Hi
Thanks for the reply.
ooopss, it might be a good idea to also change the links post 51 to also make them non-clickable http://www.geekstogo...n-or-two/page-4
The aswMBR scan was a quick scan, was that what you needed?
Here are the reports;
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Siggi (administrator) on A-PROBLEM on 28-03-2015 15:26:38
Running from C:\Users\Siggi\Desktop\geeks to go 2\FRST 28.03
Loaded Profiles: Siggi (Available profiles: Siggi)
Platform: Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86) OS Language: German (Germany)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(NETGEAR Inc.) C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
() C:\Program Files\FileHippo.com\FileHippo.AppManager.exe
(Ruiware LLC) C:\Program Files\WinPatrol\WinPatrol\WinPatrol.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
() C:\Users\Siggi\Desktop\FRST 28.03\FRST.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-18] (Avast Software s.r.o.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2689138593-1012205953-2850960868-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2689138593-1012205953-2850960868-1000\...\Run: [NETGEARGenie] => C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2014-11-06] (NETGEAR Inc.)
HKU\S-1-5-21-2689138593-1012205953-2850960868-1000\...\Run: [FileHippo.com] => C:\Program Files\FileHippo.com\FileHippo.AppManager.exe [2926800 2015-01-27] ()
HKU\S-1-5-21-2689138593-1012205953-2850960868-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-2689138593-1012205953-2850960868-1000\...\Run: [WinPatrol] => C:\Program Files\WinPatrol\WinPatrol\winpatrol.exe [1160536 2015-02-23] (Ruiware LLC)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (Avast Software s.r.o.)
BootExecute: autocheck autochk /p \??\G:autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2689138593-1012205953-2850960868-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-2689138593-1012205953-2850960868-1000] => localhost:8080
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-2689138593-1012205953-2850960868-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-2689138593-1012205953-2850960868-1000 -> DefaultScope {2EEBF53F-DE57-4693-9176-5932F3208BBC} URL = https://de.search.ya...p={searchTerms}
SearchScopes: HKU\S-1-5-21-2689138593-1012205953-2850960868-1000 -> {2EEBF53F-DE57-4693-9176-5932F3208BBC} URL = https://de.search.ya...p={searchTerms}
SearchScopes: HKU\S-1-5-21-2689138593-1012205953-2850960868-1000 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://de.search.yah...}&fr=chr-comodo
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-05] (Avast Software s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{BF99C9F5-B28A-4BB4-9500-B9F69C08AB23}: [NameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Siggi\AppData\Roaming\Mozilla\Firefox\Profiles\b9wt8fzb.default-1424953480022
FF SelectedSearchEngine: Yahoo!
FF Homepage: https://duckduckgo.com/
FF Keyword.URL: https://de.search.ya...&type=523482&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: NetVideoHunter - C:\Users\Siggi\AppData\Roaming\Mozilla\Firefox\Profiles\b9wt8fzb.default-1424953480022\Extensions\[email protected] [2015-03-16]
FF Extension: FoxClocks - C:\Users\Siggi\AppData\Roaming\Mozilla\Firefox\Profiles\b9wt8fzb.default-1424953480022\Extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1} [2015-02-26]
FF Extension: Ghostery - C:\Users\Siggi\AppData\Roaming\Mozilla\Firefox\Profiles\b9wt8fzb.default-1424953480022\Extensions\[email protected] [2015-02-26]
FF Extension: Self-Destructing Cookies - C:\Users\Siggi\AppData\Roaming\Mozilla\Firefox\Profiles\b9wt8fzb.default-1424953480022\Extensions\[email protected] [2015-02-26]
FF Extension: Status-4-Evar - C:\Users\Siggi\AppData\Roaming\Mozilla\Firefox\Profiles\b9wt8fzb.default-1424953480022\Extensions\[email protected] [2015-02-26]
FF Extension: Adblock Plus - C:\Users\Siggi\AppData\Roaming\Mozilla\Firefox\Profiles\b9wt8fzb.default-1424953480022\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-26]
FF Extension: BetterPrivacy - C:\Users\Siggi\AppData\Roaming\Mozilla\Firefox\Profiles\b9wt8fzb.default-1424953480022\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-02-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-05-01]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-05]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-05]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-05] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3205216 2015-03-05] (Avast Software)
S2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195840 2014-11-06] (NETGEAR)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S2 OAcat; "C:\Program Files\Online Armor\OAcat.exe" [X]
S3 SvcOnlineArmor; C:\Program Files\Online Armor\oasrv.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-03-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [73440 2015-03-05] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-03-05] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-03-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788272 2015-03-05] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427480 2015-03-05] (Avast Software s.r.o.)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-03-05] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206976 2015-03-05] ()
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41584 2013-04-11] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-07-15] (GFI Software)
S3 pneteth; C:\Windows\System32\DRIVERS\pneteth.sys [13440 2011-11-25] (June Fabrics Technology Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220240 2015-03-05] (Avast Software)
S3 w200bus; C:\Windows\System32\DRIVERS\w200bus.sys [61504 2006-11-07] (MCCI)
S3 w200mdfl; C:\Windows\System32\DRIVERS\w200mdfl.sys [9328 2006-11-07] (MCCI)
S3 w200mdm; C:\Windows\System32\DRIVERS\w200mdm.sys [97056 2006-11-07] (MCCI)
S3 w200mgmt; C:\Windows\System32\DRIVERS\w200mgmt.sys [88560 2006-11-07] (MCCI)
S3 w200obex; C:\Windows\System32\DRIVERS\w200obex.sys [86368 2006-11-07] (MCCI)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 OADevice; \??\C:\Windows\system32\drivers\OADriver.sys [X]
S1 oahlpXX; \??\C:\Windows\system32\drivers\oahlp32.sys [X]
S1 OAmon; \??\C:\Windows\system32\drivers\OAmon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-28 15:24 - 2015-03-28 15:24 - 00000000 ____D () C:\Users\Siggi\Desktop\geeks to go 2
2015-03-28 10:52 - 2015-03-28 10:52 - 00000000 ____D () C:\Users\Siggi\AppData\Local\Apps\2.0
2015-03-27 20:09 - 2015-03-27 20:09 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-27 17:37 - 2015-03-27 17:37 - 00000218 _____ () C:\Users\Siggi\.recently-used.xbel
2015-03-27 14:10 - 2015-03-27 14:14 - 00000000 ____D () C:\Users\Siggi\AppData\Roaming\gtk-2.0
2015-03-27 12:51 - 2015-03-27 17:37 - 00000000 ____D () C:\Users\Siggi\AppData\Roaming\gsmartcontrol
2015-03-26 17:27 - 2015-03-26 17:27 - 00000000 ____D () C:\Users\Siggi\Desktop\GSartcontrol
2015-03-25 03:41 - 2015-03-28 15:26 - 00000000 ____D () C:\FRST
2015-03-19 10:28 - 2015-03-19 10:31 - 00000000 ____D () C:\Users\Siggi\Desktop\MTK-TWRP
2015-03-18 13:31 - 2015-03-28 15:23 - 00000000 ____D () C:\Users\Siggi\Desktop\CWM Magic
2015-03-17 14:34 - 2015-03-28 10:30 - 00000000 ____D () C:\Users\Siggi\Desktop\flash stuff
2015-03-17 14:28 - 2015-03-18 14:09 - 00000000 ____D () C:\Users\Siggi\Desktop\ehel
2015-03-17 08:10 - 2011-11-25 00:26 - 00013440 _____ (June Fabrics Technology Inc.) C:\Windows\system32\Drivers\pneteth.sys
2015-03-14 06:00 - 2015-03-14 06:00 - 00000000 ____D () C:\Program Files\ESET
2015-03-11 02:35 - 2015-01-29 02:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 02:33 - 2015-01-29 02:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 02:32 - 2015-02-26 01:18 - 02064384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 02:22 - 2015-02-20 03:03 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 02:22 - 2015-02-20 01:28 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 02:21 - 2015-02-26 03:01 - 03604408 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-11 02:21 - 2015-02-26 03:01 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 02:21 - 2015-01-09 03:04 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 02:21 - 2015-01-09 01:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 02:20 - 2015-01-21 03:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 02:19 - 2015-03-06 05:01 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 02:19 - 2014-10-13 02:12 - 02264064 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-11 02:18 - 2015-02-18 03:02 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 02:13 - 2015-02-21 18:37 - 12375040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 02:13 - 2015-02-21 18:34 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-11 02:13 - 2015-02-21 18:29 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 02:13 - 2015-02-21 18:28 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 02:13 - 2015-02-21 18:22 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 02:13 - 2015-02-21 18:21 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 02:13 - 2015-02-21 18:21 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 02:13 - 2015-02-21 18:20 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-03-11 02:13 - 2015-02-21 18:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 02:13 - 2015-02-21 18:19 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 02:13 - 2015-02-21 18:19 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-11 02:13 - 2015-02-21 18:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 02:13 - 2015-02-21 18:19 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 02:13 - 2015-02-21 18:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 02:13 - 2015-02-21 18:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 02:13 - 2015-02-21 18:18 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 02:13 - 2015-02-21 18:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 02:13 - 2015-02-21 18:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 02:13 - 2015-02-21 18:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-03-11 02:13 - 2015-02-21 18:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-03-11 02:13 - 2015-02-21 18:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-03-11 02:13 - 2015-02-21 18:17 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-08 19:00 - 2015-03-08 19:03 - 00000000 ____D () C:\AdwCleaner
2015-03-08 09:55 - 2015-03-08 09:55 - 00000165 ____H () C:\Users\Siggi\Desktop\~$Checklist Test.xlsx
2015-03-08 05:33 - 2015-03-08 05:59 - 00000000 ____D () C:\Users\Siggi\AppData\Roaming\WinPatrol
2015-03-08 05:33 - 2015-03-08 05:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2015-03-08 05:33 - 2015-03-08 05:33 - 00000000 ____D () C:\Program Files\WinPatrol
2015-03-08 05:29 - 2015-03-22 10:58 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-08 05:29 - 2015-03-21 05:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-08 05:29 - 2015-03-21 05:24 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-03-08 05:29 - 2015-03-17 06:15 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-08 05:29 - 2015-03-17 06:15 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-08 05:29 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-08 04:54 - 2015-03-08 04:54 - 00001804 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-03-08 04:53 - 2015-03-08 04:53 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-03-08 04:53 - 2015-03-08 04:53 - 00000000 ____D () C:\Program Files\Adobe
2015-03-08 04:45 - 2015-03-08 04:45 - 00001839 _____ () C:\Users\Siggi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk
2015-03-08 04:45 - 2015-03-08 04:45 - 00000000 ____D () C:\Program Files\FileHippo.com
2015-03-05 03:54 - 2015-03-05 03:55 - 00000000 ____D () C:\Windows\system32\vbox
2015-03-05 03:54 - 2015-03-05 03:54 - 00000000 ____D () C:\Users\Siggi\AppData\Roaming\AVAST Software
2015-03-05 03:54 - 2015-03-05 03:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-05 03:53 - 2015-03-05 03:53 - 00788272 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-03-05 03:53 - 2015-03-05 03:53 - 00427480 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-03-05 03:53 - 2015-03-05 03:53 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-03-05 03:53 - 2015-03-05 03:53 - 00206976 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-03-05 03:53 - 2015-03-05 03:53 - 00073440 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-03-05 03:53 - 2015-03-05 03:53 - 00057888 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswTdi.sys
2015-03-05 03:53 - 2015-03-05 03:53 - 00055200 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr.sys
2015-03-05 03:53 - 2015-03-05 03:53 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-03-05 03:53 - 2015-03-05 03:53 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-03-05 03:53 - 2015-03-05 03:53 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-03-05 03:49 - 2015-03-05 03:49 - 00000000 ____D () C:\Program Files\AVAST Software
2015-03-05 03:47 - 2015-03-05 03:48 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-03-03 05:25 - 2015-03-03 05:25 - 00001977 _____ () C:\DelFix.txt
2015-02-28 05:46 - 2015-02-28 05:46 - 00000000 ____D () C:\Users\Siggi\AppData\Local\SkinSoft
2015-02-28 05:45 - 2015-03-22 13:17 - 00000000 ____D () C:\Users\Siggi\AppData\Roaming\Search Protection
2015-02-28 03:05 - 2014-11-26 03:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-28 03:01 - 2015-01-15 05:13 - 00440760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-28 03:01 - 2014-12-08 02:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-26 13:31 - 2015-03-12 13:19 - 00000000 ____D () C:\Users\Siggi\Desktop\dwnldr
2015-02-26 13:24 - 2015-02-26 14:00 - 00000000 ____D () C:\Users\Siggi\Desktop\Old Firefox Data
2015-02-26 04:44 - 2015-03-04 17:57 - 00000000 ____D () C:\Users\Siggi\dwhelper
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-28 15:26 - 2015-01-24 07:15 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-28 15:20 - 2013-04-13 11:11 - 00000000 ____D () C:\Users\Siggi\AppData\Roaming\vlc
2015-03-28 13:41 - 2006-11-02 13:46 - 00004000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-28 13:41 - 2006-11-02 13:46 - 00004000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-28 11:47 - 2014-06-01 13:29 - 01440270 ____N () C:\Windows\WindowsUpdate.log
2015-03-28 11:46 - 2012-05-01 17:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-28 11:41 - 2006-11-02 14:00 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-28 11:38 - 2006-11-02 14:00 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-28 11:36 - 2012-05-01 16:39 - 00000000 ____D () C:\Users\Siggi\AppData\Roaming\Macromedia
2015-03-28 10:32 - 2015-02-02 11:56 - 00000000 ____D () C:\Users\Siggi\Desktop\Zopo
2015-03-27 17:37 - 2012-05-01 09:07 - 00000000 ____D () C:\Users\Siggi
2015-03-27 08:57 - 2014-07-30 05:51 - 00000000 ____D () C:\Users\Siggi\AppData\Roaming\Browser Extensions
2015-03-26 10:12 - 2014-12-18 14:22 - 00051043 _____ () C:\Users\Siggi\Desktop\lortoy sturrf.xlsx
2015-03-25 19:27 - 2012-11-11 14:38 - 00000000 ____D () C:\Users\Siggi\Desktop\sigggis bits 2
2015-03-25 19:09 - 2013-06-02 02:49 - 00000000 ____D () C:\Users\Siggi\AppData\Local\CrashDumps
2015-03-23 05:21 - 2008-01-21 09:24 - 01567488 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-22 11:25 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system
2015-03-21 09:59 - 2012-05-26 16:43 - 00000000 ____D () C:\Windows\Minidump
2015-03-14 04:38 - 2015-01-24 07:15 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-03-14 04:38 - 2015-01-24 07:15 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-03-14 04:32 - 2012-05-01 18:10 - 00000000 ____D () C:\Users\Siggi\AppData\Local\Thunderbird
2015-03-14 04:32 - 2012-05-01 18:09 - 00001808 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-03-14 04:31 - 2014-06-18 15:30 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2015-03-11 18:48 - 2006-11-02 11:24 - 119837704 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-03-11 02:40 - 2006-11-02 13:46 - 00397080 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 02:34 - 2012-05-02 03:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 02:32 - 2013-08-14 15:34 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-08 05:59 - 2015-01-14 13:16 - 00000000 ____D () C:\Users\Siggi\AppData\Local\NETGEARGenie
2015-03-08 05:57 - 2012-05-27 04:14 - 00000000 ____D () C:\Program Files\WinRAR
2015-03-08 05:33 - 2012-12-17 05:45 - 00000000 ____D () C:\ProgramData\InstallMate
2015-03-08 05:22 - 2012-05-27 04:15 - 00000000 ____D () C:\Users\Siggi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-08 05:22 - 2012-05-27 04:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-08 05:16 - 2012-05-01 17:01 - 00000864 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-08 05:04 - 2012-05-04 06:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-03-08 05:04 - 2012-05-04 06:54 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-08 05:01 - 2012-05-02 02:58 - 00000000 ____D () C:\Users\Siggi\AppData\Roaming\Audacity
2015-03-08 05:00 - 2012-05-02 11:08 - 00000822 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-03-08 05:00 - 2012-05-02 11:08 - 00000000 ____D () C:\Program Files\Audacity
2015-03-08 04:53 - 2012-05-01 19:29 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-08 04:33 - 2014-08-10 10:17 - 00000000 ____D () C:\Users\Siggi\AppData\Local\Adobe
2015-03-05 07:02 - 2015-01-21 13:03 - 00000000 ____D () C:\Users\Siggi\Desktop\excel rstr
2015-03-01 14:42 - 2012-05-01 18:13 - 00000000 ____D () C:\Users\Siggi\Desktop\sturrf
2015-03-01 09:32 - 2012-05-06 06:51 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-03-01 05:23 - 2013-09-25 06:32 - 00067333 _____ () C:\Users\Siggi\Desktop\New House water etc.xlsx
2015-02-28 11:16 - 2014-04-23 02:47 - 00000000 ____D () C:\Users\dub_cm_auto
2015-02-28 11:16 - 2006-11-02 12:18 - 00000000 __RHD () C:\Users\Default
2015-02-28 11:16 - 2006-11-02 12:18 - 00000000 ___RD () C:\Users\Public
2015-02-28 11:15 - 2015-02-13 12:30 - 00000000 ____D () C:\Windows\erdnt
2015-02-28 11:11 - 2006-11-02 11:23 - 00000215 _____ () C:\Windows\system.ini
2015-02-28 11:09 - 2006-11-02 11:22 - 43515904 _____ () C:\Windows\system32\config\SOFTWARE.bak
2015-02-28 11:09 - 2006-11-02 11:22 - 42729472 _____ () C:\Windows\system32\config\COMPON~2.bak
2015-02-28 11:09 - 2006-11-02 11:22 - 22544384 _____ () C:\Windows\system32\config\SYSTEM.bak
2015-02-28 11:09 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2015-02-28 11:09 - 2006-11-02 11:22 - 00065536 _____ () C:\Windows\system32\config\SAM.bak
2015-02-28 11:09 - 2006-11-02 11:22 - 00020480 _____ () C:\Windows\system32\config\SECURITY.bak
2015-02-27 11:32 - 2015-02-11 16:24 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-02-27 10:27 - 2013-05-26 12:22 - 00000000 ____D () C:\ProgramData\Norton
2015-02-26 12:51 - 2014-08-06 08:42 - 00000000 ____D () C:\Users\Siggi\AppData\Roaming\uTorrent
==================== Files in the root of some directories =======
2013-07-15 10:48 - 2013-07-15 10:49 - 9842040 _____ (Webroot Software, Inc.) C:\Program Files\Common Files\wruninstall.exe
2012-05-01 09:07 - 2014-07-01 16:51 - 0000680 _____ () C:\Users\Siggi\AppData\Local\d3d9caps.dat
2012-05-26 19:45 - 2012-06-27 07:55 - 0009216 _____ () C:\Users\Siggi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-28 11:48
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Siggi at 2015-03-28 15:27:32
Running from C:\Users\Siggi\Desktop\geeks to go 2\FRST 28.03
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2214 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DriverNavigator 3.4.5 (HKLM\...\DriverNavigator_is1) (Version: 3.4.5.0 - Easeware)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
FileHippo App Manager (HKLM\...\FileHippo.com) (Version: - FileHippo.com)
HTC Driver Installer (HKLM\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.007 - HTC Corporation)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 37.0 (x86 en-US) (HKLM\...\Mozilla Firefox 37.0 (x86 en-US)) (Version: 37.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.5.0 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 en-GB) (HKLM\...\Mozilla Thunderbird 31.5.0 (x86 en-GB)) (Version: 31.5.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NETGEAR Genie (HKLM\...\NETGEAR Genie) (Version: 2.3.1.46 - NETGEAR Inc.)
Nokia Connectivity Cable Driver (HKLM\...\{D4BF151C-70A8-4CE2-906F-4173A575BAD9}) (Version: 7.1.182.0 - Nokia)
Norton Bootable Recovery Tool Wizard (HKLM\...\NBRTWizard) (Version: 6.0.0.74 - Symantec Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6602 - Realtek Semiconductor Corp.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TuneUp Utilities 2011 (HKLM\...\TuneUp Utilities 2011) (Version: 10.0.4600.20 - TuneUp Software)
TuneUp Utilities 2011 (Version: 10.0.4600.20 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-GB) (Version: 10.0.4600.20 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.1.2015.0 - WinPatrol)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
03-03-2015 05:25:45 Ende der Bereinigung
05-03-2015 03:49:13 avast! antivirus system restore point
05-03-2015 08:37:41 Windows Update
08-03-2015 04:51:31 Installed Adobe Reader XI.
11-03-2015 01:59:04 Windows Update
11-03-2015 02:13:49 Windows Update
17-03-2015 08:11:45 Gerätetreiber-Paketinstallation: June Fabrics Technology Inc. Netzwerkadapter
17-03-2015 13:23:29 Gerätetreiber-Paketinstallation: Google USB Android Device
18-03-2015 03:47:11 Windows Update
21-03-2015 06:20:22 Windows Update
24-03-2015 07:59:17 Geplanter Prüfpunkt
25-03-2015 01:12:30 Windows Update
28-03-2015 02:26:19 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2015-02-28 11:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {026DAB5C-7B7D-414E-ABFA-004A5C7A4904} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe
Task: {2F05D630-5494-49E9-A901-9AEA75A9EE2E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-05] (Avast Software s.r.o.)
Task: {2F20F7BD-4A96-479B-8351-6D6C2952023D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {6A0844CA-8F71-4EE7-8046-C053FE70B6C5} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011 => C:\Program Files\TuneUp Utilities 2011\OneClick.exe [2012-02-13] (TuneUp Software)
Task: {6E17CC6E-BF42-4AF6-9B3A-5D5E91C66B41} - System32\Tasks\Adobe online update program => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {B4BCD434-D544-49E5-A3BB-623C8FCBF638} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {B71D39B3-FCB1-4C87-8489-201AA074BB4D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {BACCE739-E8AB-48DD-B6FD-6F84CEC6F4D6} - System32\Tasks\{6D9F0267-FA04-4C96-A0A2-519CEE74B89A} => pcalua.exe -a "C:\Users\Siggi\Desktop\dwnlds\dwnlds\dwnlds\puta probs\VisualBasic6-KB896559-v1-ENU.exe" -d "C:\Users\Siggi\Desktop\dwnlds\dwnlds\dwnlds\puta probs"
Task: {BFD51F6E-1CAE-4FA8-98FC-BBC69AB7C834} - \DriverNavigator Scheduled Scan No Task File <==== ATTENTION
Task: {C5AA221E-9BAD-4BEB-86D0-9C655AF97C1C} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\21.6.0.32\SymErr.exe
Task: {D79B8FFC-5FC4-4E8D-A2C5-EC02361A883D} - System32\Tasks\{697AAB8D-C624-46B9-A6A4-72180CC7E2E0} => pcalua.exe -a C:\Users\Siggi\Desktop\twerp\zopo\driver\2\Driver\install_driver.exe -d C:\Users\Siggi\Desktop\twerp\zopo\driver\2\Driver
Task: {D8602925-8654-48C3-815C-676E550EE430} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {F900BE6D-F432-4F0E-9A29-91294DB7AD26} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\21.6.0.32\SymErr.exe
Task: {FAB7A746-36D9-41B6-BEA6-930E66490098} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-14] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2015-03-05 03:53 - 2015-03-05 03:53 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-05 03:53 - 2015-03-05 03:53 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-03-28 10:26 - 2015-03-28 10:26 - 02923520 _____ () C:\Program Files\AVAST Software\Avast\defs\15032800\algo.dll
2011-03-31 16:08 - 2011-03-31 16:08 - 00080896 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2015-03-05 03:53 - 2015-03-05 03:53 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-09-29 02:14 - 2013-09-29 02:14 - 03369922 _____ () C:\Program Files\NETGEAR Genie\bin\icuin51.dll
2013-09-29 02:13 - 2013-09-29 02:13 - 00544817 _____ () C:\Program Files\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2013-09-29 02:13 - 2013-09-29 02:13 - 00989805 _____ () C:\Program Files\NETGEAR Genie\bin\libstdc++-6.dll
2013-09-29 02:14 - 2013-09-29 02:14 - 01978690 _____ () C:\Program Files\NETGEAR Genie\bin\icuuc51.dll
2013-09-29 02:14 - 2013-09-29 02:14 - 22378434 _____ () C:\Program Files\NETGEAR Genie\bin\icudt51.dll
2013-09-29 02:14 - 2013-09-29 02:14 - 01233408 _____ () C:\Program Files\NETGEAR Genie\bin\platforms\qwindows.dll
2014-11-17 10:46 - 2014-11-17 10:46 - 00639488 _____ () C:\Program Files\NETGEAR Genie\bin\Genie.dll
2014-11-10 10:55 - 2014-11-10 10:55 - 01686016 _____ () C:\Program Files\NETGEAR Genie\bin\SvtNetworkTool.dll
2014-11-05 08:36 - 2014-11-05 08:36 - 00192512 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2014-11-05 08:37 - 2014-11-05 08:37 - 00632832 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2014-11-14 11:53 - 2014-11-14 11:53 - 06499840 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Map.dll
2014-06-30 02:55 - 2014-06-30 02:55 - 00068608 _____ () C:\Program Files\NETGEAR Genie\bin\QRCode.dll
2014-06-30 03:05 - 2014-06-30 03:05 - 01183232 _____ () C:\Program Files\NETGEAR Genie\bin\qwt.dll
2014-11-07 10:13 - 2014-11-07 10:13 - 02475520 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_MyMedia.dll
2012-10-15 21:27 - 2012-10-15 21:27 - 00111616 _____ () C:\Program Files\NETGEAR Genie\bin\libvlc.dll
2012-10-15 21:28 - 2012-10-15 21:28 - 02286592 _____ () C:\Program Files\NETGEAR Genie\bin\libvlccore.dll
2014-11-17 08:00 - 2014-11-17 08:00 - 01056768 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2014-09-11 09:39 - 2014-09-11 09:39 - 00144896 _____ () C:\Program Files\NETGEAR Genie\bin\DragonNetTool.dll
2014-11-05 08:51 - 2014-11-05 08:51 - 01191424 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2014-11-17 07:21 - 2014-11-17 07:21 - 10374656 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2014-11-17 07:18 - 2014-11-17 07:18 - 02496512 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2014-11-06 10:39 - 2014-11-06 10:39 - 00200192 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2014-11-05 08:58 - 2014-11-05 08:58 - 00889344 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2014-11-05 09:00 - 2014-11-05 09:00 - 00435712 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2013-09-29 02:13 - 2013-09-29 02:13 - 00051200 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qgif.dll
2013-09-29 02:13 - 2013-09-29 02:13 - 00052224 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qico.dll
2013-09-29 02:13 - 2013-09-29 02:13 - 00261120 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qjpeg.dll
2013-09-29 02:13 - 2013-09-29 02:13 - 00046080 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qsvg.dll
2014-06-30 02:55 - 2014-06-30 02:55 - 00081408 _____ () C:\Program Files\NETGEAR Genie\bin\DiagnosePlugin.dll
2014-11-03 09:23 - 2014-11-03 09:23 - 00143360 _____ () C:\Program Files\NETGEAR Genie\bin\DiagnoseDll.dll
2014-09-04 07:00 - 2014-09-04 07:00 - 00072192 _____ () C:\Program Files\NETGEAR Genie\bin\SVTUtils.dll
2014-09-04 07:00 - 2014-09-04 07:00 - 00074240 _____ () C:\Program Files\NETGEAR Genie\bin\NetcardApi.dll
2014-09-04 07:00 - 2014-09-04 07:00 - 00136704 _____ () C:\Program Files\NETGEAR Genie\bin\airprintdll.dll
2012-10-15 21:28 - 2012-10-15 21:28 - 00219648 _____ () C:\Program Files\NETGEAR Genie\bin\plugins\access\libdshow_plugin.dll
2012-10-15 21:28 - 2012-10-15 21:28 - 00049664 _____ () C:\Program Files\NETGEAR Genie\bin\plugins\audio_output\libaout_directx_plugin.dll
2012-10-15 21:28 - 2012-10-15 21:28 - 00051200 _____ () C:\Program Files\NETGEAR Genie\bin\plugins\audio_output\libwaveout_plugin.dll
2012-10-15 21:28 - 2012-10-15 21:28 - 00070144 _____ () C:\Program Files\NETGEAR Genie\bin\plugins\video_output\libdirectx_plugin.dll
2013-09-29 02:13 - 2013-09-29 02:13 - 00040960 _____ () C:\Program Files\NETGEAR Genie\bin\printsupport\windowsprintersupport.dll
2014-11-05 08:59 - 2014-11-05 08:59 - 00642048 _____ () C:\Program Files\NETGEAR Genie\bin\InnerPlugin_Update.dll
2014-11-05 09:01 - 2014-11-05 09:01 - 00458752 _____ () C:\Program Files\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2014-06-30 03:33 - 2014-06-30 03:33 - 00046080 _____ () C:\Program Files\NETGEAR Genie\bin\WSetupApiPlugin.dll
2014-09-04 07:00 - 2014-09-04 07:00 - 00066560 _____ () C:\Program Files\NETGEAR Genie\bin\WSetupDll.dll
2015-01-27 13:18 - 2015-01-27 13:18 - 02926800 _____ () C:\Program Files\FileHippo.com\FileHippo.AppManager.exe
2014-11-06 16:28 - 2014-11-06 16:28 - 00105216 _____ () C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
2015-02-27 15:21 - 2015-02-27 15:21 - 00140568 _____ () C:\Program Files\VideoLAN\VLC\libvlc.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 02628888 _____ () C:\Program Files\VideoLAN\VLC\libvlccore.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00551192 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00039192 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00037144 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00083736 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00075544 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 02155800 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00111384 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00240920 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00086808 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00053016 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00069400 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00591128 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00768792 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00128792 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00049944 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\librar_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00020760 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00137496 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 01563928 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00330008 _____ () C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 01261336 _____ () C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00066840 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00045848 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 11994904 _____ () C:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00678680 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00134424 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00027416 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00023832 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00020760 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00125208 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libhttp_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00043800 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00034072 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00341784 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00021784 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00154904 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00751896 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00021784 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00028952 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00086296 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00029464 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00037656 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00027416 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00075544 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00042264 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00023320 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00025880 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00032536 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00034584 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00025368 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00022808 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_hevc_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00025368 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00258328 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00024344 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00301848 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 01288472 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00025880 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00034072 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00049432 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00448792 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00033048 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 01546520 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00353560 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00025368 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00019736 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00024344 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00137496 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00173848 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00064792 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 01501976 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00025368 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00019736 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00020248 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00026904 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00019736 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00021784 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00031512 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2015-02-27 15:21 - 2015-02-27 15:21 - 00057112 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libequalizer_plugin.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2689138593-1012205953-2850960868-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Siggi\Pictures\New Picture.bmp
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Search Protection => "C:\Users\Siggi\AppData\Roaming\Search Protection\SP.EXE" /autostart
==================== Accounts: =============================
Administrator (S-1-5-21-2689138593-1012205953-2850960868-500 - Administrator - Disabled)
Gast (S-1-5-21-2689138593-1012205953-2850960868-501 - Limited - Disabled)
Siggi (S-1-5-21-2689138593-1012205953-2850960868-1000 - Administrator - Enabled) => C:\Users\Siggi
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/28/2015 11:42:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2015 00:48:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/26/2015 07:19:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/25/2015 04:41:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/25/2015 01:02:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/24/2015 00:28:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/23/2015 09:38:12 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4
Error: (03/23/2015 09:38:11 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (03/23/2015 00:55:55 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\SIGGI\DESKTOP\FOLDERS\ORISHAS\WWWWWWWWWWWWW.WWW> in the hash map cannot be updated.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (03/23/2015 00:55:55 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\SIGGI\DESKTOP\FOLDERS\ORISHAS\VVVVVVVVVVVVV.VVV> in the hash map cannot be updated.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
System errors:
=============
Error: (03/28/2015 11:44:35 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032
Error: (03/28/2015 11:42:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: OADevice
oahlpXX
OAmon
Error: (03/28/2015 11:42:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NETGEARGenieDaemon%%1053
Error: (03/28/2015 11:42:01 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000NETGEARGenieDaemon
Error: (03/28/2015 11:42:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Online Armor Helper Service%%3
Error: (03/28/2015 02:25:21 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Netman
Error: (03/27/2015 05:21:24 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000IPBusEnum
Error: (03/27/2015 00:53:00 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032
Error: (03/27/2015 00:48:40 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: OADevice
oahlpXX
OAmon
Error: (03/27/2015 00:48:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NETGEARGenieDaemon%%1053
Microsoft Office Sessions:
=========================
Error: (10/22/2014 01:52:25 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 107 seconds with 0 seconds of active time. This session ended with a crash.
Error: (08/13/2014 05:46:32 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 90 seconds with 60 seconds of active time. This session ended with a crash.
Error: (12/24/2013 09:48:24 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-03-28 15:27:25.847
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-28 15:27:25.121
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-28 15:27:24.350
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-28 15:27:23.582
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-28 15:27:22.602
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-28 15:27:21.756
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-28 15:27:21.021
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-28 15:27:20.289
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-25 03:42:17.590
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-25 03:42:16.645
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Pentium® Dual CPU E2160 @ 1.80GHz
Percentage of memory in use: 46%
Total physical RAM: 3316.27 MB
Available physical RAM: 1769.55 MB
Total Pagefile: 6868.53 MB
Available Pagefile: 5401.24 MB
Total Virtual: 2047.88 MB
Available Virtual: 1907 MB
==================== Drives ================================
Drive c: (COMPAQ) (Fixed) (Total:187.74 GB) (Free:1.46 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:9.92 GB) (Free:1.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=187.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=35.2 GB) - (Type=05)
Partition 3: (Not Active) - (Size=9.9 GB) - (Type=07 NTFS)
==================== End Of Log ============================
aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2015-03-28 15:29:46
-----------------------------
15:29:46.258 OS Version: Windows 6.0.6002 Service Pack 2
15:29:46.258 Number of processors: 2 586 0xF0D
15:29:46.260 ComputerName: A-PROBLEM UserName: Siggi
15:29:47.147 Initialize success
15:29:47.179 VM: initialized successfully
15:29:47.181 VM: Intel CPU virtualization not supported
15:29:51.159 AVAST engine defs: 15032800
15:31:03.925 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:31:03.933 Disk 0 Vendor: ST3250310AS 3.AHA Size: 238475MB BusType: 3
15:31:04.032 Disk 0 MBR read successfully
15:31:04.036 Disk 0 MBR scan
15:31:04.041 Disk 0 unknown MBR code
15:31:04.846 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 192247 MB offset 63
15:31:04.852 Disk 0 Partition - 00 05 Extended 36065 MB offset 393723902
15:31:04.888 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10158 MB offset 467586000
15:31:04.911 Disk 0 Partition 3 00 83 Linux 31981 MB offset 393723904
15:31:04.919 Disk 0 Partition - 00 05 Extended 4084 MB offset 459220992
15:31:04.949 Disk 0 scanning sectors +488391120
15:31:05.106 Disk 0 scanning C:\Windows\system32\drivers
15:31:13.338 Service scanning
15:31:29.269 Modules scanning
15:31:29.278 Disk 0 trace - called modules:
15:31:29.302 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys tcpip.sys NETIO.SYS dxgkrnl.sys igdkmd32.sys
15:31:29.310 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86226ac8]
15:31:29.319 3 CLASSPNP.SYS[8b5cb8b3] -> nt!IofCallDriver -> [0x85abe918]
15:31:29.334 5 acpi.sys[806a16bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85a9a820]
15:31:29.860 AVAST engine scan C:\Windows
15:31:31.466 AVAST engine scan C:\Windows\system32
15:34:10.706 AVAST engine scan C:\Windows\system32\drivers
15:34:30.021 AVAST engine scan C:\Users\Siggi
15:47:38.774 AVAST engine scan C:\ProgramData
15:48:44.964 Disk 0 statistics 3188846/0/0 @ 1,72 MB/s
15:48:44.973 Scan finished successfully
15:49:03.654 Disk 0 MBR has been saved successfully to "C:\Users\Siggi\Desktop\MBR.dat"
15:49:03.669 The log file has been saved successfully to "C:\Users\Siggi\Desktop\aswMBR.txt"