| hAuNtEdKiD | 16.02.2014 18:38 |
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by HorrorKid (administrator) on LINK on 16-02-2014 18:28:40
Running from C:\Users\HorrorKid\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\WINDOWS\SysWOW64\NLSSRV32.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332STI.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\syswow64\wwahost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-06-26] (Alcor Micro Corp.)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2874256 2012-12-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2013-02-16] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2013-02-16] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [332BigDog] - C:\Program Files (x86)\USB Camera2\VM332STI.EXE [548864 2012-03-20] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-16] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1864232908-4205428584-3793576050-1001\...\Run: [Google Update] - C:\Users\HorrorKid\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-06-18] (Google Inc.)
HKU\S-1-5-21-1864232908-4205428584-3793576050-1001\...\Run: [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {ACFAB3BE-2272-44A5-8567-2996320F2B7C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - {ACFAB3BE-2272-44A5-8567-2996320F2B7C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKCU - {ACFAB3BE-2272-44A5-8567-2996320F2B7C} URL =
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\HorrorKid\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\HorrorKid\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Extension: HDvid Codec 3 - C:\Users\HorrorKid\AppData\Roaming\Mozilla\Firefox\profiles\extensions\hdvc3@hdvidcodec.com.xpi [2013-06-30]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR DefaultSearchKeyword: sweet-page
CHR DefaultSearchProvider: sweet-page
CHR DefaultSearchURL: hxxp://www.sweet-page.com/web/?type=ds&ts=1390592673&from=cor&uid=ST500LT012-9WS142_S0V4B8GZXXXXS0V4B8GZ&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Nitro PDF plugin for Firefox and Chrome) - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
CHR Plugin: (Google Update) - C:\Users\HorrorKid\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\WINDOWS\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
CHR Extension: (ProxTube) - C:\Users\HorrorKid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2013-07-18]
CHR Extension: (AdBlock) - C:\Users\HorrorKid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-30]
CHR Extension: (avast! Online Security) - C:\Users\HorrorKid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-16]
CHR Extension: (Adblock Super) - C:\Users\HorrorKid\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2014-01-24]
CHR Extension: (Facebook AdBlock) - C:\Users\HorrorKid\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpacabphcagfehdgnigmfnbjdampbaa [2014-01-29]
CHR Extension: (Google Wallet) - C:\Users\HorrorKid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-02-16]
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-16] (AVAST Software)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [92160 2012-10-17] (ELAN Microelectronics Corp.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1674720 2013-09-25] ()
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-11-18] (Nitro PDF Software)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [78648 2014-02-16] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [92544 2014-02-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-02-16] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1038072 2014-02-16] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [421704 2014-02-16] (AVAST Software)
R3 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [80184 2014-02-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-16] ()
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6822984 2013-02-16] (Broadcom Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-16 18:28 - 2014-02-16 18:28 - 02152960 _____ (Farbar) C:\Users\HorrorKid\Downloads\FRST64.exe
2014-02-16 18:28 - 2014-02-16 18:28 - 00013625 _____ () C:\Users\HorrorKid\Downloads\FRST.txt
2014-02-16 18:28 - 2014-02-16 18:28 - 00000000 ____D () C:\FRST
2014-02-16 13:26 - 2014-02-16 13:26 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\AVAST Software
2014-02-16 10:48 - 2014-02-16 10:48 - 00000000 ____D () C:\Users\HorrorKid\AppData\Roaming\AVAST Software
2014-02-16 10:47 - 2014-02-16 10:48 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-02-16 10:47 - 2014-02-16 10:47 - 00001977 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-16 10:47 - 2014-02-16 10:46 - 01038072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-02-16 10:47 - 2014-02-16 10:46 - 00421704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-02-16 10:47 - 2014-02-16 10:46 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-02-16 10:47 - 2014-02-16 10:46 - 00207904 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-02-16 10:47 - 2014-02-16 10:46 - 00092544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-02-16 10:47 - 2014-02-16 10:46 - 00080184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-02-16 10:47 - 2014-02-16 10:46 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-02-16 10:47 - 2014-02-16 10:46 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-02-16 10:46 - 2014-02-16 10:46 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-02-16 10:46 - 2014-02-16 10:46 - 00000000 ____D () C:\Program Files\AVAST Software
2014-02-16 10:45 - 2014-02-16 10:45 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-16 10:43 - 2014-02-16 10:45 - 90578216 _____ (AVAST Software) C:\Users\HorrorKid\Downloads\avast_free_antivirus_setup_9.0.2013.exe
2014-02-15 21:22 - 2014-02-15 21:22 - 00003118 _____ () C:\WINDOWS\System32\Tasks\{2D887AA4-C80D-4525-93C4-4CFB2B2AEC9C}
2014-02-15 21:15 - 2014-02-15 21:15 - 00003140 _____ () C:\WINDOWS\System32\Tasks\{EE97E55B-81C7-4EFC-ACA6-B74C93886DC8}
2014-02-15 18:58 - 2014-02-15 20:36 - 153679872 _____ () C:\Users\HorrorKid\Downloads\The.Legend.of.Zelda.Skyward.Sword.part01.rar
2014-02-15 18:55 - 2014-02-15 18:55 - 00011568 _____ () C:\Users\HorrorKid\Downloads\c4b4ae006e36d7d2cf4a23bdf29e989f.dlc
2014-02-15 15:35 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-15 15:35 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-15 15:35 - 2013-03-02 09:23 - 00375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-02-15 15:35 - 2013-03-02 03:44 - 01011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-02-15 15:35 - 2012-12-15 05:55 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-02-15 15:35 - 2012-11-03 06:26 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysreset.exe
2014-02-15 15:35 - 2012-11-03 06:25 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\resetengmig.dll
2014-02-15 15:35 - 2012-10-24 04:25 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2014-02-15 15:35 - 2012-10-24 04:25 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2014-02-15 15:35 - 2012-10-24 04:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2014-02-15 15:35 - 2012-10-24 04:24 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2014-02-15 15:35 - 2012-10-24 04:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2014-02-15 15:35 - 2012-10-24 03:48 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2014-02-15 15:34 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-02-15 15:34 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-15 15:34 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-02-15 15:34 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-15 15:34 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-02-15 15:34 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-02-15 15:34 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-02-15 15:34 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-02-15 15:34 - 2013-03-22 04:49 - 02382336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2014-02-15 15:34 - 2013-03-21 23:47 - 02851840 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2014-02-15 15:33 - 2013-10-02 00:37 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-15 15:33 - 2013-10-02 00:26 - 02304512 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-15 15:33 - 2013-04-03 00:37 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdlg.dll
2014-02-15 15:33 - 2013-04-03 00:12 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdlg.dll
2014-02-15 15:32 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-15 15:32 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-15 14:36 - 2014-02-16 14:40 - 00000000 ____D () C:\Users\HorrorKid\Tracing
2014-02-15 14:25 - 2014-02-15 14:25 - 00000000 ____D () C:\WINDOWS\de
2014-02-15 14:24 - 2014-02-16 14:43 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-02-15 14:24 - 2014-02-15 14:24 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-02-15 14:24 - 2014-02-15 14:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-02-15 14:23 - 2014-02-15 14:23 - 00000199 _____ () C:\WINDOWS\DirectX.log
2014-02-15 14:23 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2014-02-15 14:23 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-02-15 14:23 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-02-15 14:23 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2014-02-15 14:23 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-02-15 14:23 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2014-02-15 14:23 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-02-15 14:23 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2014-02-15 14:23 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2014-02-15 14:23 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2014-02-15 14:23 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2014-02-15 14:23 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2014-02-15 14:22 - 2014-02-15 15:16 - 00000000 ____D () C:\Users\HorrorKid\AppData\Local\Windows Live
2014-02-15 14:17 - 2014-02-15 14:21 - 142602520 _____ (Microsoft Corporation) C:\Users\HorrorKid\Downloads\wlsetup-all_16.4.3508.0205 (1).exe
2014-02-14 16:10 - 2014-02-14 16:16 - 246598160 _____ () C:\Users\HorrorKid\Downloads\kis14.0.0.4651de-de.exe
2014-02-14 14:26 - 2014-02-14 14:26 - 00000000 ____D () C:\Users\HorrorKid\AppData\Roaming\Malwarebytes
2014-02-14 14:26 - 2014-02-14 14:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-14 14:26 - 2014-02-14 14:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-14 14:26 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-02-14 14:25 - 2014-02-14 14:25 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\HorrorKid\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-14 11:04 - 2014-02-14 11:04 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Lenovo
2014-02-14 11:03 - 2014-02-14 11:04 - 00001133 _____ () C:\Users\Gast\Desktop\Cyberlink Power2Go.lnk
2014-02-14 11:03 - 2014-02-14 11:03 - 00001449 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-14 11:03 - 2014-02-14 11:03 - 00000020 ___SH () C:\Users\Gast\ntuser.ini
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Vorlagen
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Startmenü
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Netzwerkumgebung
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Lokale Einstellungen
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Eigene Dateien
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Druckumgebung
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Musik
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Bilder
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Verlauf
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Anwendungsdaten
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Anwendungsdaten
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Adobe
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\VirtualStore
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ____D () C:\Users\Gast
2014-02-14 11:03 - 2013-08-16 15:02 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-02-14 11:03 - 2013-06-24 22:27 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-02-14 11:03 - 2013-02-16 03:28 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Macromedia
2014-02-14 11:03 - 2013-02-16 03:26 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-02-14 11:03 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-14 11:03 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-14 11:03 - 2010-12-19 06:31 - 00000189 _____ () C:\Users\Gast\Desktop\Lenovo Telephony Start Now.url
2014-02-14 10:13 - 2014-02-14 10:13 - 01166132 _____ () C:\Users\HorrorKid\Downloads\adwcleaner-3.018 (1).exe
2014-02-13 10:20 - 2014-02-13 10:20 - 00482645 _____ () C:\Users\HorrorKid\Downloads\Ba7ONiWCQAACgVm.png-large
2014-02-12 10:32 - 2014-02-12 10:32 - 01709990 _____ () C:\Users\HorrorKid\Downloads\51.jpeg
2014-02-12 10:02 - 2014-02-12 10:03 - 01166132 _____ () C:\Users\HorrorKid\Downloads\adwcleaner-3.018.exe
2014-02-12 07:56 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-12 07:56 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-12 07:56 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-12 07:56 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-02-12 07:56 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-02-12 07:56 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-12 07:56 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-12 07:56 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-02-12 07:56 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-12 07:56 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-12 07:56 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-02-12 07:56 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-12 07:56 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-12 07:56 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-12 07:56 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-12 07:56 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-12 07:56 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-02-12 07:56 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-12 07:56 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-12 07:56 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-12 07:56 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-02-12 07:56 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-12 07:56 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-12 07:56 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-12 07:56 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-12 07:56 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-12 07:56 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-02-12 07:56 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-12 07:56 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-12 07:56 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-12 07:56 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-12 07:56 - 2013-11-27 01:19 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-12 07:56 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-02-12 07:56 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-12 07:55 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-12 07:55 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-12 07:55 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-12 07:55 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-12 07:55 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-12 07:55 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-02-12 07:54 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-12 07:54 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-12 07:54 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-12 07:54 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-04 23:02 - 2014-02-04 23:54 - 202831872 _____ () C:\Users\HorrorKid\Downloads\Metroid.Prime.Trilogy.part04.rar
2014-02-04 21:48 - 2014-02-04 22:56 - 202831872 _____ () C:\Users\HorrorKid\Downloads\Metroid.Prime.Trilogy.part01.rar
2014-02-04 21:45 - 2014-02-04 21:45 - 00014488 _____ () C:\Users\HorrorKid\Downloads\10c16348d566d79d4202b7e62135c6d6.dlc
2014-02-04 00:48 - 2014-02-04 00:56 - 44350914 _____ () C:\Users\HorrorKid\Downloads\mp2_pal.zip
2014-02-03 23:25 - 2014-02-03 23:25 - 44768128 _____ () C:\Users\HorrorKid\Downloads\N64 Mario Party 2.wad
2014-02-03 20:25 - 2014-02-03 20:26 - 00777208 _____ () C:\Users\HorrorKid\Downloads\wii_gamecube_homebrew_launcher_v0.2.3.rar
2014-02-03 20:11 - 2014-02-03 20:12 - 61569210 _____ () C:\Users\HorrorKid\Downloads\Conker's Bad Fur Day (USA).zip
2014-02-01 18:17 - 2014-02-01 18:17 - 00749735 _____ () C:\Users\HorrorKid\Downloads\wad_manager_1.7.rar
2014-02-01 18:11 - 2014-02-01 18:11 - 00131072 _____ () C:\Users\HorrorKid\Downloads\Super.Mario.World.PAL.PROPER.REPACK.VC.Wii-OneUp.srm
2014-02-01 18:03 - 2014-02-01 18:03 - 00004910 _____ () C:\Users\HorrorKid\Downloads\2A11C738A27C35E6303F36F60D0B001EFB0287BD.torrent
2014-02-01 18:01 - 2014-02-01 18:01 - 00004925 _____ () C:\Users\HorrorKid\Downloads\Super.Mario.World.PAL.PROPER.REPACK.VC.Wii-OneUp.torrent
2014-01-31 22:26 - 2014-01-31 22:31 - 14342256 _____ () C:\Users\HorrorKid\Downloads\LoZ_-_LttP.zip
2014-01-30 15:36 - 2014-01-30 15:36 - 00020203 _____ () C:\Users\HorrorKid\Downloads\20120416-223701.jpg-w=490
2014-01-28 09:28 - 2014-01-28 09:28 - 00037855 _____ () C:\Users\HorrorKid\Downloads\The-animatrix-poster.jpeg
2014-01-28 09:24 - 2014-02-16 17:39 - 00006584 _____ () C:\WINDOWS\PFRO.log
2014-01-28 09:19 - 2014-02-14 10:14 - 00000000 ____D () C:\AdwCleaner
2014-01-28 09:17 - 2014-01-28 09:17 - 01236282 _____ () C:\Users\HorrorKid\Downloads\adwcleaner_3.017 (2).exe
2014-01-27 15:18 - 2014-01-27 15:18 - 00000000 ____D () C:\Users\HorrorKid\AppData\Local\Wii_Converter_GUI
2014-01-27 13:55 - 2014-01-27 13:56 - 16503094 _____ () C:\Users\HorrorKid\Downloads\usbloader_gx_v3_0_allinonepackage_ios249.zip
2014-01-27 12:09 - 2014-02-07 23:58 - 00009415 _____ () C:\WINDOWS\setupact.log
2014-01-27 12:09 - 2014-01-27 12:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-01-26 07:34 - 2009-02-12 22:45 - 405012480 _____ () C:\Users\HorrorKid\Downloads\SuMGal.iso
2014-01-25 09:22 - 2014-01-25 09:22 - 00002736 _____ () C:\Users\HorrorKid\Downloads\relink.us__RMGP01.part0_dd5e61980093677970f4d5002c958e (1).dlc
2014-01-24 21:13 - 2014-01-24 21:13 - 00002736 _____ () C:\Users\HorrorKid\Downloads\relink.us__RMGP01.part0_dd5e61980093677970f4d5002c958e.dlc
2014-01-24 20:58 - 2014-01-24 20:58 - 00921000 _____ (Oracle Corporation) C:\Users\HorrorKid\Downloads\chromeinstall-7u51.exe
2014-01-24 20:45 - 2014-01-24 21:20 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-01-24 20:42 - 2014-01-24 20:42 - 00081488 _____ (AppWork UG (haftungsbeschränkt)) C:\Users\HorrorKid\Downloads\WebInstaller.exe
2014-01-24 19:54 - 2014-01-24 19:54 - 00000000 ____D () C:\wbfs
2014-01-24 19:47 - 2014-01-24 19:47 - 00000000 ____D () C:\ProgramData\Free Download Manager
2014-01-24 19:45 - 2014-01-24 19:45 - 07752897 _____ (FreeDownloadManager.ORG ) C:\Users\HorrorKid\Downloads\fdminst_3.9.3.1360.exe
2014-01-24 08:25 - 2014-01-24 08:25 - 01236282 _____ () C:\Users\HorrorKid\Downloads\adwcleaner_3.017.exe
2014-01-22 08:52 - 2014-01-22 08:52 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2014-01-22 08:52 - 2014-01-22 08:52 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
==================== One Month Modified Files and Folders =======
2014-02-16 18:28 - 2014-02-16 18:28 - 02152960 _____ (Farbar) C:\Users\HorrorKid\Downloads\FRST64.exe
2014-02-16 18:28 - 2014-02-16 18:28 - 00013625 _____ () C:\Users\HorrorKid\Downloads\FRST.txt
2014-02-16 18:28 - 2014-02-16 18:28 - 00000000 ____D () C:\FRST
2014-02-16 18:19 - 2013-02-16 11:57 - 00753134 _____ () C:\WINDOWS\system32\perfh007.dat
2014-02-16 18:19 - 2013-02-16 11:57 - 00155826 _____ () C:\WINDOWS\system32\perfc007.dat
2014-02-16 18:19 - 2012-07-26 08:28 - 01745416 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-16 18:17 - 2014-01-02 17:59 - 01113784 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-16 17:40 - 2012-07-26 08:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-16 17:39 - 2014-01-28 09:24 - 00006584 _____ () C:\WINDOWS\PFRO.log
2014-02-16 17:39 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-16 16:02 - 2013-06-18 16:31 - 00001146 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1864232908-4205428584-3793576050-1001UA.job
2014-02-16 14:56 - 2013-06-18 16:05 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1864232908-4205428584-3793576050-1001
2014-02-16 14:43 - 2014-02-15 14:24 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-02-16 14:42 - 2013-06-27 13:35 - 00000000 ____D () C:\Users\HorrorKid\AppData\Roaming\Skype
2014-02-16 14:42 - 2013-06-27 13:35 - 00000000 ____D () C:\ProgramData\Skype
2014-02-16 14:40 - 2014-02-15 14:36 - 00000000 ____D () C:\Users\HorrorKid\Tracing
2014-02-16 13:56 - 2013-08-15 09:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-16 13:53 - 2013-06-19 10:51 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-16 13:26 - 2014-02-16 13:26 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\AVAST Software
2014-02-16 10:48 - 2014-02-16 10:48 - 00000000 ____D () C:\Users\HorrorKid\AppData\Roaming\AVAST Software
2014-02-16 10:48 - 2014-02-16 10:47 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-02-16 10:47 - 2014-02-16 10:47 - 00001977 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-16 10:46 - 2014-02-16 10:47 - 01038072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-02-16 10:46 - 2014-02-16 10:47 - 00421704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-02-16 10:46 - 2014-02-16 10:47 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-02-16 10:46 - 2014-02-16 10:47 - 00207904 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-02-16 10:46 - 2014-02-16 10:47 - 00092544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-02-16 10:46 - 2014-02-16 10:47 - 00080184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-02-16 10:46 - 2014-02-16 10:47 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-02-16 10:46 - 2014-02-16 10:47 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-02-16 10:46 - 2014-02-16 10:46 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-02-16 10:46 - 2014-02-16 10:46 - 00000000 ____D () C:\Program Files\AVAST Software
2014-02-16 10:45 - 2014-02-16 10:45 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-16 10:45 - 2014-02-16 10:43 - 90578216 _____ (AVAST Software) C:\Users\HorrorKid\Downloads\avast_free_antivirus_setup_9.0.2013.exe
2014-02-16 10:21 - 2013-08-17 00:16 - 00000000 ____D () C:\Users\HorrorKid\AppData\Local\Facebook
2014-02-16 10:16 - 2013-07-16 04:44 - 00000000 ____D () C:\ldiag
2014-02-16 10:02 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-02-16 10:01 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-02-16 09:58 - 2013-12-18 13:29 - 00000000 ____D () C:\Gamigo
2014-02-16 09:50 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-16 09:49 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-16 09:49 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\WinStore
2014-02-15 21:22 - 2014-02-15 21:22 - 00003118 _____ () C:\WINDOWS\System32\Tasks\{2D887AA4-C80D-4525-93C4-4CFB2B2AEC9C}
2014-02-15 21:15 - 2014-02-15 21:15 - 00003140 _____ () C:\WINDOWS\System32\Tasks\{EE97E55B-81C7-4EFC-ACA6-B74C93886DC8}
2014-02-15 20:36 - 2014-02-15 18:58 - 153679872 _____ () C:\Users\HorrorKid\Downloads\The.Legend.of.Zelda.Skyward.Sword.part01.rar
2014-02-15 18:55 - 2014-02-15 18:55 - 00011568 _____ () C:\Users\HorrorKid\Downloads\c4b4ae006e36d7d2cf4a23bdf29e989f.dlc
2014-02-15 15:53 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-02-15 15:16 - 2014-02-15 14:22 - 00000000 ____D () C:\Users\HorrorKid\AppData\Local\Windows Live
2014-02-15 14:36 - 2013-06-18 15:56 - 00000000 ____D () C:\Users\HorrorKid
2014-02-15 14:25 - 2014-02-15 14:25 - 00000000 ____D () C:\WINDOWS\de
2014-02-15 14:25 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-02-15 14:24 - 2014-02-15 14:24 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-02-15 14:24 - 2014-02-15 14:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-02-15 14:23 - 2014-02-15 14:23 - 00000199 _____ () C:\WINDOWS\DirectX.log
2014-02-15 14:21 - 2014-02-15 14:17 - 142602520 _____ (Microsoft Corporation) C:\Users\HorrorKid\Downloads\wlsetup-all_16.4.3508.0205 (1).exe
2014-02-14 21:02 - 2013-06-18 16:31 - 00001094 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1864232908-4205428584-3793576050-1001Core.job
2014-02-14 16:16 - 2014-02-14 16:10 - 246598160 _____ () C:\Users\HorrorKid\Downloads\kis14.0.0.4651de-de.exe
2014-02-14 14:26 - 2014-02-14 14:26 - 00000000 ____D () C:\Users\HorrorKid\AppData\Roaming\Malwarebytes
2014-02-14 14:26 - 2014-02-14 14:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-14 14:26 - 2014-02-14 14:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-14 14:25 - 2014-02-14 14:25 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\HorrorKid\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-14 11:04 - 2014-02-14 11:04 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Lenovo
2014-02-14 11:04 - 2014-02-14 11:03 - 00001133 _____ () C:\Users\Gast\Desktop\Cyberlink Power2Go.lnk
2014-02-14 11:03 - 2014-02-14 11:03 - 00001449 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-14 11:03 - 2014-02-14 11:03 - 00000020 ___SH () C:\Users\Gast\ntuser.ini
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Vorlagen
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Startmenü
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Netzwerkumgebung
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Lokale Einstellungen
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Eigene Dateien
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Druckumgebung
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Musik
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Bilder
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Verlauf
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Anwendungsdaten
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 _SHDL () C:\Users\Gast\Anwendungsdaten
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Adobe
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\VirtualStore
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages
2014-02-14 11:03 - 2014-02-14 11:03 - 00000000 ____D () C:\Users\Gast
2014-02-14 10:14 - 2014-01-28 09:19 - 00000000 ____D () C:\AdwCleaner
2014-02-14 10:13 - 2014-02-14 10:13 - 01166132 _____ () C:\Users\HorrorKid\Downloads\adwcleaner-3.018 (1).exe
2014-02-13 14:36 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-13 10:20 - 2014-02-13 10:20 - 00482645 _____ () C:\Users\HorrorKid\Downloads\Ba7ONiWCQAACgVm.png-large
2014-02-12 10:32 - 2014-02-12 10:32 - 01709990 _____ () C:\Users\HorrorKid\Downloads\51.jpeg
2014-02-12 10:03 - 2014-02-12 10:02 - 01166132 _____ () C:\Users\HorrorKid\Downloads\adwcleaner-3.018.exe
2014-02-11 20:57 - 2013-06-18 16:31 - 00004100 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1864232908-4205428584-3793576050-1001UA
2014-02-11 20:57 - 2013-06-18 16:31 - 00003720 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1864232908-4205428584-3793576050-1001Core
2014-02-10 17:25 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-02-07 23:58 - 2014-01-27 12:09 - 00009415 _____ () C:\WINDOWS\setupact.log
2014-02-04 23:54 - 2014-02-04 23:02 - 202831872 _____ () C:\Users\HorrorKid\Downloads\Metroid.Prime.Trilogy.part04.rar
2014-02-04 22:56 - 2014-02-04 21:48 - 202831872 _____ () C:\Users\HorrorKid\Downloads\Metroid.Prime.Trilogy.part01.rar
2014-02-04 21:45 - 2014-02-04 21:45 - 00014488 _____ () C:\Users\HorrorKid\Downloads\10c16348d566d79d4202b7e62135c6d6.dlc
2014-02-04 00:56 - 2014-02-04 00:48 - 44350914 _____ () C:\Users\HorrorKid\Downloads\mp2_pal.zip
2014-02-03 23:25 - 2014-02-03 23:25 - 44768128 _____ () C:\Users\HorrorKid\Downloads\N64 Mario Party 2.wad
2014-02-03 20:26 - 2014-02-03 20:25 - 00777208 _____ () C:\Users\HorrorKid\Downloads\wii_gamecube_homebrew_launcher_v0.2.3.rar
2014-02-03 20:12 - 2014-02-03 20:11 - 61569210 _____ () C:\Users\HorrorKid\Downloads\Conker's Bad Fur Day (USA).zip
2014-02-02 01:14 - 2013-06-18 15:56 - 00000000 ____D () C:\Users\HorrorKid\AppData\Local\Packages
2014-02-01 18:17 - 2014-02-01 18:17 - 00749735 _____ () C:\Users\HorrorKid\Downloads\wad_manager_1.7.rar
2014-02-01 18:11 - 2014-02-01 18:11 - 00131072 _____ () C:\Users\HorrorKid\Downloads\Super.Mario.World.PAL.PROPER.REPACK.VC.Wii-OneUp.srm
2014-02-01 18:03 - 2014-02-01 18:03 - 00004910 _____ () C:\Users\HorrorKid\Downloads\2A11C738A27C35E6303F36F60D0B001EFB0287BD.torrent
2014-02-01 18:01 - 2014-02-01 18:01 - 00004925 _____ () C:\Users\HorrorKid\Downloads\Super.Mario.World.PAL.PROPER.REPACK.VC.Wii-OneUp.torrent
2014-02-01 10:20 - 2014-02-12 07:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-01 10:19 - 2014-02-12 07:56 - 02241536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-01 10:19 - 2014-02-12 07:56 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-01 10:19 - 2014-02-12 07:56 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-02-01 10:19 - 2014-02-12 07:56 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-02-01 10:18 - 2014-02-12 07:56 - 19274240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-01 10:18 - 2014-02-12 07:56 - 15403520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-01 10:18 - 2014-02-12 07:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-02-01 10:18 - 2014-02-12 07:56 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-01 10:18 - 2014-02-12 07:56 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-01 10:18 - 2014-02-12 07:56 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-02-01 10:18 - 2014-02-12 07:56 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-01 10:18 - 2014-02-12 07:56 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-01 10:18 - 2014-02-12 07:56 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-01 10:18 - 2014-02-12 07:55 - 03960320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-01 10:18 - 2014-02-12 07:55 - 02648576 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-01 08:58 - 2014-02-12 07:56 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-01 08:58 - 2014-02-12 07:56 - 01140736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-01 08:58 - 2014-02-12 07:56 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-02-01 08:57 - 2014-02-12 07:56 - 13760512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-01 08:57 - 2014-02-12 07:56 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-01 08:57 - 2014-02-12 07:56 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-01 08:57 - 2014-02-12 07:56 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-02-01 08:57 - 2014-02-12 07:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-01 08:57 - 2014-02-12 07:56 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-01 08:57 - 2014-02-12 07:56 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-01 08:57 - 2014-02-12 07:55 - 14359040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-01 08:57 - 2014-02-12 07:55 - 02877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-01 08:57 - 2014-02-12 07:55 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-01 08:57 - 2014-02-12 07:55 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-02-01 08:40 - 2014-02-12 07:56 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-01 08:34 - 2014-02-12 07:56 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-01 06:08 - 2014-02-12 07:56 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-01-31 22:31 - 2014-01-31 22:26 - 14342256 _____ () C:\Users\HorrorKid\Downloads\LoZ_-_LttP.zip
2014-01-30 22:10 - 2013-12-17 20:20 - 00694240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-30 22:10 - 2013-12-17 20:20 - 00078296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-30 15:36 - 2014-01-30 15:36 - 00020203 _____ () C:\Users\HorrorKid\Downloads\20120416-223701.jpg-w=490
2014-01-28 09:28 - 2014-01-28 09:28 - 00037855 _____ () C:\Users\HorrorKid\Downloads\The-animatrix-poster.jpeg
2014-01-28 09:23 - 2013-06-18 16:32 - 00000000 ____D () C:\Users\HorrorKid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-01-28 09:23 - 2013-06-18 15:57 - 00001014 _____ () C:\Users\HorrorKid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-28 09:17 - 2014-01-28 09:17 - 01236282 _____ () C:\Users\HorrorKid\Downloads\adwcleaner_3.017 (2).exe
2014-01-27 15:18 - 2014-01-27 15:18 - 00000000 ____D () C:\Users\HorrorKid\AppData\Local\Wii_Converter_GUI
2014-01-27 13:56 - 2014-01-27 13:55 - 16503094 _____ () C:\Users\HorrorKid\Downloads\usbloader_gx_v3_0_allinonepackage_ios249.zip
2014-01-27 12:09 - 2014-01-27 12:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-01-25 09:22 - 2014-01-25 09:22 - 00002736 _____ () C:\Users\HorrorKid\Downloads\relink.us__RMGP01.part0_dd5e61980093677970f4d5002c958e (1).dlc
2014-01-24 21:20 - 2014-01-24 20:45 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-01-24 21:13 - 2014-01-24 21:13 - 00002736 _____ () C:\Users\HorrorKid\Downloads\relink.us__RMGP01.part0_dd5e61980093677970f4d5002c958e.dlc
2014-01-24 20:58 - 2014-01-24 20:58 - 00921000 _____ (Oracle Corporation) C:\Users\HorrorKid\Downloads\chromeinstall-7u51.exe
2014-01-24 20:42 - 2014-01-24 20:42 - 00081488 _____ (AppWork UG (haftungsbeschränkt)) C:\Users\HorrorKid\Downloads\WebInstaller.exe
2014-01-24 19:54 - 2014-01-24 19:54 - 00000000 ____D () C:\wbfs
2014-01-24 19:47 - 2014-01-24 19:47 - 00000000 ____D () C:\ProgramData\Free Download Manager
2014-01-24 19:45 - 2014-01-24 19:45 - 07752897 _____ (FreeDownloadManager.ORG ) C:\Users\HorrorKid\Downloads\fdminst_3.9.3.1360.exe
2014-01-24 08:25 - 2014-01-24 08:25 - 01236282 _____ () C:\Users\HorrorKid\Downloads\adwcleaner_3.017.exe
2014-01-23 05:57 - 2013-06-30 18:24 - 00019701 _____ () C:\Users\HorrorKid\Desktop\Notizen.txt
2014-01-22 08:52 - 2014-01-22 08:52 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2014-01-22 08:52 - 2014-01-22 08:52 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2014-01-20 13:41 - 2013-12-26 18:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-01-19 08:33 - 2013-07-20 13:41 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\HorrorKid\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-16 13:26
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01
Ran by HorrorKid at 2014-02-16 18:29:23
Running from C:\Users\HorrorKid\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Alcor Micro USB Card Reader (x32 Version: 3.8.42.71502 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.8.42.71502 - Alcor Micro Corp.) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.1.0.4 - Atheros Communications Inc.)
avast! Free Antivirus (x32 Version: 9.0.2013 - Avast Software)
Benutzerhandbuch (x32 Version: 1.0.0.9 - Lenovo) Hidden
Broadcom 802.11 Network Adapter (Version: 6.30.59.20 - Broadcom Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (x32 Version: 7.2.8000.13 - Dolby Laboratories Inc)
Energy Management (x32 Version: 8.0.2.3 - Lenovo)
Energy Management (x32 Version: 8.0.2.3 - Lenovo) Hidden
ffdshow v1.2.4422 [2012-04-09] (x32 Version: 1.2.4422.0 - )
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKCU Version: 32.0.1700.107 - Google Inc.)
Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2843 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
Left 4 Dead 2 (x32 Version: - Valve)
Lenovo EasyCamera (x32 Version: 1.12.824.1 - Vimicro)
Lenovo OneKey Recovery (Version: 8.0.0.0710 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (x32 Version: 8.0.0.0710 - CyberLink Corp.)
Lenovo Photos (x32 Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo pointing device (Version: 11.4.11.7 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4310.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4310.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (Version: 2.3.002.00 - Lenovo Group Limited)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Nitro Pro 8 (Version: 8.0.7.3 - Nitro)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Power2Go (x32 Version: 5.6.0.9109 - CyberLink Corp.)
Project 64 version 2.1.0.1 (x32 Version: 2.1.0.1 - )
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6675 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
Steam (x32 Version: - Valve Corporation)
SugarSync Manager (x32 Version: 1.9.61.90905 - SugarSync, Inc.)
UserGuide (x32 Version: 1.0.0.9 - Lenovo)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.00 (32-Bit) (x32 Version: 5.00.0 - win.rar GmbH)
==================== Restore Points =========================
01-02-2014 02:02:29 Geplanter Prüfpunkt
05-02-2014 13:51:52 Windows Update
13-02-2014 10:13:09 Windows Update
15-02-2014 13:22:19 Windows Live Essentials
16-02-2014 13:41:13 Removed Skype™ 6.3
==================== Hosts content: ==========================
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {01489315-AF0F-4774-AE19-0BA847BA9926} - \Plus-HD-4.8-updater No Task File
Task: {09165554-CF9D-40C5-B22B-4BDBA7783C9B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1864232908-4205428584-3793576050-1001UA => C:\Users\HorrorKid\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-18] (Google Inc.)
Task: {18E51AB3-23BB-4FF3-8ED5-B70833155183} - System32\Tasks\{BC7DEA4D-0781-463A-8967-E46282B99082} => Chrome.exe hxxp://ui.skype.com/ui/0/6.5.0.158/de/go/help.faq.installer?LastError=1603
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1C574E6C-2234-4CDB-9F7C-9F48F12A8800} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-09-25] ()
Task: {1F56F8B8-60FA-45C8-9512-0EEB0F8B07A5} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {254292BD-C1EA-443E-B9D1-DF758A1B4648} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {26971375-77E9-4EA1-8D2F-E26ED1123EB8} - \BrowserDefendert No Task File
Task: {2A36C22A-CC6E-446D-B826-B1D13DF154F9} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-09-25] (Lenovo)
Task: {2C4B9490-7C20-474F-84FA-7149933259EE} - System32\Tasks\{FDFD0B59-2E71-4EEA-B331-70EE75DD3C24} => Chrome.exe hxxp://ui.skype.com/ui/0/6.5.0.158/de/go/help.faq.installer?LastError=1603
Task: {2F92F082-BE72-4DF9-8EF9-10EE522781A3} - System32\Tasks\{CE1DFF19-7686-40D2-8779-ECFDF9BB2731} => Chrome.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/go/help.faq.installer?LastError=1603
Task: {3FCD0E83-2C61-40BD-B1EF-2C547F257819} - \Plus-HD-4.8-firefoxinstaller No Task File
Task: {40212352-FDF9-4008-8860-416CC1EA78C9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-16] (AVAST Software)
Task: {578E351C-0718-40E5-825F-C5FA705AF2E8} - \Desk 365 RunAsStdUser No Task File
Task: {6001EF7C-B27D-42FA-A44C-ED8A2C0E6591} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1864232908-4205428584-3793576050-1001Core => C:\Users\HorrorKid\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-18] (Google Inc.)
Task: {6952FF54-08E7-4395-88D0-441E78BEC008} - System32\Tasks\{2D887AA4-C80D-4525-93C4-4CFB2B2AEC9C} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsWLM
Task: {6CAA9FCB-EB86-45F6-BEDC-BD8D5FCEC2F2} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {71024835-969A-4AB0-AC21-93D8F48C97AA} - System32\Tasks\Microsoft\WINRE\WinRE-Repair => C:\windows\System32\reagentc.exe [2012-10-24] (Microsoft Corporation)
Task: {797C22AC-532C-44B7-8BA6-AAB6A93E5C50} - \Plus-HD-4.8-codedownloader No Task File
Task: {853296E5-99CD-4DF5-B92E-69F5DDDA9AC3} - System32\Tasks\{EE97E55B-81C7-4EFC-ACA6-B74C93886DC8} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/go/help.faq.installer?LastError=1603
Task: {8A30E798-4A62-4FCA-B59A-A1064B0D8D55} - System32\Tasks\{088DAD7B-8373-459B-B5B1-1D426A241776} => Chrome.exe hxxp://ui.skype.com/ui/0/6.5.0.158/de/go/help.faq.installer?LastError=1603
Task: {8B4E1962-DBB6-47A9-987C-3AD80D3E1285} - System32\Tasks\OFFICE2010ACT => C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs [2012-03-08] ()
Task: {9E50CBAF-C83B-4ECA-AE15-00CE154C0EB3} - System32\Tasks\{C1892C02-5018-46FF-ABBC-ACB87AE8F851} => Chrome.exe hxxp://ui.skype.com/ui/0/6.5.0.158/de/go/help.faq.installer?LastError=1603
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AD808DCC-E606-4FFE-A11E-45B1F696809C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-09-25] (Lenovo)
Task: {B871D65E-D098-456E-8B54-9E0513859B98} - \Plus-HD-4.8-chromeinstaller No Task File
Task: {BE67E384-0466-4563-B204-A3A8E2519EA8} - \Plus-HD-4.8-enabler No Task File
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1864232908-4205428584-3793576050-1001Core.job => C:\Users\HorrorKid\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1864232908-4205428584-3793576050-1001UA.job => C:\Users\HorrorKid\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-08-27 07:13 - 2012-08-23 09:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-02-16 03:32 - 2012-07-12 13:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2014-02-16 10:46 - 2014-02-16 10:46 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-03 23:58 - 2014-02-02 00:41 - 00715592 _____ () C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
2014-02-03 23:58 - 2014-02-02 00:41 - 00100168 _____ () C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\32.0.1700.107\libegl.dll
2014-02-03 23:58 - 2014-02-02 00:42 - 04055368 _____ () C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-03 23:58 - 2014-02-02 00:42 - 00399688 _____ () C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-03 23:58 - 2014-02-02 00:41 - 01634632 _____ () C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
2014-02-03 23:58 - 2014-02-02 00:42 - 13616456 _____ () C:\Users\HorrorKid\AppData\Local\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/16/2014 02:41:24 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary yotphmjs.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (02/15/2014 09:15:36 PM) (Source: MsiInstaller) (User: LINK)
Description: Product: Skype™ 6.3 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi
Error: (02/15/2014 06:47:03 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MovieMaker.exe, Version: 16.4.3508.205, Zeitstempel: 0x5111fa77
Name des fehlerhaften Moduls: igd10umd32.dll, Version: 9.17.10.2843, Zeitstempel: 0x5033bdbf
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0006d0ef
ID des fehlerhaften Prozesses: 0x1fb8
Startzeit der fehlerhaften Anwendung: 0xMovieMaker.exe0
Pfad der fehlerhaften Anwendung: MovieMaker.exe1
Pfad des fehlerhaften Moduls: MovieMaker.exe2
Berichtskennung: MovieMaker.exe3
Vollständiger Name des fehlerhaften Pakets: MovieMaker.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MovieMaker.exe5
Error: (02/15/2014 06:36:23 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MovieMaker.exe, Version: 16.4.3508.205, Zeitstempel: 0x5111fa77
Name des fehlerhaften Moduls: igd10umd32.dll, Version: 9.17.10.2843, Zeitstempel: 0x5033bdbf
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0006cfab
ID des fehlerhaften Prozesses: 0x1eb4
Startzeit der fehlerhaften Anwendung: 0xMovieMaker.exe0
Pfad der fehlerhaften Anwendung: MovieMaker.exe1
Pfad des fehlerhaften Moduls: MovieMaker.exe2
Berichtskennung: MovieMaker.exe3
Vollständiger Name des fehlerhaften Pakets: MovieMaker.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MovieMaker.exe5
Error: (02/12/2014 10:06:16 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ismagent.exe, Version: 1.14.1.36458, Zeitstempel: 0x4fbe2d9c
Name des fehlerhaften Moduls: dlnashext.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5010975d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74afdeed
ID des fehlerhaften Prozesses: 0xdf0
Startzeit der fehlerhaften Anwendung: 0xismagent.exe0
Pfad der fehlerhaften Anwendung: ismagent.exe1
Pfad des fehlerhaften Moduls: ismagent.exe2
Berichtskennung: ismagent.exe3
Vollständiger Name des fehlerhaften Pakets: ismagent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ismagent.exe5
Error: (02/12/2014 10:06:14 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ismagent.exe, Version: 1.14.1.36458, Zeitstempel: 0x4fbe2d9c
Name des fehlerhaften Moduls: ncrypt.dll, Version: 6.2.9200.16384, Zeitstempel: 0x50108af8
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x000176d4
ID des fehlerhaften Prozesses: 0xdf0
Startzeit der fehlerhaften Anwendung: 0xismagent.exe0
Pfad der fehlerhaften Anwendung: ismagent.exe1
Pfad des fehlerhaften Moduls: ismagent.exe2
Berichtskennung: ismagent.exe3
Vollständiger Name des fehlerhaften Pakets: ismagent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ismagent.exe5
Error: (02/12/2014 07:48:01 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ismagent.exe, Version: 1.14.1.36458, Zeitstempel: 0x4fbe2d9c
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.2.9200.16680, Zeitstempel: 0x51fb1462
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d45e
ID des fehlerhaften Prozesses: 0xad4
Startzeit der fehlerhaften Anwendung: 0xismagent.exe0
Pfad der fehlerhaften Anwendung: ismagent.exe1
Pfad des fehlerhaften Moduls: ismagent.exe2
Berichtskennung: ismagent.exe3
Vollständiger Name des fehlerhaften Pakets: ismagent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ismagent.exe5
Error: (02/12/2014 07:47:57 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ismagent.exe, Version: 1.14.1.36458, Zeitstempel: 0x4fbe2d9c
Name des fehlerhaften Moduls: dlnashext.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5010975d
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x746176d4
ID des fehlerhaften Prozesses: 0xad4
Startzeit der fehlerhaften Anwendung: 0xismagent.exe0
Pfad der fehlerhaften Anwendung: ismagent.exe1
Pfad des fehlerhaften Moduls: ismagent.exe2
Berichtskennung: ismagent.exe3
Vollständiger Name des fehlerhaften Pakets: ismagent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ismagent.exe5
Error: (02/04/2014 04:22:41 PM) (Source: Google Update) (User: LINK)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (01/21/2014 07:22:41 AM) (Source: Google Update) (User: LINK)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
System errors:
=============
Error: (02/16/2014 05:39:31 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0
Error: (02/01/2014 04:38:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f020b fehlgeschlagen: SAMSUNG Electronics Co., Ltd. - Other hardware - SAMSUNG Mobile USB Modem
Error: (02/01/2014 04:38:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f020b fehlgeschlagen: SAMSUNG Electronics Co., Ltd. - Other hardware - SAMSUNG Mobile MTP Device
Error: (01/24/2014 01:12:48 PM) (Source: DCOM) (User: LINK)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (01/16/2014 07:54:42 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (01/09/2014 07:33:07 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 09.01.2014 um 18:53:11 unerwartet heruntergefahren.
Error: (01/08/2014 10:41:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/08/2014 10:41:59 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (12/26/2013 06:51:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/26/2013 06:51:02 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Microsoft Office Sessions:
=========================
Error: (02/16/2014 02:41:24 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary yotphmjs.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (02/15/2014 09:15:36 PM) (Source: MsiInstaller)(User: LINK)
Description: Product: Skype™ 6.3 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (02/15/2014 06:47:03 PM) (Source: Application Error)(User: )
Description: MovieMaker.exe16.4.3508.2055111fa77igd10umd32.dll9.17.10.28435033bdbfc00000050006d0ef1fb801cf2a7478f84461C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exeC:\WINDOWS\SYSTEM32\igd10umd32.dll2d56a15f-9669-11e3-bea2-3c970e761646
Error: (02/15/2014 06:36:23 PM) (Source: Application Error)(User: )
Description: MovieMaker.exe16.4.3508.2055111fa77igd10umd32.dll9.17.10.28435033bdbfc00000050006cfab1eb401cf2a745644b798C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exeC:\WINDOWS\SYSTEM32\igd10umd32.dllafcf6f11-9667-11e3-bea2-3c970e761646
Error: (02/12/2014 10:06:16 AM) (Source: Application Error)(User: )
Description: ismagent.exe1.14.1.364584fbe2d9cdlnashext.dll_unloaded0.0.0.05010975dc000000574afdeeddf001cf27d1acdbe867C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exedlnashext.dlled1f4ace-93c4-11e3-be9f-3c970e761646
Error: (02/12/2014 10:06:14 AM) (Source: Application Error)(User: )
Description: ismagent.exe1.14.1.364584fbe2d9cncrypt.dll6.2.9200.1638450108af8c00001a5000176d4df001cf27d1acdbe867C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exeC:\WINDOWS\SYSTEM32\ncrypt.dllec1904c7-93c4-11e3-be9f-3c970e761646
Error: (02/12/2014 07:48:01 AM) (Source: Application Error)(User: )
Description: ismagent.exe1.14.1.364584fbe2d9cSHELL32.dll6.2.9200.1668051fb1462c00000050001d45ead401cf27be56233d5aC:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exeC:\WINDOWS\SYSTEM32\SHELL32.dll9cd62df5-93b1-11e3-be9e-3c970e761646
Error: (02/12/2014 07:47:57 AM) (Source: Application Error)(User: )
Description: ismagent.exe1.14.1.364584fbe2d9cdlnashext.dll_unloaded0.0.0.05010975dc00001a5746176d4ad401cf27be56233d5aC:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exedlnashext.dll9ae17ad0-93b1-11e3-be9e-3c970e761646
Error: (02/04/2014 04:22:41 PM) (Source: Google Update)(User: LINK)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (01/21/2014 07:22:41 AM) (Source: Google Update)(User: LINK)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
==================== Memory info ===========================
Percentage of memory in use: 41%
Total physical RAM: 3941.41 MB
Available physical RAM: 2300.64 MB
Total Pagefile: 4645.41 MB
Available Pagefile: 2859.26 MB
Total Virtual: 8192 MB
Available Virtual: 8191.75 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:418.43 GB) (Free:352.83 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.86 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 4B804535)
Partition: GPT Partition Type
==================== End Of Log ============================
Zusätzliche Informationen:
1.Ich benutze Windows 8.
2.Ich habe dieses Tutorial vollständig durchgemacht: Sweet Page entfernen - Kostenlos den Virus löschen | Browserdoktor
3.Mir ist aufgefallen, daß bei der Weiterleitung noch ein Plagegeist auftritt - sweetpage leitet über myv9.com an Yahoo (yhs4.com) weiter. |
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
