PascalStay | 21.02.2014 20:48 | FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-02-2014
Ran by Master (administrator) on MASTER-PC on 21-02-2014 20:31:32
Running from C:\Users\Master\Desktop
Microsoft Windows 7 Enterprise Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Lenovo.) C:\Windows\system32\ibmpmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Andrea Electronics Corporation) C:\Windows\system32\AEADISRV.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Guard-ICQ\GuardICQ.exe
(Parallel Lines Development, LLC) C:\ProgramData\InternetUpdater\InternetUpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Conduit) C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe
(Conduit) C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe
(Conduit) C:\Program Files\SearchProtect\UI\bin\cltmngui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Guard-ICQ\GuardICQ.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(WatchDog) C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
(WatchDog) C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe
(WatchDog) C:\ProgramData\RHelpers\IEHelper\IeHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(PLX Technology) C:\Program Files\Iomega\Iomega Encryption\Iomega Encryption.exe
() C:\Program Files\Re-markit\Re-markit154.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Updater) C:\ProgramData\Updater\updater.exe
(UpdaterResponse) C:\Users\Master\AppData\Local\Temp\setup{1E13DB40-2C9F-4E4B-94F4-1F2DDDA53D2B}.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [820520 2007-08-13] (Synaptics, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [Guard.Mail.ru.gui] - C:\Program Files\Guard-ICQ\GuardICQ.exe [1564368 2013-07-30] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Run: [Updater] - C:\ProgramData\Updater\Updater.exe [486264 2013-12-18] (Updater)
HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe [775872 2014-02-21] ()
HKU\S-1-5-21-3409505319-2622086414-2579902266-1000\...\Run: [ICQ] - C:\Program Files\ICQ7M\ICQ.exe [127040 2013-07-30] (ICQ, LLC.)
HKU\S-1-5-21-3409505319-2622086414-2579902266-1000\...\Run: [Updater] - C:\ProgramData\Updater\updater.exe [486264 2013-12-18] (Updater)
HKU\S-1-5-21-3409505319-2622086414-2579902266-1000\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20728480 2014-01-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3409505319-2622086414-2579902266-1000\...\Run: [NextLive] - C:\Windows\system32\rundll32.exe "C:\Users\Master\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-3409505319-2622086414-2579902266-1000\...\MountPoints2: {0b3266be-9792-11e2-affc-0015588619da} - E:\autorun.exe
AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1047328 2014-02-06] (Conduit)
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1393008646&from=tugs&uid=HITACHIXHTS541660J9SA00_SB2B41SLC4D7EEC4D7EEX
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFA7019170F23CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393008646&from=tugs&uid=HITACHIXHTS541660J9SA00_SB2B41SLC4D7EEC4D7EEX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393008646&from=tugs&uid=HITACHIXHTS541660J9SA00_SB2B41SLC4D7EEC4D7EEX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393008646&from=tugs&uid=HITACHIXHTS541660J9SA00_SB2B41SLC4D7EEC4D7EEX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1393008646&from=tugs&uid=HITACHIXHTS541660J9SA00_SB2B41SLC4D7EEC4D7EEX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1393008646&from=tugs&uid=HITACHIXHTS541660J9SA00_SB2B41SLC4D7EEC4D7EEX&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1393008646&from=tugs&uid=HITACHIXHTS541660J9SA00_SB2B41SLC4D7EEC4D7EEX
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393008646&from=tugs&uid=HITACHIXHTS541660J9SA00_SB2B41SLC4D7EEC4D7EEX&q={searchTerms}
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393008646&from=tugs&uid=HITACHIXHTS541660J9SA00_SB2B41SLC4D7EEC4D7EEX&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393008646&from=tugs&uid=HITACHIXHTS541660J9SA00_SB2B41SLC4D7EEC4D7EEX&q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPD181577E-7FE9-46B2-B1D1-42652531BCDF&q={searchTerms}&SSPV=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393008646&from=tugs&uid=HITACHIXHTS541660J9SA00_SB2B41SLC4D7EEC4D7EEX&q={searchTerms}
BHO: HQ-Video-Profession-1.3 - {11111111-1111-1111-1111-110511151178} - C:\Program Files\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-bho.dll (HQ-Video)
BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO: Websteroids - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\ProgramData\Websteroids\IE\common.dll (Creative Island Media, LLC)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\xh0t5s1i.default
FF user.js: detected! => C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\xh0t5s1i.default\user.js
FF NewTab: hxxp://www.awesomehp.com/newtab/?type=nt&ts=1393008646&from=tugs&uid=HITACHIXHTS541660J9SA00_SB2B41SLC4D7EEC4D7EEX
FF SelectedSearchEngine: Conduit Search
FF Homepage: hxxp://www.awesomehp.com/?type=hp&ts=1393008646&from=tugs&uid=HITACHIXHTS541660J9SA00_SB2B41SLC4D7EEC4D7EEX
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\xh0t5s1i.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\awesomehp.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HQ-Video-Profession-1.3 - C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\xh0t5s1i.default\Extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com [2014-02-21]
FF Extension: Quick Start - C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\xh0t5s1i.default\Extensions\quick_start@gmail.com [2014-02-21]
FF Extension: Websteroids - C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\xh0t5s1i.default\Extensions\support@websteroidsapp.com [2014-02-17]
FF Extension: WOT - C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\xh0t5s1i.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-28]
FF Extension: Adblock Plus - C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\xh0t5s1i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-30]
FF HKLM\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\xh0t5s1i.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\xh0t5s1i.default\extensions\quick_start@gmail.com [2014-02-21]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.awesomehp.com/?type=sc&ts=1393008646&from=tugs&uid=HITACHIXHTS541660J9SA00_SB2B41SLC4D7EEC4D7EEX
========================== Services (Whitelisted) =================
R2 CltMngSvc; C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe [2360608 2014-02-06] (Conduit)
R2 Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [1564368 2013-07-30] ()
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [508016 2014-02-20] (Cherished Technololgy LIMITED)
R2 InternetUpdater; C:\ProgramData\InternetUpdater\InternetUpdaterService.exe [45568 2014-01-15] (Parallel Lines Development, LLC)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 Re-markit; C:\Program Files\Re-markit\Re-markit154.exe [181248 2014-02-21] ()
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [493568 2014-02-21] (Cherished Technololgy LIMITED)
==================== Drivers (Whitelisted) ====================
R3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [232312 2012-10-30] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R3 OXSDIDRV_x32; C:\Windows\System32\DRIVERS\OXSDIDRV_x32.sys [52656 2009-09-28] ()
R3 OXUDIDRV; C:\Windows\system32\Drivers\OXUDIDRV_X32.sys [24880 2010-05-25] ()
S3 cmnsusbser; system32\DRIVERS\cmnsusbser.sys [X]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-21 20:31 - 2014-02-21 20:32 - 00014523 _____ () C:\Users\Master\Desktop\FRST.txt
2014-02-21 20:30 - 2014-02-21 20:31 - 00000000 ____D () C:\FRST
2014-02-21 20:29 - 2014-02-21 20:30 - 01142784 _____ (Farbar) C:\Users\Master\Desktop\FRST.exe
2014-02-21 19:55 - 2014-02-21 19:56 - 00000000 ____D () C:\ProgramData\WPM
2014-02-21 19:55 - 2014-02-21 19:56 - 00000000 ____D () C:\ProgramData\IePluginService
2014-02-21 19:55 - 2014-02-21 19:55 - 00000000 ____D () C:\Users\Master\AppData\Roaming\SupTab
2014-02-21 19:55 - 2014-02-21 19:55 - 00000000 ____D () C:\Program Files\SupTab
2014-02-21 19:54 - 2014-02-21 19:59 - 00000000 ____D () C:\Users\Master\AppData\Local\cache
2014-02-21 19:54 - 2014-02-21 19:55 - 00001570 _____ () C:\Windows\Tasks\HQ-Video-Profession-1.3-updater.job
2014-02-21 19:54 - 2014-02-21 19:55 - 00000000 ____D () C:\Users\Master\AppData\Roaming\newnext.me
2014-02-21 19:54 - 2014-02-21 19:55 - 00000000 ____D () C:\Users\Master\AppData\Local\Mobogenie
2014-02-21 19:54 - 2014-02-21 19:54 - 00000360 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-02-21 19:54 - 2014-02-21 19:54 - 00000000 ____D () C:\Users\Master\Documents\Mobogenie
2014-02-21 19:54 - 2014-02-21 19:54 - 00000000 ____D () C:\Users\Master\AppData\Local\SwvUpdater
2014-02-21 19:54 - 2014-02-21 19:54 - 00000000 ____D () C:\Users\Master\AppData\Local\genienext
2014-02-21 19:54 - 2014-02-21 19:54 - 00000000 ____D () C:\Users\Master\.android
2014-02-21 19:54 - 2014-02-21 19:54 - 00000000 _____ () C:\Users\Master\daemonprocess.txt
2014-02-21 19:53 - 2014-02-21 19:54 - 00001424 _____ () C:\Windows\Tasks\HQ-Video-Profession-1.3-enabler.job
2014-02-21 19:53 - 2014-02-21 19:53 - 00000000 ____D () C:\Users\Master\AppData\Roaming\VOPackage
2014-02-21 19:53 - 2014-02-21 19:53 - 00000000 ____D () C:\Users\Master\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2014-02-21 19:52 - 2014-02-21 19:53 - 00000000 ____D () C:\Users\Master\AppData\Roaming\awesomehp
2014-02-21 19:52 - 2014-02-21 19:52 - 00001526 _____ () C:\Windows\Tasks\HQ-Video-Profession-1.3-codedownloader.job
2014-02-21 19:51 - 2014-02-21 19:57 - 00000000 ____D () C:\Program Files\Mobogenie
2014-02-21 19:50 - 2014-02-21 19:50 - 00003130 _____ () C:\Windows\Tasks\HQ-Video-Profession-1.3-chromeinstaller.job
2014-02-21 19:50 - 2014-02-21 19:50 - 00002640 _____ () C:\Windows\Tasks\HQ-Video-Profession-1.3-firefoxinstaller.job
2014-02-21 19:49 - 2014-02-21 19:55 - 00000000 ____D () C:\Program Files\HQ-Video-Profession-1.3
2014-02-21 19:49 - 2014-02-21 19:49 - 00000362 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-02-21 19:48 - 2014-02-21 19:49 - 00000000 ____D () C:\Program Files\Re-markit
2014-02-21 19:48 - 2014-02-21 19:48 - 00000348 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-02-21 19:45 - 2014-02-21 19:45 - 00374264 _____ () C:\Users\Master\Downloads\Java.exe
2014-02-16 14:48 - 2014-02-16 14:48 - 00000000 ____D () C:\ProgramData\InternetUpdater
2014-02-16 14:44 - 2014-02-16 14:44 - 00000000 ____D () C:\Windows\system32\SearchProtect
2014-02-16 14:41 - 2014-02-16 14:41 - 00000000 ____D () C:\Users\Master\AppData\Local\Skype
2014-02-16 14:40 - 2014-02-16 14:40 - 00002687 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-16 14:40 - 2014-02-16 14:40 - 00000000 ___RD () C:\Program Files\Skype
2014-02-16 14:40 - 2014-02-16 14:40 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-16 14:39 - 2014-02-16 14:39 - 00000000 ____D () C:\Users\Master\Documents\Optimizer Pro
2014-02-16 14:38 - 2014-02-16 14:45 - 00000000 ____D () C:\Program Files\SearchProtect
2014-02-16 14:38 - 2014-02-16 14:45 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-02-16 14:38 - 2014-02-16 14:39 - 00000000 ____D () C:\Users\Master\AppData\Local\SearchProtect
2014-02-16 14:37 - 2014-02-16 14:38 - 00000000 ____D () C:\ProgramData\Updater
2014-02-16 14:37 - 2014-02-16 14:38 - 00000000 ____D () C:\ProgramData\RHelpers
2014-02-16 14:37 - 2014-02-16 14:37 - 00000000 ____D () C:\Users\Master\Downloads\Skype_TSV1434B0
2014-02-16 14:37 - 2014-02-16 14:37 - 00000000 ____D () C:\ProgramData\Websteroids
2014-02-16 14:35 - 2014-02-16 14:36 - 00657912 _____ (Conduit) C:\Users\Master\Downloads\Skype_TSV1434B0.exe
2014-02-15 19:56 - 2014-02-15 19:56 - 00033544 _____ () C:\Users\Master\.recently-used.xbel
2014-02-14 23:19 - 2014-02-16 13:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-14 22:25 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 22:25 - 2014-02-06 11:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 22:25 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-14 22:25 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-14 22:25 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 22:25 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-14 22:25 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 22:25 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 22:25 - 2014-02-06 10:47 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-14 22:25 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-14 22:25 - 2014-02-06 10:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-14 22:25 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-14 22:25 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 22:25 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-14 22:24 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 22:24 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 22:24 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 22:24 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 22:24 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 22:24 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 22:24 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 22:18 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 06:15 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 06:15 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 06:15 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 06:15 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 06:15 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 06:15 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 06:15 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 06:15 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 06:15 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 06:15 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 06:15 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 06:15 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 06:15 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 06:15 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
==================== One Month Modified Files and Folders =======
2014-02-21 20:32 - 2014-02-21 20:31 - 00014523 _____ () C:\Users\Master\Desktop\FRST.txt
2014-02-21 20:31 - 2014-02-21 20:30 - 00000000 ____D () C:\FRST
2014-02-21 20:30 - 2014-02-21 20:29 - 01142784 _____ (Farbar) C:\Users\Master\Desktop\FRST.exe
2014-02-21 20:29 - 2009-07-14 05:34 - 00022208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-21 20:29 - 2009-07-14 05:34 - 00022208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-21 20:10 - 2013-03-17 14:05 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-21 20:10 - 2013-03-17 14:05 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-21 20:10 - 2013-03-17 14:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-21 19:59 - 2014-02-21 19:54 - 00000000 ____D () C:\Users\Master\AppData\Local\cache
2014-02-21 19:57 - 2014-02-21 19:51 - 00000000 ____D () C:\Program Files\Mobogenie
2014-02-21 19:56 - 2014-02-21 19:55 - 00000000 ____D () C:\ProgramData\WPM
2014-02-21 19:56 - 2014-02-21 19:55 - 00000000 ____D () C:\ProgramData\IePluginService
2014-02-21 19:55 - 2014-02-21 19:55 - 00000000 ____D () C:\Users\Master\AppData\Roaming\SupTab
2014-02-21 19:55 - 2014-02-21 19:55 - 00000000 ____D () C:\Program Files\SupTab
2014-02-21 19:55 - 2014-02-21 19:54 - 00001570 _____ () C:\Windows\Tasks\HQ-Video-Profession-1.3-updater.job
2014-02-21 19:55 - 2014-02-21 19:54 - 00000000 ____D () C:\Users\Master\AppData\Roaming\newnext.me
2014-02-21 19:55 - 2014-02-21 19:54 - 00000000 ____D () C:\Users\Master\AppData\Local\Mobogenie
2014-02-21 19:55 - 2014-02-21 19:49 - 00000000 ____D () C:\Program Files\HQ-Video-Profession-1.3
2014-02-21 19:54 - 2014-02-21 19:54 - 00000360 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-02-21 19:54 - 2014-02-21 19:54 - 00000000 ____D () C:\Users\Master\Documents\Mobogenie
2014-02-21 19:54 - 2014-02-21 19:54 - 00000000 ____D () C:\Users\Master\AppData\Local\SwvUpdater
2014-02-21 19:54 - 2014-02-21 19:54 - 00000000 ____D () C:\Users\Master\AppData\Local\genienext
2014-02-21 19:54 - 2014-02-21 19:54 - 00000000 ____D () C:\Users\Master\.android
2014-02-21 19:54 - 2014-02-21 19:54 - 00000000 _____ () C:\Users\Master\daemonprocess.txt
2014-02-21 19:54 - 2014-02-21 19:53 - 00001424 _____ () C:\Windows\Tasks\HQ-Video-Profession-1.3-enabler.job
2014-02-21 19:54 - 2013-03-17 10:46 - 00000000 ____D () C:\Users\Master
2014-02-21 19:53 - 2014-02-21 19:53 - 00000000 ____D () C:\Users\Master\AppData\Roaming\VOPackage
2014-02-21 19:53 - 2014-02-21 19:53 - 00000000 ____D () C:\Users\Master\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2014-02-21 19:53 - 2014-02-21 19:52 - 00000000 ____D () C:\Users\Master\AppData\Roaming\awesomehp
2014-02-21 19:52 - 2014-02-21 19:52 - 00001526 _____ () C:\Windows\Tasks\HQ-Video-Profession-1.3-codedownloader.job
2014-02-21 19:52 - 2013-03-17 14:02 - 00001599 _____ () C:\Users\Master\Desktop\Internet Explorer.lnk
2014-02-21 19:52 - 2013-03-17 14:02 - 00001325 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-21 19:52 - 2013-03-17 10:47 - 00001629 _____ () C:\Users\Master\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-21 19:52 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-21 19:50 - 2014-02-21 19:50 - 00003130 _____ () C:\Windows\Tasks\HQ-Video-Profession-1.3-chromeinstaller.job
2014-02-21 19:50 - 2014-02-21 19:50 - 00002640 _____ () C:\Windows\Tasks\HQ-Video-Profession-1.3-firefoxinstaller.job
2014-02-21 19:49 - 2014-02-21 19:49 - 00000362 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-02-21 19:49 - 2014-02-21 19:48 - 00000000 ____D () C:\Program Files\Re-markit
2014-02-21 19:48 - 2014-02-21 19:48 - 00000348 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-02-21 19:45 - 2014-02-21 19:45 - 00374264 _____ () C:\Users\Master\Downloads\Java.exe
2014-02-21 19:44 - 2013-03-17 10:34 - 01404854 _____ () C:\Windows\WindowsUpdate.log
2014-02-20 23:06 - 2010-11-20 22:01 - 01627884 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-20 08:00 - 2013-12-22 21:41 - 00000000 ____D () C:\Users\Master\AppData\Roaming\Skype
2014-02-18 07:40 - 2013-07-30 16:58 - 00000000 ____D () C:\Users\Master\AppData\Roaming\ICQ
2014-02-18 07:39 - 2013-03-17 22:51 - 00012680 _____ () C:\Windows\setupact.log
2014-02-18 07:39 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-16 14:48 - 2014-02-16 14:48 - 00000000 ____D () C:\ProgramData\InternetUpdater
2014-02-16 14:45 - 2014-02-16 14:38 - 00000000 ____D () C:\Program Files\SearchProtect
2014-02-16 14:45 - 2014-02-16 14:38 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-02-16 14:44 - 2014-02-16 14:44 - 00000000 ____D () C:\Windows\system32\SearchProtect
2014-02-16 14:41 - 2014-02-16 14:41 - 00000000 ____D () C:\Users\Master\AppData\Local\Skype
2014-02-16 14:40 - 2014-02-16 14:40 - 00002687 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-16 14:40 - 2014-02-16 14:40 - 00000000 ___RD () C:\Program Files\Skype
2014-02-16 14:40 - 2014-02-16 14:40 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-16 14:40 - 2013-12-22 21:39 - 00000000 ____D () C:\ProgramData\Skype
2014-02-16 14:39 - 2014-02-16 14:39 - 00000000 ____D () C:\Users\Master\Documents\Optimizer Pro
2014-02-16 14:39 - 2014-02-16 14:38 - 00000000 ____D () C:\Users\Master\AppData\Local\SearchProtect
2014-02-16 14:38 - 2014-02-16 14:37 - 00000000 ____D () C:\ProgramData\Updater
2014-02-16 14:38 - 2014-02-16 14:37 - 00000000 ____D () C:\ProgramData\RHelpers
2014-02-16 14:37 - 2014-02-16 14:37 - 00000000 ____D () C:\Users\Master\Downloads\Skype_TSV1434B0
2014-02-16 14:37 - 2014-02-16 14:37 - 00000000 ____D () C:\ProgramData\Websteroids
2014-02-16 14:36 - 2014-02-16 14:35 - 00657912 _____ (Conduit) C:\Users\Master\Downloads\Skype_TSV1434B0.exe
2014-02-16 13:50 - 2014-02-14 23:19 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-15 19:57 - 2013-09-02 21:49 - 00000000 ____D () C:\Users\Master\.gimp-2.6
2014-02-15 19:56 - 2014-02-15 19:56 - 00033544 _____ () C:\Users\Master\.recently-used.xbel
2014-02-15 15:48 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-02-15 14:17 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-14 22:24 - 2013-08-04 15:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 22:22 - 2013-03-17 15:42 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-14 22:15 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-02-09 13:05 - 2013-09-02 21:52 - 00000000 ____D () C:\Users\Master\AppData\Roaming\gtk-2.0
2014-02-09 10:01 - 2013-07-30 15:26 - 00000000 ____D () C:\Users\Master\Desktop\Patrick
2014-02-06 11:38 - 2014-02-14 22:24 - 17103872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 11:20 - 2014-02-14 22:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 11:19 - 2014-02-14 22:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 11:01 - 2014-02-14 22:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 11:00 - 2014-02-14 22:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-14 22:24 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 10:52 - 2014-02-14 22:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 10:52 - 2014-02-14 22:25 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 10:49 - 2014-02-14 22:25 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 10:47 - 2014-02-14 22:25 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 10:47 - 2014-02-14 22:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 10:46 - 2014-02-14 22:25 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 10:34 - 2014-02-14 22:25 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 10:25 - 2014-02-14 22:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 10:25 - 2014-02-14 22:24 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 10:13 - 2014-02-14 22:25 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:09 - 2014-02-14 22:24 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:03 - 2014-02-14 22:24 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 09:41 - 2014-02-14 22:24 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 09:36 - 2014-02-14 22:24 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:34 - 2014-02-14 22:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-05 20:40 - 2013-03-17 17:07 - 00000000 ____D () C:\Users\Master\AppData\Local\Adobe
2014-02-01 22:25 - 2013-09-02 21:52 - 00000000 ____D () C:\Users\Master\.thumbnails
2014-01-31 20:46 - 2013-07-30 16:35 - 00000000 ____D () C:\Users\Master\Desktop\Desktop alt
Some content of TEMP:
====================
C:\Users\Master\AppData\Local\Temp\AutoRun.exe
C:\Users\Master\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Master\AppData\Local\Temp\BackupSetup.exe
C:\Users\Master\AppData\Local\Temp\eauninstall.exe
C:\Users\Master\AppData\Local\Temp\First15.exe
C:\Users\Master\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Master\AppData\Local\Temp\nsa8059.exe
C:\Users\Master\AppData\Local\Temp\nsd5055.exe
C:\Users\Master\AppData\Local\Temp\nse5F0.exe
C:\Users\Master\AppData\Local\Temp\nsj5CA6.exe
C:\Users\Master\AppData\Local\Temp\nskA70B.exe
C:\Users\Master\AppData\Local\Temp\nsm4195.exe
C:\Users\Master\AppData\Local\Temp\nsoF53.exe
C:\Users\Master\AppData\Local\Temp\nsp948A.exe
C:\Users\Master\AppData\Local\Temp\nsuF771.exe
C:\Users\Master\AppData\Local\Temp\setup{1E13DB40-2C9F-4E4B-94F4-1F2DDDA53D2B}.exe
C:\Users\Master\AppData\Local\Temp\SPSetup.exe
C:\Users\Master\AppData\Local\Temp\SPStub.exe
C:\Users\Master\AppData\Local\Temp\tbentr.dll
C:\Users\Master\AppData\Local\Temp\The Sims 2_uninst.exe
C:\Users\Master\AppData\Local\Temp\Uninstaller.exe
C:\Users\Master\AppData\Local\Temp\UninstallerGer.dll
C:\Users\Master\AppData\Local\Temp\UninstallerIta.dll
C:\Users\Master\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Master\AppData\Local\Temp\VP6Install.exe
C:\Users\Master\AppData\Local\Temp\VP6VFW.dll
C:\Users\Master\AppData\Local\Temp\WtgDriverInstallX.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-09 15:19
==================== End Of Log ============================ --- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-02-2014
Ran by Master at 2014-02-21 20:33:17
Running from C:\Users\Master\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Adobe Flash Player 12 ActiveX (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (Version: 11.0.06 - Adobe Systems Incorporated)
Apple Application Support (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
awesomehp uninstaller (Version: - awesomehp) <==== ATTENTION
Bonjour (Version: 3.0.0.10 - Apple Inc.)
FileParade bundle uninstaller (Version: 1.0.0.0 - FileParade)
GIMP 2.6.10 (Version: 2.6.10 - The GIMP Team)
Guard.ICQ (Version: - Mail.ru)
HQ-Video-Profession-1.3 (Version: 1.34.1.29 - HQ-Video)
ICQ7M (Version: 7.8 - ICQ)
IePluginService12.27.0.3326 (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.1930 - Intel Corporation)
Internet Updater (Version: 2.6.57 - Parallel Lines Development, LLC) <==== ATTENTION
Iomega Encryption (Version: 1.03.0001 - Iomega an EMC Company)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Lenovo Power Management Driver (Version: 1.66.00.22 - )
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Mobogenie (Version: - Mobogenie.com) <==== ATTENTION
Mozilla Firefox 27.0.1 (x86 de) (Version: 27.0.1 - Mozilla)
PDFCreator (Version: 1.6.2 - pdfforge)
PowerDVD (Version: - )
Re-markit (Version: - Re-markit Software) <==== ATTENTION
RemoteComms External Disk Access (Version: 1.25.0003 - PLX Technology)
Robin Hood - Die Legende von Sherwood (Version: - Wanadoo Edition)
Search Protect (Version: 2.10.20.64 - Conduit) <==== ATTENTION
Skype™ 6.13 (Version: 6.13.104 - Skype Technologies S.A.)
Software Version Updater (Version: 1.1.3.8 - ) <==== ATTENTION
SupTab (Version: 1.1.1.0 - ) <==== ATTENTION
ThinkPad Modem (Version: 7.62.00 - )
ThinkPad UltraNav Driver (Version: 9.1.3.5 - )
Update for 2007 Microsoft Office System (KB967642) (Version: - Microsoft)
Update for Microsoft .NET Framework 4.5 (KB2750147) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805221) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805226) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (Version: - Microsoft)
Updater (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION
VO Package (Version: 1.0.0.0 - )
Websteroids (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION
WPM17.8.0.3325 (Version: 17.8.0.3325 - Cherished Technololgy LIMITED) <==== ATTENTION
==================== Restore Points =========================
16-02-2014 18:00:15 Windows-Sicherung
19-02-2014 05:11:51 Windows Update
21-02-2014 18:50:21 Uniblue SpeedUpMyPC installation
==================== Hosts content: ==========================
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {409AF720-CE4E-49C1-AD5E-F9971A3A53AE} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {74B325B7-D131-4467-8FC9-DAFF8F4B847A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {80C43ABD-CEFB-488C-B031-3A3EDCD41538} - System32\Tasks\HQ-Video-Profession-1.3-firefoxinstaller => C:\Program Files\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-firefoxinstaller.exe [2014-02-21] (HQ-Video)
Task: {843B28E2-3139-4231-84E9-F09B99496247} - System32\Tasks\{AFBE0919-AAFD-4515-88A2-32DB5ACA81B7} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.179&LastError=404
Task: {8570AE93-5F4C-4015-BC47-231B018742AB} - System32\Tasks\AmiUpdXp => C:\Users\Master\AppData\Local\SwvUpdater\Updater.exe [2014-02-21] () <==== ATTENTION
Task: {88BB6CA0-D9A9-4224-A2B0-EFE2B5F84D12} - System32\Tasks\HQ-Video-Profession-1.3-updater => C:\Program Files\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-updater.exe [2014-02-21] (HQ-Video)
Task: {95A1F279-1BC0-4162-9BCC-94B38010906E} - System32\Tasks\HQ-Video-Profession-1.3-enabler => C:\Program Files\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-enabler.exe [2014-02-21] (HQ-Video)
Task: {A8CB27E1-0188-4C23-9BB5-2D3A52C31E39} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {AFE6E80F-0141-4508-B9F3-349F987C4AA4} - System32\Tasks\HQ-Video-Profession-1.3-chromeinstaller => C:\Program Files\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-chromeinstaller.exe [2014-02-21] (HQ-Video)
Task: {BAFD03E5-15D2-4A8E-B6D4-AC8E429B3708} - System32\Tasks\Adobe online update program => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {BD9470EF-5AED-4F0D-BE10-4A38B5601FE3} - System32\Tasks\Re-markit_wd => C:\Program Files\Re-markit\Re-markit_wd.exe [2014-02-21] () <==== ATTENTION
Task: {E2E34B77-E6FA-43DB-A866-C0F2A2CC1900} - System32\Tasks\HQ-Video-Profession-1.3-codedownloader => C:\Program Files\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-codedownloader.exe [2014-02-21] (HQ-Video)
Task: {E67D1D6E-624B-4B6E-9632-24F3792DE226} - System32\Tasks\Re-markit Update => C:\Program Files\Re-markit\ReMarkit_up.exe [2014-02-21] () <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Master\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-chromeinstaller.job => C:\Program Files\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-chromeinstaller.exe
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-codedownloader.job => C:\Program Files\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-codedownloader.exe
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-enabler.job => C:\Program Files\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-enabler.exe
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-firefoxinstaller.job => C:\Program Files\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-firefoxinstaller.exe
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-updater.job => C:\Program Files\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-updater.exe
Task: C:\Windows\Tasks\Re-markit Update.job => C:\Program Files\Re-markit\ReMarkit_up.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit_wd.job => C:\Program Files\Re-markit\Re-markit_wd.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-30 16:58 - 2013-07-30 16:58 - 01564368 _____ () C:\Program Files\Guard-ICQ\GuardICQ.exe
2011-02-04 11:24 - 2011-02-04 11:24 - 00236032 _____ () C:\Program Files\Iomega\Iomega Encryption\PlxTech.Das.DotNetApi.dll
2011-02-04 11:23 - 2011-02-04 11:23 - 00233472 _____ () C:\Program Files\Iomega\Iomega Encryption\DeviceManagement.dll
2011-02-04 11:23 - 2011-02-04 11:23 - 00159744 _____ () C:\Program Files\Iomega\Iomega Encryption\DeviceAccess.dll
2011-02-04 11:22 - 2011-02-04 11:22 - 00032256 _____ () C:\Program Files\Iomega\Iomega Encryption\Utils_ISIS.dll
2011-02-04 11:23 - 2011-02-04 11:23 - 00179200 _____ () C:\Program Files\Iomega\Iomega Encryption\Flash.dll
2011-02-04 11:22 - 2011-02-04 11:22 - 00054784 _____ () C:\Program Files\Iomega\Iomega Encryption\XML.dll
2014-02-21 19:48 - 2014-02-21 19:48 - 00181248 _____ () C:\Program Files\Re-markit\Re-markit154.exe
2014-02-14 23:20 - 2014-02-14 23:20 - 03578992 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-03-17 22:02 - 2003-05-19 21:16 - 00120320 _____ () C:\Program Files\WinRar\rarext.dll
2014-02-21 20:10 - 2014-02-21 20:10 - 16265096 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: MpKsl05c6fe1f
Description: MpKsl05c6fe1f
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsl05c6fe1f
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/21/2014 07:26:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40991540
Error: (02/21/2014 07:26:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40991540
Error: (02/21/2014 07:26:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/21/2014 08:03:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16317
Error: (02/21/2014 08:03:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16317
Error: (02/21/2014 08:03:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/21/2014 08:03:22 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15179
Error: (02/21/2014 08:03:22 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15179
Error: (02/21/2014 08:03:22 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/21/2014 08:03:21 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14071
System errors:
=============
Error: (02/21/2014 07:57:44 PM) (Source: Service Control Manager) (User: )
Description: Dienst "MgAssist Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/21/2014 07:54:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "MgAssist Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (02/17/2014 07:45:50 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.165.4181.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.4.0304.00
Quellpfad: 4.4.0304.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (02/17/2014 07:45:49 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.165.4181.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.4.0304.00
Quellpfad: 4.4.0304.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (02/17/2014 07:35:25 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst InternetUpdater erreicht.
Error: (02/17/2014 07:34:32 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst InternetUpdater erreicht.
Error: (02/05/2014 06:00:39 AM) (Source: DCOM) (User: )
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}
Error: (01/19/2014 11:19:55 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Microsoft Security Essentials – KB2310138 (Definition 1.165.2229.0)
Error: (01/19/2014 11:19:03 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.165.2152.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.4.0304.00
Quellpfad: 4.4.0304.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (01/19/2014 11:05:38 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.165.2152.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.4.0304.00
Quellpfad: 4.4.0304.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Microsoft Office Sessions:
=========================
Error: (03/17/2013 05:08:33 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6611.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 90%
Total physical RAM: 1526.43 MB
Available physical RAM: 150.45 MB
Total Pagefile: 3052.86 MB
Available Pagefile: 1283.09 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.88 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:55.79 GB) (Free:29.22 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 56 GB) (Disk ID: E6325171)
Partition: GPT Partition Type.
==================== End Of Log ============================ Erweiterung zum Eingangspost:
Ich kann mich mittlerweile auch auf einigen meiner regestierten Seiten nicht mehr anmelden und auf anderen Seiten werde ich nach 2-3 Aktualisierungen aus der Sitzung geworfen. |