-
Browse to save
Hello! I try to ged rid of "browse to save". I cannot find an Add-on in my firefox-browser. Kaspersky is no help and spybot doesnt find anything.
Here's the dds:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by Martin at 13:18:52 on 2013-01-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.7974.4300 [GMT 1:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\SysWOW64\cjpcsc.exe
C:\Program Files (x86)\Prey\platform\windows\cronsvc.exe
C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\windows\system32\LMabcoms.exe
C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\windows\system32\WLANExt.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\WUDFHost.exe
C:\windows\System32\WUDFHost.exe
C:\windows\System32\rundll32.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe
C:\Program Files\Lexmark\ErrorApp\lmab1err.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\StikyNot.exe
C:\Users\Martin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Martin\AppData\Roaming\Wuala\Wuala.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxtray.exe
C:\windows\system32\igfxpers.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtbws.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = hxxp://search.autocompletepro.com/?si=10214&bi=400
uSearch Page = hxxp://search.autocompletepro.com/?si=10214&bi=400
uDefault_Page_URL = hxxp://samsung.msn.com
uDefault_Search_URL = hxxp://search.autocompletepro.com/?si=10214&bi=400
mStart Page = hxxp://searchab.com/?aff=7&uid=c61aca2d-4839-11e2-8e56-e8039ab06a14
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
uRun: [LMab1err] C:\Program Files\Lexmark\ErrorApp\LMab1err.exe
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
uRun: [RESTART_STICKY_NOTES] C:\windows\System32\StikyNot.exe
uRun: [Spotify Web Helper] "C:\Users\Martin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
dRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
StartupFolder: C:\Users\Martin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Martin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Wuala.lnk - C:\Users\Martin\AppData\Roaming\Wuala\Wuala.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTOST~1.LNK - C:\Program Files (x86)\WinTV\Ir.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINTVR~1.LNK - C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:24
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200
IE: An OneNote s&enden - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
TCP: NameServer = 192.168.179.1
TCP: Interfaces\{9E31218D-361B-4872-9F7F-D0C36B9F2B8A} : DHCPNameServer = 192.168.179.1
TCP: Interfaces\{9E31218D-361B-4872-9F7F-D0C36B9F2B8A}\0516474797 : DHCPNameServer = 10.74.210.210 10.74.210.211
TCP: Interfaces\{9E31218D-361B-4872-9F7F-D0C36B9F2B8A}\142736F627D2240313440333 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{9E31218D-361B-4872-9F7F-D0C36B9F2B8A}\2616D626F6F6 : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{9E31218D-361B-4872-9F7F-D0C36B9F2B8A}\3416665602B4C61647373686 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{9E31218D-361B-4872-9F7F-D0C36B9F2B8A}\44F425D45425F4 : DHCPNameServer = 172.30.3.254
TCP: Interfaces\{9E31218D-361B-4872-9F7F-D0C36B9F2B8A}\75C414E453 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{D648904F-7844-46DB-9E63-BE91958D2678} : NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= C:\windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWOW64\CbFsMntNtf3.dll
STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [LMPSSDMON] C:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\System32\CbFsMntNtf3.dll
x64-STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\System32\CbFsMntNtf3.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\c49yuloy.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://startpage.com/
FF - prefs.js: keyword.URL - hxxp://searchab.com/?aff=7&uid=c61aca2d-4839-11e2-8e56-e8039ab06a14&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Jazz-Soft\Jazz-Plugin\npJazz.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-12-17 12:24; 50cf00df7b572@50cf00df7b5ab.com; C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\c49yuloy.default\extensions\50cf00df7b572@50cf00df7b5ab.com
FF - ExtSQL: 2012-12-30 12:04; IDGARD@jetpack; C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\c49yuloy.default\extensions\IDGARD@jetpack.xpi
FF - ExtSQL: 2013-01-10 12:01; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\c49yuloy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-01-11 17:32; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
============= SERVICES / DRIVERS ===============
.
R0 excsd;ExpressCache Storage Filter Driver;C:\windows\System32\drivers\excsd.sys [2012-5-10 80688]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\windows\System32\drivers\iusb3hcs.sys [2012-2-1 16152]
R0 nvpciflt;nvpciflt;C:\windows\System32\drivers\nvpciflt.sys [2012-5-10 28992]
R1 cbfs3;cbfs3;C:\windows\System32\drivers\cbfs3.sys [2012-12-8 352144]
R1 excfs;ExpressCache File System Filter Driver;C:\windows\System32\drivers\excfs.sys [2012-5-10 23344]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\windows\System32\drivers\klim6.sys [2012-8-2 28504]
R1 kltdi;kltdi;C:\windows\System32\drivers\kltdi.sys [2012-6-8 54104]
R1 kneps;kneps;C:\windows\System32\drivers\kneps.sys [2012-8-13 178008]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2012-5-10 13824]
R1 Uim_VIM;UIM Virtual Image Plugin;C:\windows\System32\drivers\uim_vimx64.sys [2011-11-17 352816]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -r --> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -r [?]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-19 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-19 1104208]
R2 cjpcsc;cyberJack PC/SC COM Service ;C:\Windows\SysWOW64\cjpcsc.exe [2012-9-16 514128]
R2 CronService;Cron Service for Prey;C:\Program Files (x86)\Prey\platform\windows\cronsvc.exe [2011-2-15 19968]
R2 ExpressCache;ExpressCache;C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [2011-9-23 79664]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2012-1-23 1858048]
R2 HauppaugeTVServer;HauppaugeTVServer;C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [2012-12-29 577536]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
R2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration;C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [2012-5-10 31624]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-12-27 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-12-27 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-12-27 168384]
R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2012-10-10 1021888]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-17 3467768]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-11-29 2401632]
R3 acpials;ALS Sensor Filter;C:\windows\System32\drivers\acpials.sys [2010-11-21 9728]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\windows\System32\drivers\AmpPal.sys [2011-12-5 195584]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-19 1304912]
R3 btmaudio;Intel Bluetooth Audio Service;C:\windows\System32\drivers\btmaud.sys [2011-12-13 51712]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\drivers\btmaux.sys [2011-12-13 94720]
R3 btmhsf;btmhsf;C:\windows\System32\drivers\btmhsf.sys [2011-12-13 747008]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2011-8-17 31216]
R3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-3-2 13088]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2012-5-10 280912]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-4-26 2702848]
R3 ibtfltcoex;ibtfltcoex;C:\windows\System32\drivers\iBtFltCoex.sys [2011-12-14 60416]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2012-2-6 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\windows\System32\drivers\iusb3hub.sys [2012-2-1 355096]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\windows\System32\drivers\iusb3xhc.sys [2012-2-1 786200]
R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\drivers\iwdbus.sys [2011-12-20 25496]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\windows\System32\drivers\klkbdflt.sys [2012-5-25 29016]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\windows\System32\drivers\klmouflt.sys [2012-7-25 29528]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-5-10 648808]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-11-16 11880]
R3 wdkmd;Intel WiDi KMD;C:\windows\System32\drivers\WDKMD.sys [2011-12-20 42392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\windows\System32\drivers\AmpPal.sys [2011-12-5 195584]
S3 cjusb;REINER SCT cyberJack USB Driver;C:\windows\System32\drivers\cjusb.sys [2012-9-16 34672]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\windows\System32\drivers\ssudbus.sys [2012-11-10 102368]
S3 epmntdrv;epmntdrv;C:\windows\System32\epmntdrv.sys [2012-9-16 16776]
S3 EsgScanner;EsgScanner;C:\windows\System32\drivers\EsgScanner.sys [2013-1-13 22704]
S3 EuGdiDrv;EuGdiDrv;C:\windows\System32\EuGdiDrv.sys [2012-9-16 9096]
S3 hcw95bda;Hauppauge MOD7700 Tuner Driver;C:\windows\System32\drivers\hcw95bda.sys [2012-12-29 658944]
S3 hcw95rc;Hauppauge MOD7700 IR Driver;C:\windows\System32\drivers\hcw95rc.sys [2012-12-29 19840]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\drivers\intelaud.sys [2011-12-20 34200]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\windows\System32\drivers\ssudmdm.sys [2012-11-10 203104]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S4 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-5 659968]
S4 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-5 135952]
S4 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-5-10 128280]
S4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-5-10 161560]
S4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-8 273168]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S4 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-5-10 363800]
S4 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-8 594704]
.
=============== Created Last 30 ================
.
2013-01-13 09:58:32 22704 ----a-w- C:\windows\System32\drivers\EsgScanner.sys
2013-01-13 09:58:29 110080 ----a-r- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{83B952C7-F8F3-4CA3-B4C5-33C85B24E478}\IconF7A21AF7.exe
2013-01-13 09:58:29 110080 ----a-r- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{83B952C7-F8F3-4CA3-B4C5-33C85B24E478}\IconD7F16134.exe
2013-01-13 09:58:29 110080 ----a-r- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{83B952C7-F8F3-4CA3-B4C5-33C85B24E478}\Icon1226A4C5.exe
2013-01-13 09:58:28 -------- d-----w- C:\sh4ldr
2013-01-13 09:58:28 -------- d-----w- C:\Program Files\Enigma Software Group
2013-01-13 09:57:37 -------- d-----w- C:\windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2013-01-13 09:57:33 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-01-12 15:29:28 -------- d-----w- C:\Users\Martin\AppData\Roaming\TeamViewer
2013-01-12 09:44:08 -------- d-----w- C:\Program Files (x86)\Sony
2013-01-11 17:28:59 393576 ----a-w- C:\windows\System32\xactengine2_6.dll
2013-01-11 16:31:16 -------- d-----w- C:\Program Files\DivX
2013-01-11 16:31:07 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
2013-01-11 16:27:20 -------- d-----w- C:\Program Files (x86)\DivX
2013-01-11 16:26:24 1892184 ----a-w- C:\windows\SysWow64\D3DX9_42.dll
2013-01-11 16:26:23 2414360 ----a-w- C:\windows\SysWow64\d3dx9_31.dll
2013-01-11 16:25:07 -------- d-----w- C:\Program Files (x86)\Winamp Detect
2013-01-11 16:24:10 -------- d-----w- C:\ProgramData\DivX
2013-01-11 16:24:00 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2013-01-11 16:23:52 -------- d-----w- C:\Users\Martin\AppData\Roaming\OpenCandy
2013-01-10 17:59:20 -------- d-----w- C:\Users\Martin\AppData\Local\Flavio Tordini
2013-01-10 17:58:33 -------- d-----w- C:\Users\Martin\AppData\Local\Musique
2013-01-10 12:52:10 -------- d-----w- C:\Users\Martin\AppData\Local\Xara
2013-01-10 12:42:12 -------- d-----w- C:\Program Files (x86)\Common Files\MAGIX Shared
2013-01-10 09:40:17 34656 ----a-w- C:\windows\System32\TURegOpt.exe
2013-01-10 09:40:13 25952 ----a-w- C:\windows\System32\authuitu.dll
2013-01-10 09:40:12 21344 ----a-w- C:\windows\SysWow64\authuitu.dll
2013-01-10 09:39:41 -------- d-----w- C:\Users\Martin\AppData\Roaming\TuneUp Software
2013-01-10 09:39:28 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2013
2013-01-10 09:38:37 -------- d-----w- C:\ProgramData\TuneUp Software
2013-01-10 09:38:24 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-01-10 09:38:24 -------- d--h--w- C:\ProgramData\Common Files
2013-01-09 15:15:12 -------- d-----w- C:\Users\Martin\AppData\Roaming\simplitec
2013-01-09 11:13:51 -------- d-----w- C:\Users\Martin\AppData\Roaming\MAGIX
2013-01-09 11:13:08 -------- d-----w- C:\Program Files (x86)\MAGIX
2013-01-09 11:13:01 -------- d-----w- C:\ProgramData\simplitec
2013-01-09 11:12:56 -------- d-----w- C:\ProgramData\MAGIX
2013-01-09 11:12:55 -------- d-----w- C:\Program Files (x86)\Common Files\MAGIX Services
2013-01-09 11:12:53 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2013-01-09 08:02:56 424448 ----a-w- C:\windows\System32\KernelBase.dll
2013-01-08 20:28:24 -------- d-----w- C:\Users\Martin\AppData\Local\{35879EB4-B502-4EA8-A806-C52FBC551FE8}
2013-01-03 23:29:41 -------- d-----w- C:\Program Files (x86)\Audiograbber
2013-01-02 12:15:18 -------- d-----w- C:\Users\Martin\AppData\Local\Windows Live
2013-01-02 12:14:56 -------- d-----w- C:\Users\Martin\AppData\Local\{9A8FCBE6-6F7C-4010-A61D-9C5C05AF89D3}
2012-12-30 11:15:33 -------- d-----w- C:\Users\Martin\dwhelper
2012-12-29 20:35:43 38672 ----a-w- C:\windows\SysWow64\pcleUtil.dll
2012-12-29 20:35:40 142337 ----a-w- C:\windows\SysWow64\Wait.exe
2012-12-29 20:35:40 -------- d-----w- C:\Program Files (x86)\WinTV
2012-12-29 20:35:39 -------- d-----w- C:\ProgramData\Hauppauge
2012-12-29 20:18:19 831554 ----a-w- C:\windows\SysWow64\hcwtvwnd.dll
2012-12-29 20:18:19 36921 ----a-w- C:\windows\SysWow64\hcwutl32.dll
2012-12-29 20:18:19 323640 ----a-w- C:\windows\SysWow64\hcwpnp32.dll
2012-12-29 20:18:19 118840 ----a-w- C:\windows\SysWow64\hcwi2c32.dll
2012-12-29 20:00:34 658944 ----a-w- C:\windows\System32\drivers\hcw95bda.sys
2012-12-29 20:00:34 19840 ----a-w- C:\windows\System32\hcw95rc.sys
2012-12-29 20:00:34 19840 ----a-w- C:\windows\System32\drivers\hcw95rc.sys
2012-12-29 20:00:31 -------- d-----w- C:\Hauppauge
2012-12-29 17:25:24 -------- d-----w- C:\Users\Martin\.mediathek3
2012-12-29 17:12:22 -------- d-----w- C:\MyVideos
2012-12-29 17:11:54 995383 ----a-w- C:\windows\SysWow64\temp.002
2012-12-29 17:11:54 77878 ----a-w- C:\windows\SysWow64\temp.000
2012-12-29 17:11:54 278581 ----a-w- C:\windows\SysWow64\temp.001
2012-12-27 20:41:11 -------- d-----w- C:\Users\Martin\.VirtualBox
2012-12-27 20:40:02 237992 ----a-w- C:\windows\System32\drivers\VBoxDrv.sys
2012-12-27 20:39:52 120232 ----a-w- C:\windows\System32\drivers\VBoxUSBMon.sys
2012-12-27 20:39:50 -------- d-----w- C:\Program Files\Oracle
2012-12-27 14:49:21 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-12-27 14:49:12 17272 ----a-w- C:\windows\System32\sdnclean64.exe
2012-12-27 14:49:09 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2012-12-25 08:27:18 -------- d-----w- C:\Users\Martin\AppData\Roaming\redsn0w
2012-12-22 02:00:20 46080 ----a-w- C:\windows\System32\atmlib.dll
2012-12-22 02:00:20 367616 ----a-w- C:\windows\System32\atmfd.dll
2012-12-22 02:00:20 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
2012-12-22 02:00:20 295424 ----a-w- C:\windows\SysWow64\atmfd.dll
2012-12-21 15:40:41 -------- d--h--r- C:\ESD
2012-12-19 13:47:20 204200 ----a-w- C:\windows\System32\VBoxNetFltNobj.dll
2012-12-19 13:47:20 146856 ----a-w- C:\windows\System32\drivers\VBoxNetFlt.sys
2012-12-19 13:47:20 132008 ----a-w- C:\windows\System32\drivers\VBoxNetAdp.sys
2012-12-19 13:06:51 -------- d-----w- C:\Users\Martin\AppData\Local\PDF Writer
2012-12-19 13:02:09 101376 ----a-w- C:\windows\System32\Spool\prtprocs\x64\HPZPPWN7.DLL
2012-12-19 13:00:51 227840 ----a-w- C:\windows\SysWow64\bzFlRdr.dll
2012-12-19 13:00:51 139264 ----a-w- C:\windows\SysWow64\bzpdfc.dll
2012-12-19 13:00:51 103424 ----a-w- C:\windows\SysWow64\bzDCT.dll
2012-12-19 13:00:51 -------- d-----w- C:\Users\Martin\AppData\Roaming\PDF Writer
2012-12-19 13:00:51 -------- d-----w- C:\ProgramData\PDF Writer
2012-12-19 13:00:51 -------- d-----w- C:\Program Files\Common Files\Bullzip
2012-12-19 13:00:48 218624 ----a-w- C:\windows\System32\bzpdf.dll
2012-12-19 13:00:44 -------- d-----w- C:\Program Files\Bullzip
2012-12-19 13:00:12 -------- d-----w- C:\Users\Martin\AppData\Local\Programs
2012-12-17 11:08:58 -------- d-----w- C:\ProgramData\%Installer_PublisherName%
2012-12-17 11:08:50 -------- d-----w- C:\ProgramData\Premium
2012-12-17 11:08:40 -------- d-----w- C:\Program Files (x86)\ZoomEx
2012-12-17 11:07:05 -------- d-----w- C:\ProgramData\Zoomex
2012-12-17 11:06:57 -------- d-----w- C:\ProgramData\InstallMate
2012-12-17 08:29:07 -------- d-----w- C:\Program Files (x86)\TeamViewer
2012-12-16 15:11:13 -------- d-----w- C:\ProgramData\fotobuch.de AG
2012-12-16 15:10:54 -------- d-----w- C:\Users\Martin\AppData\Roaming\fotobuch.de AG
2012-12-16 15:06:35 -------- d-----w- C:\windows\SysWow64\artworks
2012-12-16 15:06:35 -------- d-----w- C:\Program Files (x86)\fotobuch.de
.
==================== Find3M ====================
.
2013-01-13 12:14:31 29 ----a-w- C:\windows\SysWow64\TempWmicBatchFile.bat
2013-01-10 12:52:06 120200 ----a-w- C:\windows\SysWow64\DLLDEV32i.dll
2013-01-10 08:41:48 74248 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-10 08:41:48 697864 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-12-08 15:43:48 95208 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-08 15:43:47 821736 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2012-12-08 15:43:47 746984 ----a-w- C:\windows\SysWow64\deployJava1.dll
2012-12-07 13:20:16 441856 ----a-w- C:\windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\windows\System32\ntvdm64.dll
2012-11-30 04:54:00 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:26:31 3149824 ----a-w- C:\windows\System32\win32k.sys
2012-11-23 03:13:57 68608 ----a-w- C:\windows\System32\taskhost.exe
2012-11-22 05:44:23 800768 ----a-w- C:\windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\windows\SysWow64\usp10.dll
2012-11-20 05:48:49 307200 ----a-w- C:\windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\windows\SysWow64\ncrypt.dll
2012-11-16 07:10:34 54104 ----a-w- C:\windows\System32\drivers\kltdi.sys
2012-11-14 06:11:44 2312704 ----a-w- C:\windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-11-13 20:29:04 354216 ----a-w- C:\windows\SysWow64\DivXControlPanelApplet.cpl
2012-11-09 05:45:32 750592 ----a-w- C:\windows\System32\win32spl.dll
2012-11-09 05:45:09 2048 ----a-w- C:\windows\System32\tzres.dll
2012-11-09 04:43:04 492032 ----a-w- C:\windows\SysWow64\win32spl.dll
2012-11-09 04:42:49 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2012-11-08 10:29:12 1402312 ----a-w- C:\windows\SysWow64\msxml4.dll
2012-11-02 05:59:11 478208 ----a-w- C:\windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\windows\SysWow64\dpnet.dll
2012-11-01 05:43:42 2002432 ----a-w- C:\windows\System32\msxml6.dll
2012-11-01 05:43:42 1882624 ----a-w- C:\windows\System32\msxml3.dll
2012-11-01 04:47:54 1389568 ----a-w- C:\windows\SysWow64\msxml6.dll
2012-11-01 04:47:54 1236992 ----a-w- C:\windows\SysWow64\msxml3.dll
2012-10-16 08:38:37 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\windows\apppatch\AcLayers.dll
2010-08-19 17:22:43 409600 ----a-w- C:\Program Files\rescue2usb.exe
2010-04-01 09:01:34 28160 ----a-w- C:\Program Files\syslinux.exe
2009-10-16 14:43:30 237849 ----a-w- C:\Program Files\grub.exe
2006-05-03 10:06:54 163328 --sha-r- C:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47:16 31232 --sha-r- C:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30:52 216064 --sha-r- C:\windows\SysWOW64\nbDX.dll
2010-01-06 22:00:00 107520 --sha-r- C:\windows\SysWOW64\TAKDSDecoder.dll
.
============= FINISH: 13:19:29,85 ===============
I saved the registry using ERUNT. Unforunately I cannot send the aswMBR logs, since avast antirootkit always crashes, when it scans (see screenshot).
Any help would be very much appreachiated. I'm surprised that I couldn't find any useful information regarding "browse to save" on the internet. Is it a virus, addware, a trojan... anyway, it sucks.
Thank you in advance,
Disneykiller
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
