2: {a6dac8c3-fd16-11e2-804f-78e400ad9626} - D:\FahrenheitAutoRun.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-07-05] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
Startup: C:\Users\Maddin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hauppauge Device Central Tray Tool.lnk
ShortcutTarget: Hauppauge Device Central Tray Tool.lnk -> C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe (Hauppauge Computer Works, Inc.)
Startup: C:\Users\Maddin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hauppauge Device Properties.lnk
ShortcutTarget: Hauppauge Device Properties.lnk -> C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe (Hauppauge Computer Works, Inc.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=9bc43acf-bf4a-4cd8-ba66-120ef91cef77&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=04/08/2013&type=hp1000
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6494F5054890CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=9bc43acf-bf4a-4cd8-ba66-120ef91cef77&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=04/08/2013&type=hp1000
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.search.us.com/v/2/?guid={D3E20C08-5CCA-459F-81A0-4D6E81DB9636}&serpv=5
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=9bc43acf-bf4a-4cd8-ba66-120ef91cef77&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=04/08/2013&type=hp1000
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=9bc43acf-bf4a-4cd8-ba66-120ef91cef77&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=04/08/2013&type=hp1000
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=9bc43acf-bf4a-4cd8-ba66-120ef91cef77&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=04/08/2013&type=hp1000
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=9bc43acf-bf4a-4cd8-ba66-120ef91cef77&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=04/08/2013&type=hp1000
SearchScopes: HKCU - {C20F2820-CEB9-4B30-AE13-97E4E7C66167} URL = hxxp://search.us.com/serp?guid={D3E20C08-5CCA-459F-81A0-4D6E81DB9636}&action=default_search&serpv=5&k={searchTerms}
SearchScopes: HKCU - {FF36A411-71AB-421B-9037-B9FB17CF28D4} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10557
BHO: a2zLyrics-1 - {11111111-1111-1111-1111-110411151154} - C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-bho64.dll (Lyrics)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: a2zLyrics-1 - {11111111-1111-1111-1111-110411151154} - C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-bho.dll (Lyrics)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 activation.cloud.techsmith.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\jbsdsemd.default-1377960762644
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Maddin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Maddin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Maddin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\jbsdsemd.default-1377960762644\Extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com
FF Extension: No Name - C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\jbsdsemd.default-1377960762644\Extensions\staged
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: No Name - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
Chrome:
=======
CHR Extension: (a2zLyrics-1) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn\1.24.16_0
CHR Extension: (Angry Birds) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0
CHR Extension: (Google Drive) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Tabs Plus) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\edooipcjkkbjmnogkdcahgmhbniipefp\1.0_0
CHR Extension: (Google Play Music) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\5.2_0
CHR Extension: (9GAG Mini) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmkmihphgjhmeabggdcokmkjhbnmdml\0.73_0
CHR Extension: (Trash Can) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbdjgdkojiakdhlhfcaohpfgjgemcegi\0.1_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (TabCloud) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\npecfdijgoblfcgagoijgmgejmcpnhof\1.17_0
CHR Extension: (Gmail) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-07-04] (Advanced Micro Devices, Inc.)
R3 HcwDevCentralService; C:\PROGRA~2\HAUPPA~1\DEVICE~1\HCWDEV~1.EXE [391504 2013-05-14] (Hauppauge Computer Works, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
==================== Drivers (Whitelisted) ====================
S3 AirDisplay; C:\Windows\System32\DRIVERS\AVVideoCard.sys [15808 2012-09-24] (Windows (R) Win 7 DDK provider)
S3 AirDisplayMirror; C:\Windows\System32\DRIVERS\AVVideoCardMirror.sys [15808 2012-09-24] (Windows (R) Win 7 DDK provider)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-08-04] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [50288 2012-11-12] (UB658)
S3 hcwE5bda; C:\Windows\System32\drivers\hcwE5bda.sys [966640 2013-05-23] (Hauppauge Computer Work, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-08-13] (Anchorfree Inc.)
S3 ALSysIO; \??\C:\Users\Maddin\AppData\Local\Temp\ALSysIO64.sys [x]
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [x]
S3 BlueletSCOAudio; system32\DRIVERS\BlueletSCOAudio.sys [x]
S3 BT; system32\DRIVERS\btnetdrv.sys [x]
S3 Btcsrusb; System32\Drivers\btcusb.sys [x]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [x]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [x]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP3a\WNt500x64\Sandra.sys [x]
S3 VComm; system32\DRIVERS\VComm.sys [x]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-07 23:48 - 2013-10-07 23:48 - 00000000 ____D C:\FRST
2013-10-07 23:46 - 2013-10-07 23:46 - 01954124 _____ (Farbar) C:\Users\Maddin\Desktop\FRST64.exe
2013-10-06 03:32 - 2013-10-06 18:15 - 00000518 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-10-06 03:29 - 2013-10-06 03:29 - 00000000 ____D C:\Users\Maddin\AppData\Local\VirtualRouterPlus
2013-10-06 03:26 - 2013-10-07 22:39 - 00001828 _____ C:\Windows\Tasks\a2zLyrics-1-firefoxinstaller.job
2013-10-06 03:26 - 2013-10-07 22:34 - 00001292 _____ C:\Windows\Tasks\a2zLyrics-1-updater.job
2013-10-06 03:26 - 2013-10-07 22:34 - 00001196 _____ C:\Windows\Tasks\a2zLyrics-1-codedownloader.job
2013-10-06 03:26 - 2013-10-07 22:34 - 00001096 _____ C:\Windows\Tasks\a2zLyrics-1-enabler.job
2013-10-06 03:26 - 2013-10-06 03:26 - 00004322 _____ C:\Windows\System32\Tasks\a2zLyrics-1-updater
2013-10-06 03:26 - 2013-10-06 03:26 - 00004226 _____ C:\Windows\System32\Tasks\a2zLyrics-1-codedownloader
2013-10-06 03:26 - 2013-10-06 03:26 - 00004126 _____ C:\Windows\System32\Tasks\a2zLyrics-1-enabler
2013-10-06 03:25 - 2013-10-07 22:34 - 00001904 _____ C:\Windows\Tasks\a2zLyrics-1-chromeinstaller.job
2013-10-06 03:25 - 2013-10-06 03:26 - 00000000 ____D C:\Program Files (x86)\a2zLyrics-1
2013-10-06 03:25 - 2013-10-06 03:25 - 00000000 ____D C:\Users\Maddin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
2013-10-06 03:25 - 2013-10-06 03:25 - 00000000 ____D C:\Users\Maddin\AppData\Local\FilesFrog Update Checker
2013-10-06 03:24 - 2013-10-06 03:24 - 00166552 _____ () C:\Users\Maddin\Downloads\nw_29531_virtualrouterplusset.exe
2013-10-03 00:00 - 2013-10-03 00:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-22 17:59 - 2013-09-22 18:25 - 2194800828 _____ C:\Users\Maddin\Desktop\2013_9_22_17_59_42.M2TS
2013-09-17 18:06 - 2013-10-06 00:27 - 00000000 ____D C:\Users\Maddin\Desktop\V
2013-09-14 00:19 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-14 00:19 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-14 00:19 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-14 00:19 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-14 00:19 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-14 00:19 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-14 00:19 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-14 00:19 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-14 00:19 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-14 00:19 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-14 00:19 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-14 00:19 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-14 00:19 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-14 00:19 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-14 00:19 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-14 00:19 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-14 00:18 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-14 00:18 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-14 00:18 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-14 00:18 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-14 00:18 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-14 00:18 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-14 00:18 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-14 00:18 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-14 00:18 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-14 00:18 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-14 00:18 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-14 00:18 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-14 00:18 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-14 00:18 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-14 00:18 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-12 23:05 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 23:05 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-12 23:05 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-12 23:05 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-12 23:05 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-12 23:05 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-12 23:05 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-12 23:05 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-12 23:05 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-12 23:05 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-12 23:05 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-12 23:05 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-12 23:05 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-12 23:05 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-12 23:05 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-12 23:05 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-12 23:05 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-12 23:05 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-12 23:05 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-12 23:05 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-12 23:05 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-12 23:05 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 23:05 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-12 23:05 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-12 23:05 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-12 23:05 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-12 23:05 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-08 14:38 - 2013-10-05 20:47 - 00000000 ____D C:\Users\Maddin\Desktop\kzm
==================== One Month Modified Files and Folders =======
2013-10-07 23:48 - 2013-10-07 23:48 - 00000000 ____D C:\FRST
2013-10-07 23:48 - 2012-09-06 16:20 - 01295917 _____ C:\Windows\WindowsUpdate.log
2013-10-07 23:46 - 2013-10-07 23:46 - 01954124 _____ (Farbar) C:\Users\Maddin\Desktop\FRST64.exe
2013-10-07 23:26 - 2012-09-10 16:36 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-672229362-162574948-1539344447-1001UA.job
2013-10-07 22:58 - 2012-10-01 01:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-07 22:48 - 2012-09-22 15:03 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-672229362-162574948-1539344447-1001Core.job
2013-10-07 22:43 - 2013-08-05 15:09 - 00012869 _____ C:\Windows\setupact.log
2013-10-07 22:43 - 2009-07-14 06:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-07 22:43 - 2009-07-14 06:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-07 22:39 - 2013-10-06 03:26 - 00001828 _____ C:\Windows\Tasks\a2zLyrics-1-firefoxinstaller.job
2013-10-07 22:34 - 2013-10-06 03:26 - 00001292 _____ C:\Windows\Tasks\a2zLyrics-1-updater.job
2013-10-07 22:34 - 2013-10-06 03:26 - 00001196 _____ C:\Windows\Tasks\a2zLyrics-1-codedownloader.job
2013-10-07 22:34 - 2013-10-06 03:26 - 00001096 _____ C:\Windows\Tasks\a2zLyrics-1-enabler.job
2013-10-07 22:34 - 2013-10-06 03:25 - 00001904 _____ C:\Windows\Tasks\a2zLyrics-1-chromeinstaller.job
2013-10-07 22:34 - 2012-09-22 15:03 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-672229362-162574948-1539344447-1001UA.job
2013-10-07 22:34 - 2012-09-10 16:36 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-672229362-162574948-1539344447-1001Core.job
2013-10-06 20:30 - 2013-01-09 21:25 - 00000000 ____D C:\Users\Maddin\AppData\Roaming\Audacity
2013-10-06 18:15 - 2013-10-06 03:32 - 00000518 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-10-06 18:07 - 2012-08-24 08:49 - 00699666 _____ C:\Windows\system32\perfh007.dat
2013-10-06 18:07 - 2012-08-24 08:49 - 00149774 _____ C:\Windows\system32\perfc007.dat
2013-10-06 18:07 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-06 03:29 - 2013-10-06 03:29 - 00000000 ____D C:\Users\Maddin\AppData\Local\VirtualRouterPlus
2013-10-06 03:28 - 2012-09-10 15:58 - 00000000 ____D C:\Users\Maddin
2013-10-06 03:26 - 2013-10-06 03:26 - 00004322 _____ C:\Windows\System32\Tasks\a2zLyrics-1-updater
2013-10-06 03:26 - 2013-10-06 03:26 - 00004226 _____ C:\Windows\System32\Tasks\a2zLyrics-1-codedownloader
2013-10-06 03:26 - 2013-10-06 03:26 - 00004126 _____ C:\Windows\System32\Tasks\a2zLyrics-1-enabler
2013-10-06 03:26 - 2013-10-06 03:25 - 00000000 ____D C:\Program Files (x86)\a2zLyrics-1
2013-10-06 03:26 - 2013-06-26 13:33 - 00000000 ____D C:\Users\Maddin\AppData\Local\Downloaded Installations
2013-10-06 03:25 - 2013-10-06 03:25 - 00000000 ____D C:\Users\Maddin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
2013-10-06 03:25 - 2013-10-06 03:25 - 00000000 ____D C:\Users\Maddin\AppData\Local\FilesFrog Update Checker
2013-10-06 03:24 - 2013-10-06 03:24 - 00166552 _____ () C:\Users\Maddin\Downloads\nw_29531_virtualrouterplusset.exe
2013-10-06 00:27 - 2013-09-17 18:06 - 00000000 ____D C:\Users\Maddin\Desktop\V
2013-10-06 00:25 - 2012-09-11 20:51 - 00000000 ____D C:\Program Files (x86)\No23 Recorder
2013-10-05 20:47 - 2013-09-08 14:38 - 00000000 ____D C:\Users\Maddin\Desktop\kzm
2013-10-05 20:08 - 2012-10-01 00:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-05 20:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-03 23:21 - 2012-10-01 01:27 - 00000000 ____D C:\Users\Maddin\AppData\Local\Mozilla
2013-10-03 00:00 - 2013-10-03 00:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-30 20:00 - 2013-08-20 11:55 - 00000000 ____D C:\Users\Maddin\Desktop\martin
2013-09-29 20:18 - 2012-09-12 02:02 - 00000000 ____D C:\Users\Maddin\Desktop\K10STAT154
2013-09-22 18:25 - 2013-09-22 17:59 - 2194800828 _____ C:\Users\Maddin\Desktop\2013_9_22_17_59_42.M2TS
2013-09-22 16:33 - 2012-10-21 19:09 - 00000000 ____D C:\Users\Maddin\.gimp-2.8
2013-09-17 22:33 - 2012-11-17 12:09 - 00010592 _____ C:\Users\Maddin\Desktop\Tags.txt
2013-09-16 06:51 - 2012-12-11 14:36 - 00001094 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-09-15 19:13 - 2013-04-23 14:28 - 00000000 ____D C:\Users\Maddin\Desktop\Youtube
2013-09-14 04:03 - 2012-11-15 20:07 - 00000000 ____D C:\Windows\rescache
2013-09-14 00:47 - 2012-09-10 16:00 - 00000000 ___RD C:\Users\Maddin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-14 00:47 - 2012-09-10 16:00 - 00000000 ___RD C:\Users\Maddin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-14 00:38 - 2009-07-14 06:45 - 00381216 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-14 00:18 - 2013-07-30 12:00 - 00000000 ____D C:\Windows\system32\MRT
2013-09-14 00:09 - 2012-09-11 12:34 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-12 20:46 - 2013-01-16 23:23 - 00000000 ____D C:\Users\Maddin\AppData\Local\CrashDumps
2013-09-11 07:58 - 2012-10-01 01:31 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-11 07:58 - 2012-10-01 01:31 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-11 07:58 - 2012-10-01 01:31 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-09 05:14 - 2013-08-05 15:08 - 00007540 _____ C:\Windows\PFRO.log
2013-09-08 14:38 - 2013-07-27 02:38 - 00000000 ____D C:\Users\Maddin\Desktop\N-Cry.3.3.4
2013-09-08 14:37 - 2013-06-15 22:27 - 00000000 ____D C:\Users\Maddin\Desktop\The Last of Us
Files to move or delete:
====================
C:\Users\Public\dcmsvcsetup.exe
C:\Users\Public\invokesi.exe
Some content of TEMP:
====================
C:\Users\Maddin\AppData\Local\Temp\a2zLyrics_1060-8102_v122.exe
C:\Users\Maddin\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Maddin\AppData\Local\Temp\biclient.exe
C:\Users\Maddin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Maddin\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Maddin\AppData\Local\Temp\VirtualRouterPlusSetup.exe
C:\Users\Maddin\AppData\Local\Temp\vlc-2.0.8-win64.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-01 22:58
==================== End Of Log ============================ --- --- ---
--- --- ---
Und hier die Addition.txt: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Maddin at 2013-10-07 23:51:11
Running from C:\Users\Maddin\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
µTorrent (HKCU Version: 3.3.1.29988)
a2zLyrics-1 (x32 Version: 1.28.153.3)
Acer ePower Management (x32 Version: 5.00.3002)
Acer eRecovery Management (x32 Version: 4.05.3007)
Acer Registration (x32 Version: 1.03.3002)
Acer Updater (x32 Version: 1.02.3001)
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 3.5.0.880)
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.45.2)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04)
AllDup 3.4.18 (x32 Version: 3.4.18)
ALPS Touch Pad Driver (Version: 7.106.2015.1104)
AMD Accelerated Video Transcoding (Version: 12.5.100.20704)
AMD APP SDK Runtime (Version: 10.0.937.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0704.122.388)
AMD Media Foundation Decoders (Version: 1.0.70704.0230)
AMD VISION Engine Control Center (x32 Version: 2012.0704.122.388)
Apple Application Support (x32 Version: 2.0.1)
Apple Software Update (x32 Version: 2.1.3.127)
ArcSoft ShowBiz Update (x32 Version: 3.5.41.83)
Art Effects for PDR10 (Version: 2.0)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.18)
Audacity 2.0.3 (x32 Version: 2.0.3)
Biet-O-Matic v2.14.12 (x32 Version: 2.14.12)
Bonjour (Version: 3.0.0.10)
Bullzip PDF Printer 9.6.0.1582 (Version: 9.6.0.1582)
Bundled software uninstaller (x32)
Camtasia Studio 8 (x32 Version: 8.0.4.1060)
Carbon (x32 Version: 1.0.0)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0704.122.388)
Catalyst Control Center Localization All (x32 Version: 2012.0704.122.388)
CCC Help Chinese Standard (x32 Version: 2012.0704.0121.388)
CCC Help Chinese Traditional (x32 Version: 2012.0704.0121.388)
CCC Help Czech (x32 Version: 2012.0704.0121.388)
CCC Help Danish (x32 Version: 2012.0704.0121.388)
CCC Help Dutch (x32 Version: 2012.0704.0121.388)
CCC Help English (x32 Version: 2012.0704.0121.388)
CCC Help Finnish (x32 Version: 2012.0704.0121.388)
CCC Help French (x32 Version: 2012.0704.0121.388)
CCC Help German (x32 Version: 2012.0704.0121.388)
CCC Help Greek (x32 Version: 2012.0704.0121.388)
CCC Help Hungarian (x32 Version: 2012.0704.0121.388)
CCC Help Italian (x32 Version: 2012.0704.0121.388)
CCC Help Japanese (x32 Version: 2012.0704.0121.388)
CCC Help Korean (x32 Version: 2012.0704.0121.388)
CCC Help Norwegian (x32 Version: 2012.0704.0121.388)
CCC Help Polish (x32 Version: 2012.0704.0121.388)
CCC Help Portuguese (x32 Version: 2012.0704.0121.388)
CCC Help Russian (x32 Version: 2012.0704.0121.388)
CCC Help Spanish (x32 Version: 2012.0704.0121.388)
CCC Help Swedish (x32 Version: 2012.0704.0121.388)
CCC Help Thai (x32 Version: 2012.0704.0121.388)
CCC Help Turkish (x32 Version: 2012.0704.0121.388)
ccc-utility64 (Version: 2012.0704.122.388)
CCleaner (Version: 4.04)
CloneCD (x32)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000)
Core Temp 1.0 RC3 (Version: 1.0)
CyberLink PowerDirector 10 (Version: 10.0.0.1129b)
CyberLink PowerDirector 10 (x32 Version: 10.0.0.1129b)
DAEMON Tools Lite (x32 Version: 4.47.1.0333)
dcmsvc 1.0 (x32)
DHTML Editing Component (x32 Version: 6.02.0001)
DVDFab 8.2.1.3 (28/09/2012) Qt (x32)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
Fahrenheit (x32 Version: 1.1)
FilesFrog Update Checker (x32)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.31.0)
Free Studio version 2013 (x32 Version: 6.0.0.128)
GIMP 2.8.6 (Version: 2.8.6)
Google Chrome (HKCU Version: 30.0.1599.66)
Hauppauge Device Central (x32 Version: 1.2.31131)
Identity Card (x32 Version: 1.00.3003)
Inhaltsmanager-Assistent für PlayStation(R) (x32 Version: 2.50.6733.38)
Java 7 Update 25 (x32 Version: 7.0.250)
Java 7 Update 9 (64-bit) (Version: 7.0.90)
Java Auto Updater (x32 Version: 2.1.9.5)
JDownloader 0.9 (x32 Version: 0.9)
Junk Mail filter update (x32 Version: 14.0.8089.726)
LAME v3.99.3 (for Windows) (x32)
Launch Manager (x32 Version: 4.0.8)
MAGIX Audio Cleaning Lab MX Download-Version (x32 Version: 18.0.0.8)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Image Composite Editor (Version: 1.4.4)
Microsoft Security Client (Version: 4.3.0215.0)
Microsoft Security Essentials (Version: 4.3.215.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
MotioninJoy Gamepad tool 0.7.1001 (Version: 0.7.1001)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
Mp3tag v2.54 (x32 Version: v2.54)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Music Manager (HKCU)
No23 Recorder (x32 Version: 2.1.0.3)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Opera 12.16 (x32 Version: 12.16.1860)
Paint.NET v3.5.10 (Version: 3.60.0)
Picasa 3 (x32 Version: 3.9)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PowerDirector (Version: 10.00.0000)
QuickTime (x32 Version: 7.70.80.34)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6043)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30113)
Shredder (Version: 2.0.5.0)
Shredder (x32 Version: 2.0.5.0)
Skype™ 6.6 (x32 Version: 6.6.106)
SmartSound Quicktracks 5 (x32 Version: 5.1.8)
Spotify (HKCU Version: 0.9.1.57.ge7405149)
spotimote (x32)
TeamViewer 8 (x32 Version: 8.0.20935)
Timed Shutdown (Version: 6.2)
Turbo Lister 2 (x32 Version: 2.00.0000)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
Verbatim GREEN BUTTON 1.52 (x32)
Verbatim Hard Drive Formatter (x32)
VLC media player 2.0.8 (Version: 2.0.8)
Warner Bros. Digital Copy Manager (x32 Version: 1.70)
Welcome Center (x32 Version: 1.00.3013)
Windows Live Call (x32 Version: 14.0.8064.0206)
Windows Live Communications Platform (x32 Version: 14.0.8064.206)
Windows Live Essentials (x32 Version: 14.0.8089.0726)
Windows Live Essentials (x32 Version: 14.0.8089.726)
Windows Live Fotogalerie (x32 Version: 14.0.8081.709)
Windows Live Mail (x32 Version: 14.0.8089.0726)
Windows Live Movie Maker (x32 Version: 14.0.8091.0730)
Windows Live Writer (x32 Version: 14.0.8089.0726)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
==================== Restore Points =========================
06-10-2013 22:37:19 Geplanter Prüfpunkt
07-10-2013 21:33:54 Removed Virtual Router Plus.
==================== Hosts content: ==========================
2013-01-06 23:47 - 2013-01-06 23:47 - 00000866 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.cloud.techsmith.com
==================== Scheduled Tasks (whitelisted) =============
Task: {063D4D09-CE2A-4994-BD84-6737755077E9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {2D76A92D-72F5-4070-B826-031A4E26DBF8} - System32\Tasks\K10Stat Autostart => C:\Users\Maddin\Desktop\K10STAT154\K10STAT.exe [2012-09-12] ()
Task: {2E3D3F7F-7FD0-4A7D-B401-D643479D12E0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11] (Adobe Systems Incorporated)
Task: {2EF4AA0D-AB2F-4A8E-8A8D-050FF2F528EE} - System32\Tasks\Google Updater and Installer => C:\Users\Maddin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-10] (Google Inc.)
Task: {440FCED0-6365-436B-81E2-507CA769CACE} - System32\Tasks\a2zLyrics-1-chromeinstaller => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-chromeinstaller.exe [2013-10-06] (Lyrics)
Task: {455DD69B-087A-4C45-8B51-AC22366E1DDB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-672229362-162574948-1539344447-1001UA => C:\Users\Maddin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-10] (Google Inc.)
Task: {45EB712E-5647-4FD2-9961-14B58685BD1F} - System32\Tasks\a2zLyrics-1-enabler => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-enabler.exe [2013-10-06] (Lyrics)
Task: {61030C1E-8FAC-4D68-981A-7C98080A94C8} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {6CCE3038-E1F2-4350-B023-FCFC55B6DDCE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-672229362-162574948-1539344447-1001Core => C:\Users\Maddin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-10] (Google Inc.)
Task: {7847B947-5066-4968-8800-4CDD9797E009} - System32\Tasks\a2zLyrics-1-updater => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-updater.exe [2013-10-06] (Lyrics)
Task: {BDACDA18-67EA-4908-AEB8-8AF264354B24} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {CA1923DF-4117-43B2-AA0D-F5EFB2DB7E8A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-672229362-162574948-1539344447-1001Core => C:\Users\Maddin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-22] (Facebook Inc.)
Task: {DB3B1D4E-94FF-4D0E-B607-3E3ECCC416E4} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-672229362-162574948-1539344447-1001UA => C:\Users\Maddin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-22] (Facebook Inc.)
Task: {E63F9B45-8146-4CBA-9CC9-BAA96E40135B} - System32\Tasks\a2zLyrics-1-firefoxinstaller => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-firefoxinstaller.exe [2013-10-06] (Lyrics)
Task: {ED086E9B-C1E6-46C7-ADFE-FF2FD6F1C712} - System32\Tasks\a2zLyrics-1-codedownloader => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-codedownloader.exe [2013-10-06] (Lyrics)
Task: C:\Windows\Tasks\a2zLyrics-1-chromeinstaller.job => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-chromeinstaller.exe
Task: C:\Windows\Tasks\a2zLyrics-1-codedownloader.job => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-codedownloader.exe
Task: C:\Windows\Tasks\a2zLyrics-1-enabler.job => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-enabler.exe
Task: C:\Windows\Tasks\a2zLyrics-1-firefoxinstaller.job => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-firefoxinstaller.exe
Task: C:\Windows\Tasks\a2zLyrics-1-updater.job => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-updater.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-672229362-162574948-1539344447-1001Core.job => C:\Users\Maddin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-672229362-162574948-1539344447-1001UA.job => C:\Users\Maddin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-672229362-162574948-1539344447-1001Core.job => C:\Users\Maddin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-672229362-162574948-1539344447-1001UA.job => C:\Users\Maddin\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-10-03 00:00 - 2013-10-03 00:00 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-11 07:58 - 2013-09-11 07:58 - 16177544 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Windows:73FD0ABCDAE805C3
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\ProgramData\Temp:0888F409
AlternateDataStreams: C:\ProgramData\Temp:3440EB47
AlternateDataStreams: C:\ProgramData\Temp:66633281
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/07/2013 00:46:43 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2527
Error: (10/07/2013 00:46:43 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2527
Error: (10/07/2013 00:46:43 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/07/2013 00:46:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1326
Error: (10/07/2013 00:46:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1326
Error: (10/07/2013 00:46:41 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/01/2013 10:20:18 PM) (Source: Google Update) (User: Maddin-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80
Error: (09/29/2013 03:05:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2590
Error: (09/29/2013 03:05:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2590
Error: (09/29/2013 03:05:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (10/06/2013 07:29:18 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (10/06/2013 06:15:17 PM) (Source: ipnathlp) (User: )
Description:
Error: (10/06/2013 06:08:10 PM) (Source: ipnathlp) (User: )
Description:
Error: (10/06/2013 03:38:23 PM) (Source: ipnathlp) (User: )
Description:
Error: (10/06/2013 03:31:16 PM) (Source: ipnathlp) (User: )
Description:
Error: (10/06/2013 04:00:42 AM) (Source: ipnathlp) (User: )
Description:
Error: (10/06/2013 03:37:33 AM) (Source: ipnathlp) (User: )
Description:
Error: (10/06/2013 03:35:25 AM) (Source: ipnathlp) (User: )
Description: 0.0.0.0
Error: (10/06/2013 03:33:23 AM) (Source: ipnathlp) (User: )
Description:
Error: (10/06/2013 03:32:31 AM) (Source: ipnathlp) (User: )
Description: 169.254.116.165192.168.137.0255.255.255.0
Microsoft Office Sessions:
=========================
Error: (10/07/2013 00:46:43 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2527
Error: (10/07/2013 00:46:43 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2527
Error: (10/07/2013 00:46:43 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/07/2013 00:46:42 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1326
Error: (10/07/2013 00:46:42 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1326
Error: (10/07/2013 00:46:41 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/01/2013 10:20:18 PM) (Source: Google Update)(User: Maddin-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80
Error: (09/29/2013 03:05:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2590
Error: (09/29/2013 03:05:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2590
Error: (09/29/2013 03:05:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
CodeIntegrity Errors:
===================================
Date: 2013-10-06 19:37:12.971
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-06 19:37:12.688
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-06 19:37:11.848
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-06 02:00:21.095
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-06 02:00:20.750
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-06 02:00:19.785
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-03 21:46:38.330
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-03 21:46:37.717
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-03 21:46:35.662
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-01 17:57:17.013
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 29%
Total physical RAM: 5886.17 MB
Available physical RAM: 4130.59 MB
Total Pagefile: 10833.29 MB
Available Pagefile: 8902.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:220.09 GB) (Free:17.48 GB) NTFS
Drive d: (Fahrenheit) (CDROM) (Total:3.69 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 02130212)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=220 GB) - (Type=07 NTFS)
==================== End Of Log ============================ MfG |