| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Probleme mit Skype, Dev-C ++ und Internet, z.B. friert der Bildschirm während der Benutzung von Skype einWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
13.03.2013, 18:53
| #1 |
 |  Probleme mit Skype, Dev-C ++ und Internet, z.B. friert der Bildschirm während der Benutzung von Skype ein Hallo, seit kurzem treten mehrere Probleme auf:
Ich hoffe, dass ich meine Probleme verständlich erklären konnte. Nun zu dem, was ich schon gemacht habe: Ich hatte bereits in einem anderen Forum gefragt, was ich wegen Skype machen kann und habe dann folgende Antwort bekommen: skype verhindert zugreifen auf andere Programme (Problem) Wie bereits dort beschrieben, habe ich einen neuen Audiotreiber installiert, weil das nach anderen Foren oft zu Problemen geführt hat. Ich habe auch den Malwaretest a´la hxxp://www.computerfrage.net/tipp/benutzung-von-malwarebytes-antimalware gemacht. Ich habe Skype deinstalliert, (wie ich es defragmentieren sollte, wusste ich nicht), es wieder neu installiert und eigenständige Aktionen verboten. Ebenfalls habe ich die Datenausführungsverhinderung in Windows aktiviert (bzw. sie war schon aktiviert) und auch die Firewall und die Benutzerkontensteuerung! Außerdem habe ich meine Festplatte defragmentiert, keine dieser Aktionen hat aber eine Verbesserung gebracht!!! Doch bevor ich meine Festplatte formatieren wollte, habe ich mich auch dazu noch einmal informiert und bin auf folgende Seite gestoßen: Festplatte formatieren, Microsoft Word behalten - SysProfile Forum All diese Vorschläge von "Helfr" habe ich umgesetzt: (Es gibt aber immer noch keine Verbesserung!) Die Berichte werde ich als Anhänge hinzufügen. Ich habe versucht alle Berichte als Anhänge hochzuladen, habe jedoch OTL.txt nicht hochladen können! Deswegen ist es nur in dieser Nachricht eingefügt. Zuerst möchte ich jedoch noch hinzufügen, dass der defogger keine Fehlermeldung ausgegeben hat und dass GMER nicht funktioniert, es kommt nach ca. 2min von Windows die Fehlermeldung: Das Programm funktioniert nicht mehr. Anhang 51601 Anhang 51602 Anhang 51603 Anhang 51604 OTL.txt:OTL Logfile: Code:
ATTFilter OTL logfile created on: 12.03.2013 22:48:11 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,92 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 34,52% Memory free 7,83 Gb Paging File | 5,14 Gb Available in Paging File | 65,68% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 654,69 Gb Total Space | 479,00 Gb Free Space | 73,16% Space Free | Partition Type: NTFS Drive D: | 29,00 Gb Total Space | 0,02 Gb Free Space | 0,07% Space Free | Partition Type: NTFS Computer Name: JASMINAB | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found PRC - C:\Users\***\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe () PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe () PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe () PRC - C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software) PRC - C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Seagate Technology LLC) PRC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Seagate Technology LLC) PRC - C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) PRC - C:\Programme\Web Assistant\ExtensionUpdaterService.exe () PRC - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo) PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) PRC - C:\Programme\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) ========== Modules (No Company Name) ========== MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\b454f5723ec86048063fe19d4267d9e8\System.Runtime.Remoting.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\cc59aeec8ea9faa8311426a9fba944a6\Microsoft.VisualBasic.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e963e9f51746f8e23837be7760e187c6\System.Windows.Forms.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\pdf.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\libglesv2.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\libegl.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\ffmpegsumo.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll () MOD - C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client$.ger () MOD - C:\Program Files (x86)\Tobit Radio.fx\Client\TOBITCLT.dll () MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe () MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll () MOD - C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll () MOD - C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll () MOD - C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll () ========== Services (SafeList) ========== SRV:64bit: - (hasplms) -- C:\Windows\SysNative\hasplms.exe (SafeNet Inc.) SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (Radio.fx) -- C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe () SRV - (vToolbarUpdater14.2.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe () SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.) SRV - (Seagate Dashboard Services) -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe (Seagate Technology LLC) SRV - (Web Assistant Updater) -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe () SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (btwdins) -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (MAGIX StartUp Analyze Service) -- C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe (MAGIX AG) SRV - (RtLedService) -- C:\Programme\Realtek\RtLED\RtLEDService.exe (Realtek Semiconductor Corp.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (aswSnx) -- C:\windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswVmm) -- C:\windows\SysNative\drivers\aswVmm.sys () DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (aswTdi) -- C:\windows\SysNative\drivers\aswTdi.sys (AVAST Software) DRV:64bit: - (aswRvrt) -- C:\windows\SysNative\drivers\aswRvrt.sys () DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswFsBlk) -- C:\windows\SysNative\drivers\aswFsBlk.sys (AVAST Software) DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies) DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (acsock) -- C:\Windows\SysNative\drivers\acsock64.sys (Cisco Systems, Inc.) DRV:64bit: - (Apowersoft_AudioDevice) -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys (Wondershare) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (vpnva) -- C:\Windows\SysNative\drivers\vpnva64.sys (Cisco Systems, Inc.) DRV:64bit: - (aksfridge) -- C:\Windows\SysNative\drivers\aksfridge.sys (SafeNet Inc.) DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (aksdf) -- C:\Windows\SysNative\drivers\aksdf.sys (SafeNet Inc.) DRV:64bit: - (hardlock) -- C:\Windows\SysNative\drivers\hardlock.sys (SafeNet Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (LHDmgr) -- C:\Windows\SysNative\drivers\LhdX64.sys (Lenovo.) DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation) DRV:64bit: - (fbfmon) -- C:\Windows\SysNative\drivers\fbfmon.sys (Lenovo) DRV:64bit: - (BPntDrv) -- C:\Windows\SysNative\drivers\BPntDrv.sys (Lenovo) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (BTWAMPFL) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (rtsuvc) -- C:\Windows\SysNative\drivers\rtsuvc.sys (Realtek Semiconductor Corp.) DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation) DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\rtsuvstor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (SLEE_18_DRIVER) -- C:\Windows\SleeN1864.sys (Softwareentwicklung Remus - ArchiCrypt - ) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data] IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com IE - HKLM\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms} IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=116299&tt=4912_6&babsrc=HP_ss&mntrId=0a6561b5000000000000f2df9aeb1897 IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.lenovo.com IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data] IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.lenovo.com IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=116299&tt=4912_6&babsrc=SP_ss&mntrId=0a6561b5000000000000f2df9aeb1897 IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN_deDE451 IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={22821B7B-94EC-40B6-BB97-705214743EA3}&mid=246fc425c32947d09872e910bf1f8c8b-d52108fdc00404b36dcc278a9ec071b4c88370f7&lang=en&ds=yu012&pr=sa&d=2012-07-13 20:46:27&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms} IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\..\SearchScopes\{C967B21F-2359-4EF1-B6B2-315DE53A0C92}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481020 IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb174/?search={searchTerms}&loc=IB_DS&a=6OyNYrqQRx&i=26 IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=116299&tt=4912_6&babsrc=HP_ss&mntrId=0a6561b5000000000000f2df9aeb1897 IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data] IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=116299&tt=4912_6&babsrc=SP_ss&mntrId=0a6561b5000000000000f2df9aeb1897 IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN_deDE451 IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={22821B7B-94EC-40B6-BB97-705214743EA3}&mid=246fc425c32947d09872e910bf1f8c8b-d52108fdc00404b36dcc278a9ec071b4c88370f7&lang=en&ds=yu012&pr=sa&d=2012-07-13 20:46:27&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms} IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\..\SearchScopes\{C967B21F-2359-4EF1-B6B2-315DE53A0C92}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481020 IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb174/?search={searchTerms}&loc=IB_DS&a=6OyNYrqQRx&i=26 IE - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012.09.13 08:26:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013.02.18 16:37:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.09.13 08:26:59 | 000,000,000 | ---D | M] [2012.09.13 08:27:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://search.babylon.com/?affID=116299&tt=4912_6&babsrc=HP_ss&mntrId=0a6561b5000000000000f2df9aeb1897 CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\***\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: Entanglement = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\ CHR - Extension: Awesome Screenshot: Capture & Annotate = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.4.4_0\ CHR - Extension: BetterAds = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cacclhdpfoingihegojhoipnihfnoaki\2.0_0\ CHR - Extension: avast! WebRep = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\ CHR - Extension: Rummikub = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\inkiliggodjonlfmnpchdgikolcbopif\1.0.0.5_0\ CHR - Extension: Adamski TV - Bundesliga Sky RTL Pro7 SAT1 Kabel1 RTL2 VOX Eurosport ORF SF DMAX SIXX RTLNITRO Tele5 COMEDY CENTRAL ARD ZDF VIVA Sport1 MTV und vieles mehr als TV Live Stream kostenlos Online im Internet schauen. = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcbbpkifemakjcbhebopefcadbakolpi\2012.10.16.41513_0\ O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension64.dll () O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Ashampoo DE Toolbar) - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll () O2 - BHO: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found. O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Ashampoo DE Toolbar) - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\..\Toolbar\WebBrowser: (Ashampoo DE Toolbar) - {5786D022-540E-4699-B350-B4BE0AE94B79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) O3:64bit: - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001\..\Toolbar\WebBrowser: (Ashampoo DE Toolbar) - {5786D022-540E-4699-B350-B4BE0AE94B79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe (Lenovo(beijing) Limited) O4:64bit: - HKLM..\Run: [EPSON Stylus DX4200 Series] C:\windows\SysNative\spool\DRIVERS\x64\3\E_FATIAEE.EXE (SEIKO EPSON CORPORATION) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo) O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.) O4 - HKLM..\Run: [DBAgent] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Seagate Technology LLC) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [SAFE2012 File Redirection Starter] C:\Program Files (x86)\Steganos Safe 2012\fredirstarter.exe (Steganos Software GmbH) O4 - HKLM..\Run: [SAFE2012 HotKeys] C:\Program Files (x86)\Steganos Safe 2012\SteganosHotKeyService.exe (Steganos Software GmbH) O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo) O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKLM..\Run: [vspdfprsrv.exe] C:\Program Files (x86)\Avanquest\PDF Experte 8 Ultimate\vspdfprsrv.exe (Visagesoft) O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink) O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe (CyberLink Corp.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000..\Run: [Power2GoExpress] NA File not found O4 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000..\Run: [rfxsrvtray] C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software) O4 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000..\Run: [Speech Recognition] C:\windows\Speech\Common\sapisvr.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000..\Run: [Spotify Web Helper] C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe () O4 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics) O4 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) O4 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001..\Run: [rfxsrvtray] C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software) O4 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001..\Run: [Speech Recognition] C:\windows\Speech\Common\sapisvr.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001..\Run: [Spotify Web Helper] C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001..\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Seagate Technology LLC) O4 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe () O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000..\RunOnce: [Uninstall C:\Users\***\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\***\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910" File not found O4 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000..\RunOnce: [Uninstall C:\Users\***\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\***\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" File not found O4 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001..\RunOnce: [Uninstall C:\Users\***\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\***\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910" File not found O4 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1001..\RunOnce: [Uninstall C:\Users\***\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\***\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" File not found O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\S-1-5-21-2716849686-3386843465-3838247639-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39) O16 - DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 1.7.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 10.17.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02649A44-0C8B-49D8-9210-8469DFF287D1}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll () O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.03.12 22:21:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.03.12 22:21:07 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2013.03.12 22:21:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.03.12 16:10:07 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\TuneUp Software [2013.03.12 16:09:16 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2013.03.12 16:08:42 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2013.03.07 17:38:48 | 000,310,688 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\javaws.exe [2013.03.07 17:38:39 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\javaw.exe [2013.03.07 17:38:39 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\java.exe [2013.03.07 17:38:39 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\WindowsAccessBridge-64.dll [2013.03.07 07:17:30 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe [2013.03.07 07:17:20 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll [2013.03.06 20:30:44 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Familie [2013.03.05 07:09:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\MigWiz [2013.03.04 23:41:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2013.03.04 23:27:08 | 000,000,000 | ---D | C] -- C:\Users\***\My Online Documents [2013.03.04 22:10:49 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Nero [2013.03.04 22:08:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard 2.0 [2013.03.04 22:08:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero [2013.03.04 22:08:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2013.03.04 22:08:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seagate [2013.03.04 22:02:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Seagate [2013.03.04 22:02:43 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Seagate [2013.03.04 12:33:49 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Handy [2013.03.04 12:33:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump [2013.03.04 10:01:15 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\SelfMV [2013.03.04 08:43:34 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log [2013.03.04 08:43:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Samsung [2013.03.04 08:43:30 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Samsung [2013.03.04 08:43:25 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\samsung [2013.03.04 08:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec [2013.03.04 08:41:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyFree Codec [2013.03.04 08:40:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [2013.03.04 08:39:57 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\windows\SysWow64\Redemption.dll [2013.03.04 08:39:53 | 000,000,000 | ---D | C] -- C:\FFOutput [2013.03.04 08:39:49 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\windows\SysWow64\dgderapi.dll [2013.03.04 08:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung [2013.03.04 08:39:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung [2013.03.04 08:38:32 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory [2013.03.04 08:37:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime [2013.03.04 08:30:34 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Downloaded Installations [2013.02.28 09:29:25 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\File Scout [2013.02.28 09:12:53 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msmpeg2vdec.dll [2013.02.28 09:12:52 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msmpeg2vdec.dll [2013.02.28 09:12:52 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIAnimation.dll [2013.02.28 09:12:52 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIAnimation.dll [2013.02.28 09:12:48 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll [2013.02.28 09:12:47 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll [2013.02.28 09:12:32 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.02.28 09:12:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.02.28 09:12:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.02.28 09:12:31 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll [2013.02.28 09:12:31 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.02.28 09:12:31 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.02.28 09:12:31 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.02.28 09:12:31 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.02.28 09:12:31 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.02.28 09:12:29 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll [2013.02.28 09:12:29 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll [2013.02.28 09:12:27 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll [2013.02.28 09:12:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013.02.28 09:12:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013.02.28 09:12:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013.02.28 09:12:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013.02.28 09:12:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.02.28 09:12:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.02.28 09:12:26 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll [2013.02.28 09:12:26 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.02.28 09:12:26 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.02.28 09:12:26 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.02.28 09:12:26 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.02.28 09:12:25 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll [2013.02.28 09:12:25 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10core.dll [2013.02.28 09:12:24 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll [2013.02.28 09:12:24 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll [2013.02.28 09:12:24 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll [2013.02.28 09:12:23 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10.dll [2013.02.28 09:12:23 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll [2013.02.28 09:12:21 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll [2013.02.28 09:12:19 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll [2013.02.28 09:12:19 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecsExt.dll [2013.02.28 09:12:17 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll [2013.02.28 09:12:17 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll [2013.02.25 11:15:32 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Drucker [2013.02.24 19:13:20 | 000,000,000 | ---D | C] -- C:\Sicherung [2013.02.24 17:04:03 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\HpUpdate [2013.02.24 17:03:52 | 000,778,088 | ---- | C] (Hewlett-Packard Co.) -- C:\windows\SysNative\HPDiscoPM5912.dll [2013.02.24 17:03:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [2013.02.24 17:03:15 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2013.02.24 17:03:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP [2013.02.24 17:01:48 | 000,000,000 | ---D | C] -- C:\Program Files\HP [2013.02.24 16:58:47 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\HP [2013.02.19 20:37:33 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes [2013.02.19 20:36:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.02.18 22:57:23 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\RTCOM [2013.02.18 22:56:38 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RTSnMg64.cpl [2013.02.18 22:56:36 | 002,358,888 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtPgEx64.dll [2013.02.18 22:56:35 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtlCPAPI64.dll [2013.02.18 22:56:27 | 002,839,656 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtkAPO64.dll [2013.02.18 22:56:26 | 000,638,056 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtkApi64.dll [2013.02.18 22:56:26 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEEP64A.dll [2013.02.18 22:56:26 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEEL64A.dll [2013.02.18 22:56:25 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEED64A.dll [2013.02.18 22:56:25 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEEG64A.dll [2013.02.18 22:56:23 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RTCOM64.dll [2013.02.18 22:56:23 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RP3DHT64.dll [2013.02.18 22:56:22 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RP3DAA64.dll [2013.02.18 22:56:21 | 000,083,560 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RCoInst64.dll [2013.02.18 22:55:27 | 001,943,616 | ---- | C] (Fortemedia Corporation) -- C:\windows\SysNative\FMAPO64.dll [2013.02.18 22:55:04 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\SysNative\AERTAR64.dll [2013.02.18 22:55:03 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\SysNative\AERTAC64.dll [2013.02.18 21:38:39 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2013.02.18 21:38:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.02.18 21:38:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.02.18 21:32:16 | 000,000,000 | ---D | C] -- C:\windows\de [2013.02.18 21:22:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid [2013.02.18 21:22:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid [2013.02.18 21:21:06 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fssfltr.sys [2013.02.18 21:21:06 | 000,000,000 | ---D | C] -- C:\windows\SysNative\DRVSTORE [2013.02.18 21:20:56 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2013.02.18 21:18:55 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_7.dll [2013.02.18 21:18:55 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_7.dll [2013.02.18 21:18:55 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_5.dll [2013.02.18 21:18:55 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_5.dll [2013.02.18 21:18:50 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_43.dll [2013.02.18 21:18:50 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_43.dll [2013.02.18 21:18:48 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx11_43.dll [2013.02.18 21:18:48 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx11_43.dll [2013.02.18 21:15:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive [2013.02.18 21:15:28 | 000,000,000 | R--D | C] -- C:\Users\***\SkyDrive [2013.02.18 21:15:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive [2013.02.15 20:43:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++ [2013.02.15 20:43:27 | 000,000,000 | ---D | C] -- C:\Dev-Cpp [2013.02.15 15:30:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.02.15 15:30:19 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe [2013.02.15 15:30:19 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\java.exe [2013.02.14 18:18:19 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Eclipse [2013.02.14 17:56:37 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Dev-Cpp [2013.02.14 10:35:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco [2013.02.14 08:05:17 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll [2013.02.14 08:05:16 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll [2013.02.14 08:05:14 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll [2013.02.14 08:05:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll [2013.02.14 08:05:13 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe [2013.02.14 08:05:13 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe [2013.02.14 08:05:12 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll [2013.02.14 08:05:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll [2013.02.14 08:05:10 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl [2013.02.14 08:05:08 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl [2013.02.14 08:05:07 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2013.02.14 08:05:06 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll [2013.02.14 08:05:01 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2013.02.14 08:05:01 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll [2013.02.14 08:05:00 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2013.02.13 14:32:51 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe [2013.02.13 14:32:50 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe [2013.02.13 14:32:49 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe [2013.02.13 14:32:42 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll [2013.02.13 14:32:41 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe [2013.02.13 14:32:41 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll [2013.02.13 14:32:41 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe [2013.02.13 14:32:40 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll [2013.02.13 14:32:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe [2013.02.13 14:32:30 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS ========== Files - Modified Within 30 Days ========== [2013.03.12 22:49:07 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2013.03.12 22:26:02 | 000,001,124 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013.03.12 22:22:55 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.03.12 21:26:00 | 000,001,120 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013.03.12 21:21:31 | 000,007,605 | ---- | M] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg [2013.03.12 20:42:30 | 000,000,572 | ---- | M] () -- C:\windows\tasks\MATLAB R2012b Startup Accelerator.job [2013.03.12 20:42:22 | 000,000,464 | ---- | M] () -- C:\windows\tasks\PCCT - MAGIX AG.job [2013.03.12 20:39:26 | 000,021,072 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.03.12 20:39:26 | 000,021,072 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.03.12 20:36:34 | 001,498,742 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2013.03.12 20:36:34 | 000,654,400 | ---- | M] () -- C:\windows\SysNative\perfh007.dat [2013.03.12 20:36:34 | 000,616,242 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2013.03.12 20:36:34 | 000,130,240 | ---- | M] () -- C:\windows\SysNative\perfc007.dat [2013.03.12 20:36:34 | 000,106,622 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2013.03.12 20:32:58 | 000,489,721 | ---- | M] () -- C:\windows\SysNative\fastboot.set [2013.03.12 20:28:58 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2013.03.12 20:28:56 | 3153,727,488 | -HS- | M] () -- C:\hiberfil.sys [2013.03.12 20:28:16 | 000,003,544 | ---- | M] () -- C:\bootsqm.dat [2013.03.11 13:14:42 | 000,904,176 | ---- | M] () -- C:\Users\***\Documents\Scan0002.jpg [2013.03.11 08:00:37 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt [2013.03.07 17:38:34 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\WindowsAccessBridge-64.dll [2013.03.07 17:38:30 | 000,310,688 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\javaws.exe [2013.03.07 17:38:29 | 001,085,344 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\npDeployJava1.dll [2013.03.07 17:38:29 | 000,963,488 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\deployJava1.dll [2013.03.07 17:38:29 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\javaw.exe [2013.03.07 17:38:29 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\java.exe [2013.03.07 07:17:16 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll [2013.03.07 07:17:14 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe [2013.03.07 07:17:14 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe [2013.03.07 07:17:13 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\java.exe [2013.03.07 07:17:12 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\npdeployJava1.dll [2013.03.07 07:17:12 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\deployJava1.dll [2013.03.07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys [2013.03.07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys [2013.03.07 00:33:21 | 000,178,624 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys [2013.03.07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys [2013.03.07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys [2013.03.07 00:33:21 | 000,065,336 | ---- | M] () -- C:\windows\SysNative\drivers\aswRvrt.sys [2013.03.07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys [2013.03.07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys [2013.03.07 00:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr [2013.03.07 00:32:22 | 000,287,840 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe [2013.03.06 20:30:14 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Internetbrowser.lnk [2013.03.04 22:08:55 | 000,002,747 | ---- | M] () -- C:\Users\Public\Desktop\Seagate Dashboard 2.0.lnk [2013.03.01 16:47:43 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe [2013.03.01 16:47:43 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl [2013.02.28 13:24:24 | 001,895,652 | ---- | M] () -- C:\Users\***\Documents\Scan0004.pdf [2013.02.28 13:21:45 | 000,478,530 | ---- | M] () -- C:\Users\***\Documents\Scan0003.pdf [2013.02.25 11:54:57 | 007,791,333 | ---- | M] () -- C:\Users\***\Documents\Scan0002.pdf [2013.02.24 18:36:59 | 000,000,034 | -H-- | M] () -- C:\Users\***\Documents\.picasa.ini [2013.02.24 18:36:45 | 000,289,938 | ---- | M] () -- C:\Users\***\Documents\Scan0001.jpg [2013.02.24 18:35:43 | 000,278,518 | ---- | M] () -- C:\Users\***\Documents\Scan0001.pdf [2013.02.24 17:01:38 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini [2013.02.19 17:45:42 | 003,325,720 | ---- | M] (Tobit.Software) -- C:\windows\RXSUnins.exe [2013.02.19 17:45:42 | 003,325,720 | ---- | M] (Tobit.Software) -- C:\windows\RXCUnins.exe [2013.02.18 22:45:21 | 002,358,888 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtPgEx64.dll [2013.02.18 22:45:21 | 001,146,984 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RTSnMg64.cpl [2013.02.18 22:45:21 | 000,332,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtlCPAPI64.dll [2013.02.18 22:45:18 | 002,839,656 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtkAPO64.dll [2013.02.18 22:45:18 | 000,638,056 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtkApi64.dll [2013.02.18 22:45:18 | 000,375,128 | ---- | M] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEEP64A.dll [2013.02.18 22:45:18 | 000,101,208 | ---- | M] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEEL64A.dll [2013.02.18 22:45:18 | 000,078,680 | ---- | M] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEEG64A.dll [2013.02.18 22:45:17 | 001,247,848 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RTCOM64.dll [2013.02.18 22:45:17 | 000,310,104 | ---- | M] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RP3DHT64.dll [2013.02.18 22:45:17 | 000,310,104 | ---- | M] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RP3DAA64.dll [2013.02.18 22:45:17 | 000,204,120 | ---- | M] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEED64A.dll [2013.02.18 22:45:17 | 000,083,560 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RCoInst64.dll [2013.02.18 22:45:07 | 001,943,616 | ---- | M] (Fortemedia Corporation) -- C:\windows\SysNative\FMAPO64.dll [2013.02.18 22:45:01 | 000,200,800 | ---- | M] (Andrea Electronics Corporation) -- C:\windows\SysNative\AERTAC64.dll [2013.02.18 22:45:01 | 000,108,960 | ---- | M] (Andrea Electronics Corporation) -- C:\windows\SysNative\AERTAR64.dll [2013.02.18 22:44:36 | 000,000,520 | ---- | M] () -- C:\windows\SysNative\drivers\SamSfPa.dat [2013.02.18 22:44:35 | 001,284,712 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\RtlExUpd.dll [2013.02.18 16:37:00 | 000,039,768 | ---- | M] (AVG Technologies) -- C:\windows\SysNative\drivers\avgtpx64.sys [2013.02.14 08:24:17 | 000,529,768 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2013.03.12 22:21:11 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.03.12 21:21:31 | 000,007,605 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg [2013.03.12 20:28:16 | 000,003,544 | ---- | C] () -- C:\bootsqm.dat [2013.03.11 13:14:42 | 000,904,176 | ---- | C] () -- C:\Users\***\Documents\Scan0002.jpg [2013.03.04 22:08:55 | 000,002,747 | ---- | C] () -- C:\Users\Public\Desktop\Seagate Dashboard 2.0.lnk [2013.03.04 08:17:56 | 000,178,624 | ---- | C] () -- C:\windows\SysNative\drivers\aswVmm.sys [2013.03.04 08:17:56 | 000,065,336 | ---- | C] () -- C:\windows\SysNative\drivers\aswRvrt.sys [2013.02.28 13:24:23 | 001,895,652 | ---- | C] () -- C:\Users\***\Documents\Scan0004.pdf [2013.02.28 13:21:45 | 000,478,530 | ---- | C] () -- C:\Users\***\Documents\Scan0003.pdf [2013.02.28 09:28:47 | 000,000,884 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2013.02.25 11:54:54 | 007,791,333 | ---- | C] () -- C:\Users\***\Documents\Scan0002.pdf [2013.02.24 18:36:58 | 000,000,034 | -H-- | C] () -- C:\Users\***\Documents\.picasa.ini [2013.02.24 18:36:45 | 000,289,938 | ---- | C] () -- C:\Users\***\Documents\Scan0001.jpg [2013.02.24 18:35:43 | 000,278,518 | ---- | C] () -- C:\Users\***\Documents\Scan0001.pdf [2013.02.24 17:04:13 | 000,000,972 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk [2013.02.24 17:01:38 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2013.02.18 22:57:03 | 000,000,520 | ---- | C] () -- C:\windows\SysNative\drivers\SamSfPa.dat [2013.02.18 21:29:40 | 000,001,305 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk [2013.02.18 21:27:54 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk [2013.02.18 21:22:53 | 000,255,488 | ---- | C] () -- C:\windows\SysNative\xvidvfw.dll [2013.02.18 21:22:52 | 000,696,832 | ---- | C] () -- C:\windows\SysNative\xvidcore.dll [2013.02.18 21:22:52 | 000,173,568 | ---- | C] () -- C:\windows\SysNative\xvid.ax [2013.02.18 21:15:27 | 000,002,219 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk [2013.02.05 17:52:54 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe [2013.02.05 17:52:50 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll [2013.02.05 17:52:50 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll [2013.02.05 17:52:50 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll [2013.02.05 17:52:50 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll [2012.12.28 21:20:21 | 000,079,360 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll [2012.12.15 19:57:57 | 000,001,446 | ---- | C] () -- C:\Users\***\gsview64.ini [2012.12.15 18:59:32 | 000,000,037 | ---- | C] () -- C:\windows\wininit.ini [2012.12.14 02:42:30 | 000,963,452 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng600.bin [2012.12.14 02:42:30 | 000,064,512 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll [2012.12.14 02:42:28 | 000,272,928 | ---- | C] () -- C:\windows\SysWow64\igvpkrng600.bin [2012.12.07 23:37:37 | 000,645,632 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll [2012.12.07 23:37:36 | 000,240,640 | ---- | C] () -- C:\windows\SysWow64\xvidvfw.dll [2012.12.07 19:58:22 | 002,681,344 | ---- | C] () -- C:\windows\SysWow64\dvmsg.dll [2012.12.07 19:09:16 | 000,000,075 | RHS- | C] () -- C:\windows\CT6STET.BIN [2012.12.05 21:31:21 | 000,065,536 | -H-- | C] () -- C:\windows\SysWow64\WebCamLib.dll [2012.11.17 11:30:40 | 000,000,584 | ---- | C] () -- C:\Users\***\.xmaximarc [2012.06.24 10:14:31 | 000,000,706 | ---- | C] () -- C:\Users\***\*** - Verknüpfung.lnk [2011.12.29 19:51:00 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Local\{0BF4CD84-858C-491D-9ECA-A948F30B5DEA} [2011.12.23 19:04:31 | 000,204,857 | ---- | C] () -- C:\windows\SysWow64\InstallHelp.dll [2011.12.23 19:04:30 | 000,111,308 | ---- | C] () -- C:\windows\SysWow64\GMTUninstall.exe [2011.12.17 19:09:34 | 000,110,080 | ---- | C] () -- C:\windows\SysWow64\advd.dll [2011.12.17 19:09:34 | 000,023,040 | ---- | C] () -- C:\windows\SysWow64\auth.dll [2011.12.17 19:09:30 | 000,237,568 | ---- | C] () -- C:\windows\SysWow64\lame_enc.dll [2011.09.28 17:32:05 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe [2011.08.21 16:15:38 | 000,300,328 | ---- | C] () -- C:\windows\it50.dll [2011.08.21 16:15:38 | 000,218,408 | ---- | C] () -- C:\windows\Image.dll [2011.08.21 16:15:38 | 000,202,024 | ---- | C] () -- C:\windows\HardDisk.dll [2011.08.21 16:15:38 | 000,010,068 | ---- | C] () -- C:\windows\GT.EXE [2011.08.21 16:15:38 | 000,003,443 | ---- | C] () -- C:\windows\UTILITYDRV.SYS [2011.08.21 16:15:37 | 000,259,368 | ---- | C] () -- C:\windows\FastBR.dll [2011.08.21 16:15:37 | 000,259,368 | ---- | C] () -- C:\windows\CopyFile.dll [2011.08.21 16:15:37 | 000,177,448 | ---- | C] () -- C:\windows\disk.dll [2011.08.21 16:15:37 | 000,110,592 | ---- | C] () -- C:\windows\BootseqwWmi.exe [2011.08.21 16:15:37 | 000,081,920 | ---- | C] () -- C:\windows\Bootseqw32.exe [2011.08.21 16:15:37 | 000,049,152 | ---- | C] () -- C:\windows\CHGBOOTW.EXE [2011.08.21 16:15:37 | 000,008,704 | ---- | C] () -- C:\windows\Access32.sys [2011.08.21 07:24:34 | 002,086,240 | ---- | C] () -- C:\windows\SysWow64\LenovoVeriface.Interface.dll [2011.08.21 07:24:34 | 001,500,512 | ---- | C] () -- C:\windows\SysWow64\Apblend.dll [2011.08.21 07:24:34 | 001,171,456 | ---- | C] () -- C:\windows\SysWow64\PicNotify.dll [2011.08.21 07:24:34 | 000,466,944 | ---- | C] () -- C:\windows\SysWow64\Lenovo.VerifaceStub.dll [2011.08.21 07:24:29 | 001,044,480 | ---- | C] () -- C:\windows\SysWow64\3DImageRenderer.dll [2011.04.14 04:01:25 | 000,963,116 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin [2011.04.14 04:01:22 | 000,216,876 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin [2011.04.14 04:01:19 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin [2011.04.14 03:51:06 | 000,066,856 | ---- | C] () -- C:\windows\SysWow64\SynTPEnhPS.dll [2008.07.21 07:58:28 | 096,183,503 | ---- | C] () -- C:\Program Files (x86)\VeriFaceIII.20090312.exe ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.12.04 08:42:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.kde [2012.12.05 21:31:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Apowersoft [2012.12.07 19:38:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ashampoo [2012.12.07 19:54:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ashampoo Slideshow Studio 2012 [2012.12.08 15:01:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Babylon [2011.10.01 11:23:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Big Fish Games [2012.12.01 15:12:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Brain Workshop [2012.12.07 22:38:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Broken Sword 2.5 [2012.12.01 06:59:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Canneverbe Limited [2011.12.17 19:10:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\concept design [2013.02.27 23:09:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Dev-Cpp [2013.03.12 20:34:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Dropbox [2013.02.22 21:05:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft [2013.02.18 21:33:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers [2012.10.27 12:38:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DynaGeo [2013.02.07 16:01:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Expert PDF 8 [2013.02.28 09:29:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\File Scout [2012.12.01 15:28:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gbrainy [2012.12.04 08:28:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\KDE [2011.09.27 16:28:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Lenovo [2012.12.08 06:45:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAGIX [2012.12.07 23:15:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org [2012.12.19 19:51:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PDF Experte 8 [2012.12.29 16:11:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PerformerSoft [2012.01.27 20:47:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\pokerth [2013.03.04 08:43:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Samsung [2013.03.04 22:02:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Seagate [2012.01.27 19:54:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\searchquband [2012.01.27 19:54:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\searchqutoolbar [2012.12.01 11:51:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\smc [2013.03.02 14:20:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Spotify [2013.03.12 20:39:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Steganos [2012.12.27 14:44:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Subversion [2012.12.07 19:58:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Tobit [2013.03.12 16:10:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software [2012.10.04 19:09:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Unity [2012.12.01 13:43:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Warsow 0.5 [2012.12.15 20:05:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\xm1 [2012.07.13 19:35:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\yWorks ========== Alternate Data Streams ========== @Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:861A898F @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:C90E8309 < End of report > Ich möchte mich bereits im Voraus bei allen bedanken, die sich die Mühe machen meine Nachricht durchzulesen und vor allem bei denjenigen, die mir dann auch helfen!!! lg cypernrose |
| Themen zu Probleme mit Skype, Dev-C ++ und Internet, z.B. friert der Bildschirm während der Benutzung von Skype ein |
| antivirus, application/pdf:, aswrvrt.sys, avg secure search, avg security toolbar, bho, bildschirm, browser, c:\windows\system32\cmd.exe, cid, desktop, dev-c ++, error, expert pdf, fehlermeldung, festplatte, firefox, flash player, google, home, homepage, internet, lenovo, logfile, malware, maus, nvpciflt.sys, plug-in, realtek, registry, scan, secure search, security, server, skype, software, spotify web helper, verschiebt, vtoolbarupdater, windows |
Baum-Darstellung