Iminent, Hilfe zur Deinstalation

LisiBisi · 15.07.2013, 08:47

Hallo,
ich habe auf meinem Pc das Programm Iminent entdeckt. Jetzt hab ich mich versucht zu informieren wie ich es wieder loswerde. Dabei bin ich auf dieses Forum gestoßen und hoffe, dass ihr mir auch helfen könnt. Vorab hab ich versucht alle geforderten Scans durchzuführen.
Also hier die Ihnhalte:

ORL:OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 15.07.2013 08:53:32 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hartmut\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,48 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 52,43% Memory free
6,95 Gb Paging File | 5,19 Gb Available in Paging File | 74,66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 441,12 Gb Total Space | 349,54 Gb Free Space | 79,24% Space Free | Partition Type: NTFS
Drive D: | 20,48 Gb Total Space | 2,19 Gb Free Space | 10,69% Space Free | Partition Type: NTFS
Drive E: | 3,96 Gb Total Space | 1,08 Gb Free Space | 27,28% Space Free | Partition Type: FAT32
 
Computer Name: LISAS-COMPUTER | User Name: Hartmut | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.07.15 08:44:27 | 000,050,477 | ---- | M] () -- C:\Users\Hartmut\Desktop\Defogger.exe
PRC - [2013.07.15 07:46:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hartmut\Desktop\OTL.exe
PRC - [2013.07.11 12:59:12 | 002,859,048 | ---- | M] (Iminent) -- C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.02.05 17:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2012.09.06 11:32:12 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012.06.16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
PRC - [2012.03.05 13:38:38 | 000,578,944 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012.03.05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011.10.08 04:10:48 | 000,169,528 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011.09.28 16:42:14 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011.08.19 14:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010.04.23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010.04.23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010.04.23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010.04.23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010.04.23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010.03.25 21:45:36 | 000,031,144 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2009.09.11 12:33:54 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2009.05.21 19:58:14 | 000,413,496 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.07.15 08:44:27 | 000,050,477 | ---- | M] () -- C:\Users\Hartmut\Desktop\Defogger.exe
MOD - [2013.07.12 07:12:41 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011.09.29 04:12:18 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.09.28 07:19:38 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2013.07.11 12:59:12 | 002,859,048 | ---- | M] (Iminent) [Auto | Running] -- C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe -- (SProtection)
SRV - [2013.06.28 10:41:11 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.06.12 18:23:43 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.02.05 17:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012.09.27 12:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2012.09.06 11:32:12 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe -- (NIS)
SRV - [2012.03.05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011.06.29 03:12:08 | 002,413,056 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011.05.27 21:06:16 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010.10.11 02:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.03.25 21:45:36 | 000,031,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.09.11 12:33:54 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.07.10 05:31:10 | 000,157,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.09.19 11:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012.09.19 11:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012.07.06 04:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012.07.06 04:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012.06.07 06:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012.05.22 03:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012.04.18 04:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symnets.sys -- (SymNetS)
DRV:64bit: - [2012.04.18 03:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012.03.29 20:10:51 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.10.15 07:37:02 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.10.15 07:37:02 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.09.29 04:52:48 | 010,210,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.09.29 03:34:54 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.08.18 14:44:46 | 000,053,376 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011.07.25 20:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symds64.sys -- (SymDS)
DRV:64bit: - [2011.07.19 02:11:10 | 001,145,448 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2011.06.17 13:08:26 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011.06.17 13:08:24 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011.06.10 04:19:54 | 001,451,056 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.05.31 02:03:34 | 000,338,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011.05.27 21:06:16 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011.05.13 03:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.05.13 03:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011.05.13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011.05.13 03:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011.05.13 03:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011.03.31 00:46:46 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.01.27 07:35:26 | 000,425,064 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.07.28 10:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.11.02 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.29 18:00:50 | 000,132,608 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2009.06.29 18:00:50 | 000,116,096 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbfake.sys -- (hwusbfake)
DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.09 13:38:24 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2007.05.14 17:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2013.05.31 18:58:18 | 001,393,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130702.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013.05.24 09:52:51 | 002,098,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130714.004\ex64.sys -- (NAVEX15)
DRV - [2013.05.24 09:52:50 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130714.004\eng64.sys -- (NAVENG)
DRV - [2013.04.12 16:00:10 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130712.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012.08.18 00:24:50 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012.08.18 00:24:50 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006.07.24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{C87395B5-70D9-4E25-AB1F-FF23936613EF}: "URL" = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=982872690&q={searchTerms}
IE - HKLM\..\SearchScopes\{1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{C87395B5-70D9-4E25-AB1F-FF23936613EF}: "URL" = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=BCAC20107A060231&affID=119357&tsp=4943
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=BCAC20107A060231&affID=119357&tsp=4943
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=BCAC20107A060231&affID=119357&tsp=4943
IE - HKCU\..\SearchScopes\{1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\..\SearchScopes\{2A51D2F3-7C49-4A17-A57F-2CBC6405BFA1}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=76EA5DD6-B5CB-48F5-A78A-1F2874CC83D4&apn_sauid=A82A0227-953D-4CD1-94B6-491CE3CEC99C
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKCU\..\SearchScopes\{C87395B5-70D9-4E25-AB1F-FF23936613EF}: "URL" = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..extensions.enabledAddons: %7B78e516ef-11de-47a1-8364-a99b917ec5ee%7D:10.16.4.519
FF - prefs.js..extensions.enabledAddons: webbooster%40iminent.com:6.27.3.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012.02.26 12:00:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2013.07.15 07:38:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.08.27 21:57:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files (x86)\Iminent\webbooster@iminent.com [2013.03.10 15:30:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.08.27 21:57:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.07.19 16:42:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hartmut\AppData\Roaming\mozilla\Extensions
[2013.07.14 13:10:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hartmut\AppData\Roaming\mozilla\Firefox\Profiles\ymtb1hss.default\extensions
[2013.06.28 10:35:03 | 000,000,000 | ---D | M] (FileConverter 1.3) -- C:\Users\Hartmut\AppData\Roaming\mozilla\Firefox\Profiles\ymtb1hss.default\extensions\{78e516ef-11de-47a1-8364-a99b917ec5ee}
[2013.07.14 12:56:20 | 000,671,953 | ---- | M] () (No name found) -- C:\Users\Hartmut\AppData\Roaming\mozilla\firefox\profiles\ymtb1hss.default\extensions\webbooster@iminent.com.xpi
[2012.12.10 20:29:40 | 000,002,333 | ---- | M] () -- C:\Users\Hartmut\AppData\Roaming\mozilla\firefox\profiles\ymtb1hss.default\searchplugins\askcom.xml
[2013.07.14 12:56:54 | 000,006,507 | ---- | M] () -- C:\Users\Hartmut\AppData\Roaming\mozilla\firefox\profiles\ymtb1hss.default\searchplugins\babylon.xml
[2013.03.10 15:31:25 | 000,001,609 | ---- | M] () -- C:\Users\Hartmut\AppData\Roaming\mozilla\firefox\profiles\ymtb1hss.default\searchplugins\ChatZumSearch.xml
[2013.07.14 12:58:16 | 000,001,294 | ---- | M] () -- C:\Users\Hartmut\AppData\Roaming\mozilla\firefox\profiles\ymtb1hss.default\searchplugins\delta.xml
[2012.12.23 03:53:53 | 000,009,631 | ---- | M] () -- C:\Users\Hartmut\AppData\Roaming\mozilla\firefox\profiles\ymtb1hss.default\searchplugins\my-web-search.xml
[2013.07.14 12:59:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\Extensions
[2013.06.28 10:41:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.06.28 10:41:11 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.09.07 23:39:33 | 000,002,360 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Programme\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe (Iminent)
O4 - HKLM..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (Iminent)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8B934D77-66FE-493C-A551-5786872E8C07}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{905E8825-2AD0-47AE-9FD9-737EAD86652D}: DhcpNameServer = 139.7.30.126 139.7.30.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{97037393-CBFA-4406-A885-4F1406687924}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9c59d10c-faa1-11e1-9c18-ec9a745376c3}\Shell - "" = AutoRun
O33 - MountPoints2\{9c59d10c-faa1-11e1-9c18-ec9a745376c3}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{9c59d11d-faa1-11e1-9c18-ec9a745376c3}\Shell - "" = AutoRun
O33 - MountPoints2\{9c59d11d-faa1-11e1-9c18-ec9a745376c3}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{d655124d-edbf-11e1-aae1-ec9a745376c3}\Shell - "" = AutoRun
O33 - MountPoints2\{d655124d-edbf-11e1-aae1-ec9a745376c3}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{d65512de-edbf-11e1-aae1-ec9a745376c3}\Shell - "" = AutoRun
O33 - MountPoints2\{d65512de-edbf-11e1-aae1-ec9a745376c3}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.07.15 07:46:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Hartmut\Desktop\OTL.exe
[2013.07.14 13:03:12 | 000,000,000 | ---D | C] -- C:\Users\Hartmut\Qtrax
[2013.07.14 12:59:36 | 000,000,000 | ---D | C] -- C:\Users\Hartmut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
[2013.07.14 12:59:15 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserDefender
[2013.07.14 12:55:47 | 000,000,000 | ---D | C] -- C:\Users\Hartmut\AppData\Roaming\DSite
[2013.07.11 09:41:56 | 000,000,000 | ---D | C] -- C:\Users\Hartmut\Documents\Kontoauszüge
[2013.07.08 13:33:15 | 000,000,000 | ---D | C] -- C:\Users\Hartmut\Desktop\ebook_neu
[2013.07.08 13:31:08 | 000,000,000 | ---D | C] -- C:\Users\Hartmut\Desktop\ebook
[2013.07.07 10:27:33 | 000,000,000 | ---D | C] -- C:\Users\Hartmut\Desktop\Speicherstick
[2013.06.28 10:41:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[1 C:\Users\Hartmut\Desktop\*.tmp files -> C:\Users\Hartmut\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.07.15 08:45:39 | 000,000,000 | ---- | M] () -- C:\Users\Hartmut\defogger_reenable
[2013.07.15 08:44:27 | 000,050,477 | ---- | M] () -- C:\Users\Hartmut\Desktop\Defogger.exe
[2013.07.15 08:22:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.15 08:13:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.15 07:47:08 | 000,031,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.15 07:47:08 | 000,031,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.15 07:46:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hartmut\Desktop\OTL.exe
[2013.07.15 07:36:24 | 2800,803,840 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.14 12:57:49 | 000,508,781 | ---- | M] () -- C:\Users\Hartmut\Documents\uebertragen_postfach_emailadresse.pdf
[2013.07.14 12:55:47 | 000,000,294 | ---- | M] () -- C:\Windows\tasks\DSite.job
[2013.07.14 12:54:21 | 000,793,536 | ---- | M] () -- C:\Users\Hartmut\Desktop\ZipOpenerSetup.exe
[2013.07.12 07:05:52 | 000,417,720 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.12 06:43:35 | 001,829,634 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.12 06:43:35 | 000,766,590 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.07.12 06:43:35 | 000,721,262 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.12 06:43:35 | 000,174,284 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.07.12 06:43:35 | 000,147,064 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.10 14:56:09 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHartmut.job
[2013.07.03 10:06:33 | 001,785,536 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.06.21 18:33:13 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.06.21 18:33:12 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[1 C:\Users\Hartmut\Desktop\*.tmp files -> C:\Users\Hartmut\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.07.15 08:45:39 | 000,000,000 | ---- | C] () -- C:\Users\Hartmut\defogger_reenable
[2013.07.15 08:44:26 | 000,050,477 | ---- | C] () -- C:\Users\Hartmut\Desktop\Defogger.exe
[2013.07.14 12:57:49 | 000,508,781 | ---- | C] () -- C:\Users\Hartmut\Documents\uebertragen_postfach_emailadresse.pdf
[2013.07.14 12:55:47 | 000,000,294 | ---- | C] () -- C:\Windows\tasks\DSite.job
[2013.07.14 12:54:12 | 000,793,536 | ---- | C] () -- C:\Users\Hartmut\Desktop\ZipOpenerSetup.exe
[2013.06.21 18:33:13 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.06.21 18:33:12 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.03.10 14:57:24 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2013.03.10 14:52:03 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2012.08.27 21:44:00 | 000,181,714 | ---- | C] () -- C:\Windows\hpoins44.dat
[2011.12.17 01:50:20 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.12.17 01:47:55 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2011.12.17 01:43:41 | 001,785,536 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.17 01:33:25 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.10.14 22:23:20 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2011.09.28 07:49:36 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.09.06 13:34:28 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2009.06.16 13:25:02 | 000,121,512 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.09.07 23:39:18 | 000,000,000 | ---D | M] -- C:\Users\Hartmut\AppData\Roaming\Babylon
[2013.07.14 13:11:31 | 000,000,000 | ---D | M] -- C:\Users\Hartmut\AppData\Roaming\Dropbox
[2013.07.14 12:55:47 | 000,000,000 | ---D | M] -- C:\Users\Hartmut\AppData\Roaming\DSite
[2013.03.10 15:31:08 | 000,000,000 | ---D | M] -- C:\Users\Hartmut\AppData\Roaming\Iminent
[2013.03.10 15:48:05 | 000,000,000 | ---D | M] -- C:\Users\Hartmut\AppData\Roaming\Samsung
[2012.02.24 15:10:57 | 000,000,000 | ---D | M] -- C:\Users\Hartmut\AppData\Roaming\Synaptics
[2012.09.01 09:51:08 | 000,000,000 | ---D | M] -- C:\Users\Hartmut\AppData\Roaming\Vodafone
[2012.08.17 13:51:49 | 000,000,000 | ---D | M] -- C:\Users\Hartmut\AppData\Roaming\WildTangent
[2012.06.21 21:54:16 | 000,000,000 | ---D | M] -- C:\Users\Hartmut\AppData\Roaming\Windows Live Writer
[2012.02.24 16:03:29 | 000,000,000 | ---D | M] -- C:\Users\Hartmut\AppData\Roaming\_MDLogs
 
========== Purity Check ==========
 
 
 
< End of report >

--- --- ---

EXTRAS:OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 15.07.2013 07:52:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hartmut\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,48 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 61,98% Memory free
6,95 Gb Paging File | 5,36 Gb Available in Paging File | 77,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 441,12 Gb Total Space | 349,54 Gb Free Space | 79,24% Space Free | Partition Type: NTFS
Drive D: | 20,48 Gb Total Space | 2,19 Gb Free Space | 10,69% Space Free | Partition Type: NTFS
Drive E: | 3,96 Gb Total Space | 1,08 Gb Free Space | 27,28% Space Free | Partition Type: FAT32
 
Computer Name: LISAS-COMPUTER | User Name: Hartmut | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{069530E0-621A-45EB-97C3-F44AFCD2E472}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{18D39195-B565-4E17-9E35-89C4A4FAF747}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{206B8EF7-6736-4364-9B3E-A46A66DD9F45}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{27046AB0-1DA6-4714-9D29-50D6E2B8DD65}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{2A778A0A-BA42-46B9-B14F-108FD67C52DE}" = lport=138 | protocol=17 | dir=in | app=system | 
"{43C4DEB5-E10F-428A-BA52-49AE0860D76B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{50CA8323-A57A-4C64-A5FD-249FDE4C7962}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{55E3C138-1CD3-4532-90B3-BDAF3E99E7DE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5AAEC088-EB77-4FCB-9772-BC3F0C93E8C4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{60A4B0D8-A77B-450F-9D75-237BD6F18D2A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{645F6FF0-234F-4165-848C-558DB3F08829}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{6C9044F1-16B8-4E87-8642-69A9D127987C}" = lport=137 | protocol=17 | dir=in | app=system | 
"{7622DE6B-1CDD-421D-A108-7C8A26CFB6AC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{7AC9EB06-39BC-4EA3-9890-0AC06EE7977D}" = rport=138 | protocol=17 | dir=out | app=system | 
"{7DCE524C-2990-4F0C-8B18-660517C4E426}" = rport=445 | protocol=6 | dir=out | app=system | 
"{7F5F7CCF-3C49-4504-8393-3A79E7D2B8FC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{86AEC8AB-7526-4A23-8B4B-8EA56D5E4A8F}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{90B8EA33-8AC2-45E0-95FA-C5E5BB4EF7A4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9D2E3275-9A55-408D-B6F0-8344B7B816D9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AB818474-BDEA-4AAE-93BA-8EAAE08705FD}" = rport=139 | protocol=6 | dir=out | app=system | 
"{AC743DF3-D393-42AD-994A-84ECA84FF934}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{B57001BC-16C1-483D-9D77-F217F41DC818}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{BCC64B9E-57DA-4C84-97D3-E8C958E32250}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{BF6ABCC7-AFB6-4882-8663-1F8C0BE07FC9}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{C13A1F4C-A14C-444A-B715-74712547DA81}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C710EB8B-C83D-40BF-8168-AF8D6FE631EA}" = rport=137 | protocol=17 | dir=out | app=system | 
"{DC2A5785-0513-49B0-A2ED-C69747D77C59}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{DEBE2AD3-A4F1-4BF8-A050-5415F1510077}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
"{E129D27B-9E09-42FF-B9A4-18FFB8CD8C6C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{E263096D-111C-406B-9A74-3CEBF2986F6F}" = lport=445 | protocol=6 | dir=in | app=system | 
"{E43E5774-7372-45F6-9174-5D8EFEEB8010}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{EAE192CA-4575-489E-AB91-6A97283B0D14}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{F53EBA59-E7E8-445F-A155-DD241766DF7F}" = lport=139 | protocol=6 | dir=in | app=system | 
"{FB07897F-0477-4326-B4D1-84D920AD1007}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{FB371717-212F-4652-8076-423EDAB4050C}" = lport=10243 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E7D05D-90C4-4338-9E20-1569D6FC505E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{0231269E-27DD-47E4-B332-1B4399B75B7C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{0D306BCC-80DC-4FC7-85A3-95BAF4C23CAB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{0E1C5163-9E77-46FD-B5D2-0337AD184925}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{17814D93-4463-4D25-B6C9-CB6D0BC3E449}" = dir=in | app=c:\windows\system32\ezsharedsvchost.exe | 
"{18619B07-8DA0-41BA-B6DF-15C929C0A9AA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{192238EB-15A7-40EA-854F-F7B5A1DB4461}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1AB52687-65DD-4AA3-8C54-367D05A796B8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{2823288C-E6F8-49BC-A3A9-5656E31CB8E4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{29E76809-90BD-45F9-9125-0307682FE7FE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{2D642E3C-49EC-4D17-9734-4A8090701D82}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{36C578CE-6AF8-49E2-9BE2-7BFF6400E39A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{3DA88943-BF7B-4467-B277-301B22B2EB9C}" = dir=in | app=c:\program files (x86)\iminent\iminent.exe | 
"{4CC88E51-F19D-472D-8980-917E9240054B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{5A32CF53-AF16-4A64-A898-3BB3E268A90C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe | 
"{5B933F0C-98BE-4BF0-8693-9A2E7536E489}" = protocol=6 | dir=out | app=system | 
"{5EAF3293-9945-461F-9F04-B435551AEE5C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{621C2173-AD3C-4922-B7BC-A20411CAD281}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{63D81B32-753A-467D-967A-0A5E8885419F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{69A6CCC0-68A1-4FE0-A8DB-7ECDAFA0F1C2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{78E292EB-388C-4563-AB66-1930759D77F7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{7A0B0803-1D72-4249-A48A-E247C25FB569}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{7A482F83-F1B4-4FED-B402-8B473084C45E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{7A9401C5-2E0D-420D-A2A7-FE95B8930636}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{8308DB06-7537-4582-A97C-2B36C62873BA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{8E71820C-A129-48B0-AE81-3780F2FA66A4}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{954C5395-C618-4E09-BE5F-3C6B9D7E344A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{9D480A8D-8F7B-4217-8820-5498EFC2CF3C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{9D7CB32A-5D07-4F6F-8399-6E2C1D81F993}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A225A52F-3CB1-4A93-A064-0D764B472A17}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{A34ED264-4C4D-4FC0-94C3-AFCE83BE5FEA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{B92DD671-7396-42C8-BED9-0F9A92C2C453}" = dir=in | app=c:\program files (x86)\easybits for kids\ezdesktop.exe | 
"{C0D927C9-026B-454C-98F4-43A2BBB508FD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{C4A21A52-1C20-4A43-A030-FCD5AF6ADC16}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{CBF9FDF2-646C-4BE6-BD09-36DEC53D9F98}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{D608FC5D-944A-4408-928A-E5E6F0E705E7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{D65DC60D-EE0D-4D4D-9181-EB5E5F6FC0D3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D6CD3C36-BF42-4835-B2F6-6E962291D1A7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{D7F8DB88-0182-4323-B5D6-C883966DE2C3}" = dir=in | app=c:\program files (x86)\iminent\iminent.messengers.exe | 
"{DEEDE9BC-EABB-4242-9249-2B2EF20D8513}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{E483D074-6068-43EC-8133-2DC35C98B1C1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"{EEB4EE8B-0916-4CFE-B643-3ABAFA9FBF23}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F5787A2A-0035-46D2-8C9C-EF7247C5A99C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F5837E98-ECAC-421A-8046-17412049A08E}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{F5C96FCC-7BB1-43DE-85F8-849C718CCEDA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{F68FDAB1-A388-4364-9A58-5FB55075BB6C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{F751F44E-53A9-4C7C-8841-112953595959}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX320_series" = Canon MX320 series MP Drivers
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{28D06854-572C-4A65-83E5-F8CAF26B9FDC}" = Microsoft SQL Server VSS Writer
"{2FD3DC87-EC8D-78D2-1D3A-F4D6E7531BAF}" = AMD Fuel
"{45726347-6D97-4613-9F89-A9635ACBD34D}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{562608FE-2051-4488-BF22-8CE4C03046AC}" = HP Security Assistant
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6ECDAC2F-12C1-E49B-448E-6002368967E0}" = AMD Steady Video Plug-In 
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8325FD0C-2FDB-46C3-921A-3A78385EA972}" = Microsoft SQL Server 2008 Native Client
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ACD449FA-9DF3-779D-DA68-11D486963225}" = AMD Catalyst Install Manager
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}" = HP Launch Box
"{BF92729B-1505-55D8-DAD4-4727CDB02FF6}" = ccc-utility64
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0535D679-6FFB-2CAB-F7FF-7B05D6D6CAB5}" = CCC Help Chinese Standard
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{118D6CE9-5F18-42F9-958A-14676A629FDE}" = Iminent
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserDefender
"{16F1B95A-F813-7600-EFA5-A97CB11222BC}" = CCC Help French
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{17A5CB1F-712A-41D2-FBBB-4A881EBA9B17}" = CCC Help Polish
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20DBF540-DF10-0A5C-7443-F139A84CC1F5}" = CCC Help Dutch
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{21CC6030-B1EA-3E53-DF36-38054A1596B4}" = CCC Help Turkish
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 25
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29819186-C15B-D50E-AB2E-8C24E2619273}" = CCC Help Portuguese
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{314F8264-25FB-C833-1017-3A0E0846112C}" = CCC Help Hungarian
"{3167966F-9811-30EF-6093-B7B95E2F19B7}" = Catalyst Control Center Graphics Previews Common
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{346DAD45-38D4-B63C-C372-1E2BC136DE69}" = CCC Help Finnish
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}" = opensource
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A83B36C-17B9-4832-445A-7A9DF377BB12}" = CCC Help Swedish
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53B17A98-5BF0-40BC-AAFF-850A357975AC}" = HP Quick Launch
"{568502E8-5167-11DE-A65F-B57B56D89593}" = Microsoft® Office Language Pack 2010 – Deutsch (Business Contact Manager für Microsoft Outlook 2010)
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58A2F6F8-6009-CC35-2A83-DB5F922003DE}" = CCC Help Czech
"{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services
"{5E21F3A1-9E84-DC22-1C62-0DB056EC7344}" = CCC Help Japanese
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}" = AMD System Monitor
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{742D41A9-B3BF-3A65-806E-F8372FB3E492}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5 Language Pack - deu
"{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}" = Vodafone Mobile Connect Lite
"{81C9D048-B677-3CDD-7E20-3AF8DBFC4A0A}" = Catalyst Control Center Localization All
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{870163D1-4D3A-198C-5414-889F1F4347AE}" = CCC Help Korean
"{877B3198-1C6B-4A9A-8D28-BE4F6040987F}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup 
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PRJPROR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PRJPROR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJPROR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PRJPROR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PRJPROR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PRJPROR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PRJPROR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2010
"{90140000-00B4-0407-0000-0000000FF1CE}_Office14.PRJPROR_{86D01646-1942-4253-B11F-68F5ED259B17}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{8A8F117F-8EDB-440D-B679-F08909D729F7}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93335AAC-9F8B-54DF-7DB5-2C98D0DC2111}" = CCC Help Chinese Traditional
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-0081-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9600B88C-BE14-4BEA-A529-F5F312900BA3}" = Samsung PC Studio 3
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD0AAA4D-9A81-8B10-EB28-3C1372987DE7}" = CCC Help Italian
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B4F17D6A-12A3-5403-6050-32A5B4A31F31}" = Catalyst Control Center InstallProxy
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}" = HP QuickWeb
"{BC6CB499-9F29-4B41-8B8B-FA7248525256}" = HP Documentation
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C55C2A19-BAD2-287A-1D7A-9D5FF5FD526E}" = AMD VISION Engine Control Center
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}" = HP Software Framework
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D46914D5-CA39-1A40-3CEC-9368E9C28568}" = CCC Help Greek
"{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}" = HP Power Manager
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = HP Recovery Manager
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEA477E5-F916-973D-E1AB-3CDC735FDB58}" = CCC Help Norwegian
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4B48349-A165-4097-8D78-AC950BD8638E}" = Business Contact Manager for Microsoft Outlook 2010
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E96CAA2A-0244-4A2A-8403-0C3C9534778B}" = ESU for Microsoft Windows 7 SP1
"{EA0E4DD2-7CD7-9583-0BE6-AFF3DF09E3E4}" = CCC Help Thai
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0A76517-2D1D-8DE3-F3B7-121B6A1990E8}" = CCC Help English
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F30403FF-0146-4633-AAC5-D5CD5C50AE70}" = Catalyst Control Center - Branding
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F35C5FE9-57EC-9936-5738-D7EB3EA73B28}" = CCC Help Spanish
"{F4708461-A1E0-0657-1FC6-FACFEEA55CBE}" = CCC Help Russian
"{F4EB5AE1-0065-0752-FF11-1E45ABCD443A}" = CCC Help Danish
"{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}" = HP Setup
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FC2150C5-A1AF-6238-9632-E5BB8739C0BC}" = CCC Help German
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Business Contact Manager" = Business Contact Manager für Microsoft Outlook 2010
"EasyBits Magic Desktop" = Magic Desktop
"IMBoosterARP" = Iminent
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NIS" = Norton Internet Security
"Office14.PRJPROR" = Microsoft Project Professional 2010
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Video Downloader" = Video Downloader
"VLC media player" = VLC media player 2.0.3
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WTA-03ea59ed-d1f7-487a-ad67-ca4e5cefde34" = Jewel Quest Solitaire 2
"WTA-054c99d8-267a-47f8-ad19-9355ed305c6d" = Cradle of Rome 2
"WTA-1053453e-3de3-477f-86f7-1fc48a185bd7" = Final Drive Fury
"WTA-191d3e53-2bb8-43d2-a954-1ac603067231" = Jewel Quest II
"WTA-223bf5e8-82a4-4660-af59-77a628abe1da" = Polar Bowler
"WTA-26b51dfa-2327-4d40-9be2-8b9434fa0e18" = Torchlight
"WTA-28a8f46f-df81-4021-97f9-6698ec5082de" = Plants vs. Zombies - Game of the Year
"WTA-33230af3-e18b-42ae-961b-eae5342395fc" = Fishdom (TM) 2
"WTA-38383acd-722f-46de-8124-d7345a25538f" = Zuma's Revenge
"WTA-45102130-68f2-4407-ab82-a19960917da4" = Virtual Families
"WTA-4a03492b-9020-4848-9527-f3563b8b7d62" = Mahjongg Artifacts
"WTA-56fc6c91-4165-4f7f-b49f-671a9e05d8d8" = Mystery of Mortlake Mansion
"WTA-57023b95-bf50-4cdf-8432-bd4d17d12552" = Insaniquarium Deluxe
"WTA-57954522-658d-450a-ab79-5a0c31abb374" = FATE
"WTA-59631dde-bdbe-41af-8730-3dd6a36ad6a6" = Virtual Villagers 4 - The Tree of Life
"WTA-67203543-c742-4316-b4f3-530105f6b2d2" = Farmscapes
"WTA-8a1f7a80-e8fd-4a37-9240-a71213dbf8e4" = Bejeweled 3
"WTA-92f7342c-367d-4894-90ff-e616050496bd" = Ranch Rush 2 - Premium Edition
"WTA-b6ded335-d79a-4d9b-8ae2-5be58f8cb4a8" = Wedding Dash
"WTA-b74f609e-e265-4f25-b67b-d617e4116b70" = Cake Mania
"WTA-bf4fb92e-e400-457f-a07f-978e67e3a3e6" = Farm Frenzy
"WTA-ccc39dba-9374-4d7b-985f-db5ee844430c" = Jewel Match 3
"WTA-efc54a8c-fe71-4a88-b861-74c41261decc" = Chuzzle Deluxe
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Zip Opener Packages 49" = Zip Opener Packages 49
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 24.05.2013 04:00:09 | Computer Name = Lisas-Computer | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 24.05.2013 04:00:52 | Computer Name = Lisas-Computer | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.05.2013 04:02:24 | Computer Name = Lisas-Computer | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 25.05.2013 04:59:44 | Computer Name = Lisas-Computer | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 25.05.2013 04:59:56 | Computer Name = Lisas-Computer | Source = WinMgmt | ID = 10
Description = 
 
Error - 25.05.2013 05:00:29 | Computer Name = Lisas-Computer | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 25.05.2013 18:08:10 | Computer Name = Lisas-Computer | Source = VMCService | ID = 0
Description = GetProcessOwner
 
Error - 26.05.2013 04:01:43 | Computer Name = Lisas-Computer | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 26.05.2013 04:01:55 | Computer Name = Lisas-Computer | Source = WinMgmt | ID = 10
Description = 
 
Error - 26.05.2013 12:59:50 | Computer Name = Lisas-Computer | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Hartmut\Downloads\SoftonicDownloader_fuer_samsung-pc-studio.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 01.06.2013 04:05:32 | Computer Name = Lisas-Computer | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
[ Hewlett-Packard Events ]
Error - 27.08.2012 15:29:06 | Computer Name = Hartmut-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
de-DE RAM: 3561 Ram Utilization: 50 TargetSite: Void UpdateAndDetect() 
 
Error - 24.09.2012 12:47:37 | Computer Name = Hartmut-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
de-DE RAM: 3561 Ram Utilization: 40 TargetSite: Void UpdateAndDetect() 
 
Error - 02.10.2012 02:10:47 | Computer Name = Hartmut-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
de-DE RAM: 3561 Ram Utilization: 50 TargetSite: Void UpdateAndDetect() 
 
Error - 08.10.2012 18:38:12 | Computer Name = Hartmut-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
de-DE RAM: 3561 Ram Utilization: 40 TargetSite: Void UpdateAndDetect() 
 
Error - 31.10.2012 07:52:32 | Computer Name = Hartmut-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
de-DE RAM: 3561 Ram Utilization: 50 TargetSite: Void UpdateAndDetect() 
 
Error - 05.11.2012 14:26:33 | Computer Name = Lisas-Computer | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
de-DE RAM: 3561 Ram Utilization: 40 TargetSite: Void UpdateAndDetect() 
 
Error - 12.11.2012 03:23:20 | Computer Name = Lisas-Computer | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 12.11.2012 03:23:47 | Computer Name = Lisas-Computer | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
de-DE RAM: 3561 Ram Utilization: 50 TargetSite: Void UpdateAndDetect() 
 
Error - 19.11.2012 12:10:01 | Computer Name = Lisas-Computer | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 19.11.2012 12:19:19 | Computer Name = Lisas-Computer | Source = HPSF.exe | ID = 4000
Description = 
 
[ HP Software Framework Events ]
Error - 24.09.2012 12:48:08 | Computer Name = Hartmut-HP | Source = CaslWmi | ID = 5
Description = 2012.09.24 18:48:08.009|000012F0|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 02.10.2012 02:11:07 | Computer Name = Hartmut-HP | Source = CaslWmi | ID = 5
Description = 2012.10.02 08:11:07.665|00000E30|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 08.10.2012 18:38:39 | Computer Name = Hartmut-HP | Source = CaslWmi | ID = 5
Description = 2012.10.09 00:38:39.851|00001650|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 31.10.2012 07:52:26 | Computer Name = Hartmut-HP | Source = CaslWmi | ID = 5
Description = 2012.10.31 12:52:26.016|00000A84|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 31.10.2012 07:52:46 | Computer Name = Hartmut-HP | Source = CaslWmi | ID = 5
Description = 2012.10.31 12:52:46.883|00000DFC|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 31.10.2012 07:52:54 | Computer Name = Hartmut-HP | Source = CaslWmi | ID = 5
Description = 2012.10.31 12:52:54.479|000016D0|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 31.10.2012 07:53:02 | Computer Name = Hartmut-HP | Source = CaslWmi | ID = 5
Description = 2012.10.31 12:53:02.434|000007C8|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 05.11.2012 14:26:58 | Computer Name = Lisas-Computer | Source = CaslWmi | ID = 5
Description = 2012.11.05 19:26:58.983|00000F08|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 12.11.2012 03:23:59 | Computer Name = Lisas-Computer | Source = CaslWmi | ID = 5
Description = 2012.11.12 08:23:59.396|000007F0|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 19.11.2012 12:22:53 | Computer Name = Lisas-Computer | Source = CaslWmi | ID = 5
Description = 2012.11.19 17:22:53.971|000013CC|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
[ System Events ]
Error - 03.05.2013 07:04:00 | Computer Name = Lisas-Computer | Source = bowser | ID = 8003
Description = 
 
Error - 06.05.2013 07:34:49 | Computer Name = Lisas-Computer | Source = bowser | ID = 8003
Description = 
 
Error - 06.05.2013 09:10:57 | Computer Name = Lisas-Computer | Source = bowser | ID = 8003
Description = 
 
Error - 06.05.2013 11:11:08 | Computer Name = Lisas-Computer | Source = bowser | ID = 8003
Description = 
 
Error - 11.05.2013 15:32:29 | Computer Name = Lisas-Computer | Source = bowser | ID = 8003
Description = 
 
Error - 12.05.2013 03:33:44 | Computer Name = Lisas-Computer | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
 
Error - 12.05.2013 03:34:05 | Computer Name = Lisas-Computer | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
 
Error - 12.05.2013 07:30:44 | Computer Name = Lisas-Computer | Source = bowser | ID = 8003
Description = 
 
Error - 13.05.2013 06:31:48 | Computer Name = Lisas-Computer | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
 
Error - 13.05.2013 06:32:08 | Computer Name = Lisas-Computer | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
 
 
< End of report >

--- --- ---

Gmer:
GMER Logfile:

Code:

ATTFilter

GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-07-15 09:18:20
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000070 SAMSUNG_ rev.2AR1 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Hartmut\AppData\Local\Temp\kwldqkog.sys
 
 
---- Kernel code sections - GMER 2.1 ----
 
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 560 fffff80002fb2000 63 bytes [00, 00, 21, 00, 41, 4C, 50, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 626 fffff80002fb2042 4 bytes [00, 00, 00, 00]
 
---- User code sections - GMER 2.1 ----
 
.text C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe[2468] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075d11465 2 bytes [D1, 75]
.text C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe[2468] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075d114bb 2 bytes [D1, 75]
.text ... * 2
.text C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075d11465 2 bytes [D1, 75]
.text C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075d114bb 2 bytes [D1, 75]
.text ... * 2
.text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4212] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075d11465 2 bytes [D1, 75]
.text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4212] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075d114bb 2 bytes [D1, 75]
.text ... * 2
.text C:\Users\Hartmut\Desktop\Defogger.exe[2972] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075d11465 2 bytes [D1, 75]
.text C:\Users\Hartmut\Desktop\Defogger.exe[2972] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075d114bb 2 bytes [D1, 75]
.text ... * 2
 
---- Devices - GMER 2.1 ----
 
Device \Driver\IDSVia64 \Device\SymIDSCo fffff88009990060
 
---- Threads - GMER 2.1 ----
 
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4380:5048] 000007fefbfc2a7c
 
---- EOF - GMER 2.1 ----

--- --- ---

So ich hoffe ich habe alles richtig gemacht und ihr könnt mir helfen.

Danke schon mal und liebe Grüße,

LisiBisi

schrauber · 15.07.2013, 09:05

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

LisiBisi · 15.07.2013, 16:39

Hallo,
danke für die schnelle Hilfe. Hab das alles runtergeladen und gescannt.
Hier die Inhalte der Logs.

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by Hartmut (administrator) on 15-07-2013 17:34:20
Running from C:\Users\Hartmut\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Iminent) C:\Program Files (x86)\Iminent\Iminent.exe
(Iminent) C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(Microsoft Corporation) C:\Windows\sysWow64\SearchProtocolHost.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-10] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [SetDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-21] (Microsoft Corporation)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: G - G:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {9c59d10c-faa1-11e1-9c18-ec9a745376c3} - G:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {9c59d11d-faa1-11e1-9c18-ec9a745376c3} - G:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {d655124d-edbf-11e1-aae1-ec9a745376c3} - G:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {d65512de-edbf-11e1-aae1-ec9a745376c3} - H:\setup_vmc_lite.exe /checkApplicationPresence
HKLM-x32\...\Run: [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [343168 2011-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPQuickWebProxy] - "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [169528 2011-10-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-09-15] (EasyBits Software AS)
HKLM-x32\...\Run: [MobileConnect] - %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent [2403840 2009-09-11] (Vodafone)
HKLM-x32\...\Run: [BCSSync] - "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Iminent] - C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C" [1074736 2013-01-25] (Iminent)
HKLM-x32\...\Run: [IminentMessenger] - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784 2013-01-25] (Iminent)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=BCAC20107A060231&affID=119357&tsp=4943
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {C87395B5-70D9-4E25-AB1F-FF23936613EF} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
HKLM-x32 SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=982872690&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=982872690&q={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {C87395B5-70D9-4E25-AB1F-FF23936613EF} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
HKCU SearchScopes: DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=BCAC20107A060231&affID=119357&tsp=4943
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=BCAC20107A060231&affID=119357&tsp=4943
SearchScopes: HKCU - {2A51D2F3-7C49-4A17-A57F-2CBC6405BFA1} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=76EA5DD6-B5CB-48F5-A78A-1F2874CC83D4&apn_sauid=A82A0227-953D-4CD1-94B6-491CE3CEC99C
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {C87395B5-70D9-4E25-AB1F-FF23936613EF} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL [52920 2011-10-14] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default
FF user.js: detected! => C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\searchplugins\ChatZumSearch.xml
FF SearchPlugin: C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\searchplugins\my-web-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF Extension: FileConverter 1.3  - C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\Extensions\{78e516ef-11de-47a1-8364-a99b917ec5ee}
FF Extension: webbooster - C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\Extensions\webbooster@iminent.com.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [webbooster@iminent.com] C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF Extension: No Name - C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-28] (Advanced Micro Devices, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S3 MSSQL$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2859048 2013-07-11] (Iminent)
S4 SQLAgent$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)
R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-11] (Vodafone)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-18] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-18] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-18] (Symantec Corporation)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130712.001\IDSvia64.sys [513184 2013-04-12] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130712.001\IDSvia64.sys [513184 2013-04-12] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130714.020\ENG64.SYS [126040 2013-05-24] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130714.020\ENG64.SYS [126040 2013-05-24] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130714.020\EX64.SYS [2098776 2013-05-24] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130714.020\EX64.SYS [2098776 2013-05-24] (Symantec Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-03-29] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
S1 StarOpen; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-15 17:33 - 2013-07-15 17:33 - 00000000 ____D C:\FRST
2013-07-15 17:30 - 2013-07-15 17:32 - 01777839 _____ (Farbar) C:\Users\Hartmut\Desktop\FRST64.exe
2013-07-15 09:18 - 2013-07-15 09:18 - 00003279 _____ C:\Users\Hartmut\Desktop\Gmer.txt
2013-07-15 09:18 - 2013-07-15 09:18 - 00000248 _____ C:\Users\Hartmut\Desktop\defogger_enable.log
2013-07-15 09:02 - 2013-07-15 09:02 - 00377856 _____ C:\Users\Hartmut\Desktop\gmer_2.1.19163.exe
2013-07-15 08:45 - 2013-07-15 08:45 - 00000476 _____ C:\Users\Hartmut\Desktop\defogger_disable.log
2013-07-15 08:44 - 2013-07-15 08:44 - 00050477 _____ C:\Users\Hartmut\Desktop\Defogger.exe
2013-07-15 08:03 - 2013-07-15 08:03 - 00106886 _____ C:\Users\Hartmut\Desktop\Extras.Txt
2013-07-15 08:01 - 2013-07-15 09:00 - 00103778 _____ C:\Users\Hartmut\Desktop\OTL.Txt
2013-07-15 07:46 - 2013-07-15 07:46 - 00602112 _____ (OldTimer Tools) C:\Users\Hartmut\Desktop\OTL.exe
2013-07-14 13:03 - 2013-07-14 13:03 - 00000000 ____D C:\Users\Hartmut\Qtrax
2013-07-14 12:59 - 2013-07-14 12:59 - 00003818 _____ C:\Windows\System32\Tasks\QtraxPlayer
2013-07-14 12:59 - 2013-07-14 12:59 - 00000000 ____D C:\Users\Hartmut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-07-14 12:59 - 2013-07-14 12:59 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-14 12:55 - 2013-07-14 12:55 - 00003250 _____ C:\Windows\System32\Tasks\DSite
2013-07-14 12:55 - 2013-07-14 12:55 - 00000294 _____ C:\Windows\Tasks\DSite.job
2013-07-14 12:55 - 2013-07-14 12:55 - 00000000 ____D C:\Users\Hartmut\AppData\Roaming\DSite
2013-07-14 12:54 - 2013-07-14 12:54 - 00793536 _____ C:\Users\Hartmut\Desktop\ZipOpenerSetup.exe
2013-07-12 06:35 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-12 06:35 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-12 06:35 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-12 06:35 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-12 06:35 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-12 06:35 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-12 06:35 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-12 06:35 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-12 06:35 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-12 06:35 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-12 06:35 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-12 06:35 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-12 06:35 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-12 06:35 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 06:35 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 06:35 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-12 06:35 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-12 06:35 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-12 06:35 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-12 06:35 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-12 06:35 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-11 09:56 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 09:56 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 09:56 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 09:56 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 09:51 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 09:50 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 09:50 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 09:41 - 2013-07-11 09:51 - 00000000 ____D C:\Users\Hartmut\Documents\Kontoauszüge
2013-07-08 13:33 - 2013-07-08 13:43 - 00000000 ____D C:\Users\Hartmut\Desktop\ebook_neu
2013-07-08 13:31 - 2013-07-08 13:33 - 00000000 ____D C:\Users\Hartmut\Desktop\ebook
2013-07-07 10:27 - 2013-07-07 17:23 - 00000000 ____D C:\Users\Hartmut\Desktop\Speicherstick
2013-06-28 10:41 - 2013-07-14 12:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-22 22:51 - 2013-04-17 09:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-22 22:51 - 2013-04-17 08:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-06-21 18:33 - 2013-06-21 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-21 18:33 - 2013-06-21 18:33 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-21 18:33 - 2013-06-21 18:33 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-06-21 18:33 - 2013-06-21 18:33 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-06-21 18:33 - 2013-06-21 18:33 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-21 18:33 - 2013-06-21 18:33 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-06-21 18:33 - 2013-06-21 18:33 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-21 18:33 - 2013-06-21 18:33 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-21 18:25 - 2013-06-21 18:25 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-21 18:22 - 2013-06-21 18:39 - 00010360 _____ C:\Windows\IE10_main.log
2013-06-21 10:31 - 2013-06-21 10:31 - 00004944 _____ C:\Windows\SysWOW64\jupdate-1.7.0_25-b16.log
2013-06-21 10:31 - 2013-06-12 21:47 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-21 10:31 - 2013-06-12 21:43 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-21 10:31 - 2013-06-12 21:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-21 10:31 - 2013-06-12 21:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

==================== One Month Modified Files and Folders =======

2013-07-15 17:33 - 2013-07-15 17:33 - 00000000 ____D C:\FRST
2013-07-15 17:32 - 2013-07-15 17:30 - 01777839 _____ (Farbar) C:\Users\Hartmut\Desktop\FRST64.exe
2013-07-15 17:25 - 2012-09-26 16:38 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-15 09:29 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-15 09:29 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-15 09:25 - 2011-12-17 01:37 - 01701186 _____ C:\Windows\WindowsUpdate.log
2013-07-15 09:20 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-15 09:20 - 2009-07-14 06:51 - 00084969 _____ C:\Windows\setupact.log
2013-07-15 09:18 - 2013-07-15 09:18 - 00003279 _____ C:\Users\Hartmut\Desktop\Gmer.txt
2013-07-15 09:18 - 2013-07-15 09:18 - 00000248 _____ C:\Users\Hartmut\Desktop\defogger_enable.log
2013-07-15 09:18 - 2012-02-24 15:04 - 00000000 ____D C:\Users\Hartmut
2013-07-15 09:02 - 2013-07-15 09:02 - 00377856 _____ C:\Users\Hartmut\Desktop\gmer_2.1.19163.exe
2013-07-15 09:00 - 2013-07-15 08:01 - 00103778 _____ C:\Users\Hartmut\Desktop\OTL.Txt
2013-07-15 08:45 - 2013-07-15 08:45 - 00000476 _____ C:\Users\Hartmut\Desktop\defogger_disable.log
2013-07-15 08:44 - 2013-07-15 08:44 - 00050477 _____ C:\Users\Hartmut\Desktop\Defogger.exe
2013-07-15 08:25 - 2012-04-17 20:32 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-07-15 08:25 - 2012-03-11 13:40 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-07-15 08:03 - 2013-07-15 08:03 - 00106886 _____ C:\Users\Hartmut\Desktop\Extras.Txt
2013-07-15 07:46 - 2013-07-15 07:46 - 00602112 _____ (OldTimer Tools) C:\Users\Hartmut\Desktop\OTL.exe
2013-07-15 07:36 - 2013-03-10 15:31 - 00000000 ____D C:\Program Files (x86)\ChatZum Toolbar
2013-07-15 07:36 - 2010-11-21 05:47 - 00077586 _____ C:\Windows\PFRO.log
2013-07-14 13:13 - 2013-05-25 14:51 - 00000000 ____D C:\Program Files (x86)\Pixum
2013-07-14 13:11 - 2013-05-25 11:40 - 00000000 ____D C:\Users\Hartmut\AppData\Roaming\Dropbox
2013-07-14 13:11 - 2012-02-24 15:10 - 00000000 ___RD C:\Users\Hartmut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-14 13:08 - 2012-02-24 16:45 - 00000000 ____D C:\Users\Hartmut\AppData\Local\CrashDumps
2013-07-14 13:03 - 2013-07-14 13:03 - 00000000 ____D C:\Users\Hartmut\Qtrax
2013-07-14 12:59 - 2013-07-14 12:59 - 00003818 _____ C:\Windows\System32\Tasks\QtraxPlayer
2013-07-14 12:59 - 2013-07-14 12:59 - 00000000 ____D C:\Users\Hartmut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-07-14 12:59 - 2013-07-14 12:59 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-14 12:59 - 2013-06-28 10:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-14 12:55 - 2013-07-14 12:55 - 00003250 _____ C:\Windows\System32\Tasks\DSite
2013-07-14 12:55 - 2013-07-14 12:55 - 00000294 _____ C:\Windows\Tasks\DSite.job
2013-07-14 12:55 - 2013-07-14 12:55 - 00000000 ____D C:\Users\Hartmut\AppData\Roaming\DSite
2013-07-14 12:54 - 2013-07-14 12:54 - 00793536 _____ C:\Users\Hartmut\Desktop\ZipOpenerSetup.exe
2013-07-12 11:44 - 2013-05-25 11:43 - 00000000 ___RD C:\Users\Hartmut\Dropbox
2013-07-12 07:05 - 2009-07-14 06:45 - 00417720 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 07:04 - 2013-03-19 20:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 07:04 - 2013-03-19 20:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 07:03 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-12 07:03 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-12 06:47 - 2012-09-26 16:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-12 06:43 - 2011-10-15 07:15 - 00766590 _____ C:\Windows\system32\perfh007.dat
2013-07-12 06:43 - 2011-10-15 07:15 - 00174284 _____ C:\Windows\system32\perfc007.dat
2013-07-12 06:43 - 2009-07-14 07:13 - 01829634 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-12 06:36 - 2012-08-18 00:25 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-11 12:56 - 2011-12-17 01:55 - 00000000 ____D C:\ProgramData\Norton
2013-07-11 09:51 - 2013-07-11 09:41 - 00000000 ____D C:\Users\Hartmut\Documents\Kontoauszüge
2013-07-10 14:56 - 2012-11-20 19:46 - 00000340 _____ C:\Windows\Tasks\HPCeeScheduleForHartmut.job
2013-07-09 12:53 - 2012-11-20 19:46 - 00003198 _____ C:\Windows\System32\Tasks\HPCeeScheduleForHartmut
2013-07-09 08:28 - 2011-02-10 21:23 - 00000000 ____D C:\SWSetup
2013-07-08 13:43 - 2013-07-08 13:33 - 00000000 ____D C:\Users\Hartmut\Desktop\ebook_neu
2013-07-08 13:33 - 2013-07-08 13:31 - 00000000 ____D C:\Users\Hartmut\Desktop\ebook
2013-07-07 17:23 - 2013-07-07 10:27 - 00000000 ____D C:\Users\Hartmut\Desktop\Speicherstick
2013-07-06 02:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-07-03 10:06 - 2011-12-17 01:43 - 01785536 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-30 14:31 - 2012-07-19 16:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-27 18:57 - 2013-05-26 11:32 - 00000000 ____D C:\ProgramData\tmp
2013-06-25 07:52 - 2013-05-12 10:07 - 00000000 ____D C:\Users\Public\Downloads\Norton
2013-06-22 10:32 - 2012-02-24 15:10 - 00001409 _____ C:\Users\Hartmut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-06-22 10:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-06-22 10:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-06-22 10:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-06-22 10:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-06-22 10:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-21 18:39 - 2013-06-21 18:22 - 00010360 _____ C:\Windows\IE10_main.log
2013-06-21 18:33 - 2013-06-21 18:33 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-06-21 18:33 - 2013-06-21 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-21 18:33 - 2013-06-21 18:33 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-21 18:33 - 2013-06-21 18:33 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-06-21 18:33 - 2013-06-21 18:33 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-06-21 18:33 - 2013-06-21 18:33 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-21 18:33 - 2013-06-21 18:33 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-06-21 18:33 - 2013-06-21 18:33 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-21 18:33 - 2013-06-21 18:33 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-21 18:25 - 2013-06-21 18:25 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-21 10:31 - 2013-06-21 10:31 - 00004944 _____ C:\Windows\SysWOW64\jupdate-1.7.0_25-b16.log
2013-06-21 10:31 - 2012-11-13 21:15 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-20 15:40 - 2013-05-26 11:32 - 00000000 ____D C:\ProgramData\hps

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-05 15:36

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2013
Ran by Hartmut at 2013-07-15 17:35:07
Running from C:\Users\Hartmut\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe AIR (x32 Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.8.638)
AMD APP SDK Runtime (Version: 2.5.775.2)
AMD Catalyst Install Manager (Version: 3.0.847.0)
AMD Fuel (Version: 2011.0928.607.9079)
AMD Media Foundation Decoders (Version: 1.0.60928.0618)
AMD Steady Video Plug-In  (Version: 1.00.0000)
AMD System Monitor (x32 Version: 1.0.9)
AMD VISION Engine Control Center (x32 Version: 2011.0928.607.9079)
Bejeweled 3 (x32 Version: 2.2.0.98)
BrowserDefender (x32)
BufferChm (x32 Version: 130.0.331.000)
Business Contact Manager for Microsoft Outlook 2010 (x32 Version: 4.0.11308.0)
Business Contact Manager für Microsoft Outlook 2010 (x32 Version: 4.0.11308.0)
Cake Mania (x32 Version: 2.2.0.98)
Canon MX320 series MP Drivers
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0928.607.9079)
Catalyst Control Center InstallProxy (x32 Version: 2011.0928.607.9079)
Catalyst Control Center Localization All (x32 Version: 2011.0928.607.9079)
CCC Help Chinese Standard (x32 Version: 2011.0928.0606.9079)
CCC Help Chinese Traditional (x32 Version: 2011.0928.0606.9079)
CCC Help Czech (x32 Version: 2011.0928.0606.9079)
CCC Help Danish (x32 Version: 2011.0928.0606.9079)
CCC Help Dutch (x32 Version: 2011.0928.0606.9079)
CCC Help English (x32 Version: 2011.0928.0606.9079)
CCC Help Finnish (x32 Version: 2011.0928.0606.9079)
CCC Help French (x32 Version: 2011.0928.0606.9079)
CCC Help German (x32 Version: 2011.0928.0606.9079)
CCC Help Greek (x32 Version: 2011.0928.0606.9079)
CCC Help Hungarian (x32 Version: 2011.0928.0606.9079)
CCC Help Italian (x32 Version: 2011.0928.0606.9079)
CCC Help Japanese (x32 Version: 2011.0928.0606.9079)
CCC Help Korean (x32 Version: 2011.0928.0606.9079)
CCC Help Norwegian (x32 Version: 2011.0928.0606.9079)
CCC Help Polish (x32 Version: 2011.0928.0606.9079)
CCC Help Portuguese (x32 Version: 2011.0928.0606.9079)
CCC Help Russian (x32 Version: 2011.0928.0606.9079)
CCC Help Spanish (x32 Version: 2011.0928.0606.9079)
CCC Help Swedish (x32 Version: 2011.0928.0606.9079)
CCC Help Thai (x32 Version: 2011.0928.0606.9079)
CCC Help Turkish (x32 Version: 2011.0928.0606.9079)
ccc-utility64 (Version: 2011.0928.607.9079)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
Copy (x32 Version: 130.0.366.000)
Cradle of Rome 2 (x32 Version: 2.2.0.98)
CyberLink YouCam (x32 Version: 3.5.0.4528)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Destinations (x32 Version: 130.0.0.0)
DeviceDiscovery (x32 Version: 130.0.372.000)
DJ_AIO_06_F2400_SW_Min (x32 Version: 130.0.373.000)
ESU for Microsoft Windows 7 SP1 (x32 Version: 2.1.1)
F2400 (x32 Version: 130.0.373.000)
Farm Frenzy (x32 Version: 2.2.0.98)
Farmscapes (x32 Version: 2.2.0.98)
FATE (x32 Version: 2.2.0.97)
Final Drive Fury (x32 Version: 2.2.0.95)
Fishdom (TM) 2 (x32 Version: 2.2.0.98)
GPBaseService2 (x32 Version: 130.0.371.000)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 (Version: 13.0)
HP Documentation (x32 Version: 1.1.0.0)
HP Games (x32 Version: 1.0.2.5)
HP Launch Box (Version: 1.0.12)
HP On Screen Display (x32 Version: 1.3.5)
HP Power Manager (x32 Version: 1.4.7)
HP Print Projects 1.0 (Version: 1.0)
HP Quick Launch (x32 Version: 2.7.2)
HP QuickWeb (x32 Version: 3.1.1.10197)
HP Recovery Manager (x32 Version: 2.0.0)
HP Security Assistant (Version: 1.0.12)
HP Setup (x32 Version: 9.0.15076.3891)
HP Setup Manager (x32 Version: 1.2.14901.3869)
HP Smart Web Printing 4.5 (Version: 4.5)
HP Software Framework (x32 Version: 4.6.10.1)
HP Solution Center 13.0 (Version: 13.0)
HP Support Assistant (x32 Version: 7.0.39.15)
HP Update (x32 Version: 5.003.001.001)
HPPhotoGadget (x32 Version: 130.0.282.000)
hpPrintProjects (x32 Version: 130.0.303.000)
HPProductAssistant (x32 Version: 130.0.371.000)
hpWLPGInstaller (x32 Version: 130.0.303.000)
IDT Audio (x32 Version: 1.0.6341.0)
Imaging Device Functions 13.0 (Version: 13.0)
Iminent (x32 Version: 6.4.56.0)
Insaniquarium Deluxe (x32 Version: 2.2.0.97)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Jewel Match 3 (x32 Version: 2.2.0.98)
Jewel Quest II (x32 Version: 2.2.0.97)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Magic Desktop (x32 Version: 3.0)
Mahjongg Artifacts (x32 Version: 2.2.0.95)
MarketResearch (x32 Version: 130.0.374.000)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (x32 Version: 3.5.30730.0)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 Language Pack - deu (x32 Version: 3.5.0.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (x32 Version: 14.0.6123.5001)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Project MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Project Professional 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Project 2010 Service Pack 1 (SP1) (x32)
Microsoft Project Professional 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server 2008 (x32)
Microsoft SQL Server 2008 Browser (x32 Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.1.2531.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.1.2531.0)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Microsoft® Office Language Pack 2010 – Deutsch (Business Contact Manager für Microsoft Outlook 2010) (x32 Version: 4.0.11308.0)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98)
Norton Internet Security (x32 Version: 19.9.1.14)
opensource (x32 Version: 1.0.14960.3876)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
Polar Bowler (x32 Version: 2.2.0.97)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98)
Realtek Ethernet Controller Driver (x32 Version: 7.40.126.2011)
Realtek PCIE Card Reader (x32 Version: 6.1.7601.83)
REALTEK Wireless LAN Driver (x32 Version: 1.00.11.0706)
SAMSUNG Mobile Composite Device Software
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3 (x32 Version: 3.0.0.80601)
Samsung PC Studio 3 (x32 Version: 3.2.2.80601)
Scan (x32 Version: 13.0.0.0)
Service Pack 1 für SQL Server 2008 (KB 968369) (x32 Version: 10.1.2531.0)
Skype™ 5.10 (x32 Version: 5.10.116)
SmartWebPrinting (x32 Version: 130.0.373.000)
SolutionCenter (x32 Version: 130.0.373.000)
Sql Server Customer Experience Improvement Program (x32 Version: 10.1.2531.0)
Status (x32 Version: 130.0.373.000)
swMSM (x32 Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.3.11.0)
Toolbox (x32 Version: 130.0.648.000)
Torchlight (x32 Version: 2.2.0.98)
TrayApp (x32 Version: 130.0.376.000)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (x32 Version: 10.1.2531.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553092) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update Installer for WildTangent Games App (x32)
Video Downloader (x32 Version: 1.14)
Virtual Families (x32 Version: 2.2.0.98)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98)
VLC media player 2.0.3 (x32 Version: 2.0.3)
Vodafone Mobile Connect Lite (x32 Version: 9.4.3.17550)
WebReg (x32 Version: 130.0.132.017)
Wedding Dash (x32 Version: 2.2.0.95)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Zip Opener Packages 49 (HKCU)
Zuma's Revenge (x32 Version: 2.2.0.98)

==================== Restore Points  =========================

20-06-2013 07:58:36 Windows Update
21-06-2013 08:30:22 Installed Java 7 Update 25
21-06-2013 16:21:54 Windows Update
23-06-2013 07:45:44 Windows Update
27-06-2013 17:47:48 HPSF Applying updates
03-07-2013 08:00:34 Windows Update
09-07-2013 06:02:11 HPSF Applying updates
09-07-2013 06:02:15 HPSF Applying updates
12-07-2013 04:24:09 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {157FCA5C-F574-43F8-8AE1-C0A3DA86A540} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => C:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2013-07-09] (Hewlett-Packard)
Task: {1CBD5228-B833-4B9C-856F-470DEFD1D8A6} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {1D603188-1526-4CCD-84C3-9594F84B35C0} - System32\Tasks\QtraxPlayer => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2013-05-13] (Microsoft Corporation)
Task: {2407E886-8893-4E28-8030-41A472831683} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {45B5063B-F1FA-4709-8E1E-D8A2FF175777} - System32\Tasks\HPCeeScheduleForHartmut => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {5C86F450-4294-4681-A1E2-3C713A92E290} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company)
Task: {7818A202-6361-4432-84F0-9514E6D38745} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-09-28] (CyberLink)
Task: {7936779F-9565-4108-BBB9-A36CD39B4E9E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {871ACE61-68CC-48FB-902C-569BEA2C3D8C} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe No File
Task: {8D5ED8BA-C7E0-45C6-8B06-1975CFDA12E3} - System32\Tasks\DSite => C:\Users\Hartmut\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE No File
Task: {8F003B93-D8BC-46E5-955E-28DA38B21F02} - System32\Tasks\WPD\SqmUpload_S-1-5-21-1993369613-562651756-2702146813-1002 => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {A4AE3ACB-F3A3-4670-9D1B-CF1170AF9A50} - System32\Tasks\User_Feed_Synchronization-{F3949E77-36FA-419D-9B6A-C18914A7C2F5} => C:\Windows\system32\msfeedssync.exe [2013-06-21] (Microsoft Corporation)
Task: {A5DDB612-456C-45AA-A12E-31EC4314BDA6} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation)
Task: {BB87D4B4-CB70-4558-9122-E52BDCB61C51} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {C6F51DEC-6FB9-40E3-B6D8-DE05E0E6425C} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {CEA3EDB3-6291-45BF-82D5-8FB70C29EE10} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => C:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2013-07-09] (Hewlett-Packard)
Task: {CF719C28-3893-41D9-89DE-31435C9D7A74} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {DA68F328-9866-474C-B70F-D7C7505CB4FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {DB993AAF-4C18-4C7C-BA65-2DB4A00A79AC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-21] (Microsoft Corporation)
Task: {EDBBECD8-E1C7-4746-8587-2D7405D13307} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DSite.job => ?
Task: C:\Windows\Tasks\HPCeeScheduleForHartmut.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/15/2013 10:00:49 AM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 22.0.0.4917 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 510

Startzeit: 01ce812df6116f49

Endzeit: 47

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: 9dae71ce-ed24-11e2-855b-ec9a745376c3

Error: (07/15/2013 09:24:33 AM) (Source: VMCService) (User: )
Description: GetProcessOwner

Error: (07/15/2013 09:24:09 AM) (Source: MsiInstaller) (User: LISAS-COMPUTER)
Description: Produkt: Vodafone Mobile Connect Lite -- Fehler 2711. The specified Feature name ('ByteMobile') not found in Feature table.

Error: (07/15/2013 09:21:33 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 09:20:48 AM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue

Error: (07/15/2013 07:42:00 AM) (Source: VMCService) (User: )
Description: GetProcessOwner

Error: (07/15/2013 07:41:26 AM) (Source: MsiInstaller) (User: LISAS-COMPUTER)
Description: Produkt: Vodafone Mobile Connect Lite -- Fehler 2711. The specified Feature name ('ByteMobile') not found in Feature table.

Error: (07/15/2013 07:38:00 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 07:37:37 AM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue

Error: (07/14/2013 01:08:32 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Bu_.exe, Version: 1.4.0.0, Zeitstempel: 0x4f410edd
Name des fehlerhaften Moduls: Bu_.exe, Version: 1.4.0.0, Zeitstempel: 0x4f410edd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000084e4
ID des fehlerhaften Prozesses: 0x5f8
Startzeit der fehlerhaften Anwendung: 0xBu_.exe0
Pfad der fehlerhaften Anwendung: Bu_.exe1
Pfad des fehlerhaften Moduls: Bu_.exe2
Berichtskennung: Bu_.exe3


System errors:
=============
Error: (07/15/2013 09:22:38 AM) (Source: DCOM) (User: )
Description: {F5539356-2F02-40D4-999E-FA61F45FE12E}

Error: (07/15/2013 09:21:45 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (07/15/2013 09:20:51 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
StarOpen

Error: (07/15/2013 09:19:36 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (07/15/2013 07:41:49 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Schedule erreicht.

Error: (07/15/2013 07:37:39 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
StarOpen

Error: (07/15/2013 07:36:14 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (07/14/2013 01:02:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%5

Error: (07/14/2013 01:02:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%5

Error: (07/14/2013 01:02:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%5


Microsoft Office Sessions:
=========================
Error: (07/15/2013 10:00:49 AM) (Source: Application Hang)(User: )
Description: firefox.exe22.0.0.491751001ce812df6116f4947C:\Program Files (x86)\Mozilla Firefox\firefox.exe9dae71ce-ed24-11e2-855b-ec9a745376c3

Error: (07/15/2013 09:24:33 AM) (Source: VMCService)(User: )
Description: GetProcessOwner

Error: (07/15/2013 09:24:09 AM) (Source: MsiInstaller)(User: LISAS-COMPUTER)
Description: Produkt: Vodafone Mobile Connect Lite -- Fehler 2711. The specified Feature name ('ByteMobile') not found in Feature table.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/15/2013 09:21:33 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 09:20:48 AM) (Source: VMCService)(User: )
Description: conflictManagerTypeValue

Error: (07/15/2013 07:42:00 AM) (Source: VMCService)(User: )
Description: GetProcessOwner

Error: (07/15/2013 07:41:26 AM) (Source: MsiInstaller)(User: LISAS-COMPUTER)
Description: Produkt: Vodafone Mobile Connect Lite -- Fehler 2711. The specified Feature name ('ByteMobile') not found in Feature table.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/15/2013 07:38:00 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 07:37:37 AM) (Source: VMCService)(User: )
Description: conflictManagerTypeValue

Error: (07/14/2013 01:08:32 PM) (Source: Application Error)(User: )
Description: Bu_.exe1.4.0.04f410eddBu_.exe1.4.0.04f410eddc0000005000084e45f801ce808277c6289eC:\Users\Hartmut\AppData\Local\Temp\~nsu.tmp\Bu_.exeC:\Users\Hartmut\AppData\Local\Temp\~nsu.tmp\Bu_.exeb7e3300c-ec75-11e2-8265-ec9a745376c3


==================== Memory info =========================== 

Percentage of memory in use: 49%
Total physical RAM: 3561.41 MB
Available physical RAM: 1785.19 MB
Total Pagefile: 7121 MB
Available Pagefile: 5045.78 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:441.12 GB) (Free:349.21 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:20.48 GB) (Free:2.19 GB) NTFS (Disk=0 Partition=3) ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32 (Disk=0 Partition=4)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 5095087B)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=441 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)

==================== End Of Log ============================

Und nun?

LG

schrauber · 15.07.2013, 19:11

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

LisiBisi · 15.07.2013, 21:00

Hallo,

Code:

ATTFilter

# AdwCleaner v2.305 - Datei am 15/07/2013 um 21:34:11 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Hartmut - LISAS-COMPUTER
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Hartmut\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : SProtection

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\extensions\webbooster@iminent.com.xpi
Datei Gelöscht : C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\searchplugins\my-web-search.xml
Datei Gelöscht : C:\Windows\Tasks\DSite.job
Ordner Gelöscht : C:\Program Files (x86)\ChatZum Toolbar
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella
Ordner Gelöscht : C:\Program Files (x86)\Iminent
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BrowserDefender
Ordner Gelöscht : C:\ProgramData\Iminent
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Ordner Gelöscht : C:\Users\Hartmut\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Hartmut\AppData\Local\Temp\Iminent
Ordner Gelöscht : C:\Users\Hartmut\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Hartmut\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Hartmut\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\Hartmut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Ordner Gelöscht : C:\Users\Hartmut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Downloader
Ordner Gelöscht : C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\CT3241949
Ordner Gelöscht : C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\extensions\{78e516ef-11de-47a1-8364-a99b917ec5ee}
Ordner Gelöscht : C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\Smartbar
Ordner Gelöscht : C:\Windows\Installer\{118D6CE9-5F18-42F9-958A-14676A629FDE}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\ChatZum Toolbar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\9558f8ab435ba15
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\Software\ChatZum Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\9EC6D81181F59F2459A84176A626F9ED
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\9EC6D81181F59F2459A84176A626F9ED
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\Software\Umbrella
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\9558f8ab435ba15
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{118D6CE9-5F18-42F9-958A-14676A629FDE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16635

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=BCAC20107A060231&affID=119357&tsp=4943 --> hxxp://www.google.com

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\prefs.js

C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\user.js ... Gelöscht !

Gelöscht : user_pref("CT3241949.1000082.isPlayDisplay", "true");
Gelöscht : user_pref("CT3241949.1000082.state", "{\"state\":\"stopped\",\"text\":\"Radio 8\",\"description\":\"[...]
Gelöscht : user_pref("CT3241949.1000234.TWC_TMP_city", "DUSSELDORF");
Gelöscht : user_pref("CT3241949.1000234.TWC_TMP_country", "DE");
Gelöscht : user_pref("CT3241949.1000234.TWC_country", "GERMANY");
Gelöscht : user_pref("CT3241949.1000234.TWC_locId", "GMXX0028");
Gelöscht : user_pref("CT3241949.1000234.TWC_location", "Dusseldorf, Germany");
Gelöscht : user_pref("CT3241949.1000234.TWC_region", "DE");
Gelöscht : user_pref("CT3241949.1000234.TWC_temp_dis", "c");
Gelöscht : user_pref("CT3241949.1000234.TWC_wind_dis", "kmh");
Gelöscht : user_pref("CT3241949.1000234.weatherData", "{\"icon\":\"28.png\",\"temperature\":\"0°C\",\"temperatu[...]
Gelöscht : user_pref("CT3241949.CBOpenMAMSettings.enc", "MA==");
Gelöscht : user_pref("CT3241949.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT3241949.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Gelöscht : user_pref("CT3241949.FirstTime", "true");
Gelöscht : user_pref("CT3241949.FirstTimeFF3", "true");
Gelöscht : user_pref("CT3241949.LoginRevertSettingsEnabled", true);
Gelöscht : user_pref("CT3241949.PG_ENABLE", "dHJ1ZQ==");
Gelöscht : user_pref("CT3241949.RevertSettingsEnabled", true);
Gelöscht : user_pref("CT3241949.UserID", "UN43991296974977523");
Gelöscht : user_pref("CT3241949.addressBarTakeOverEnabledInHidden", "true");
Gelöscht : user_pref("CT3241949.cbcountry_001.enc", "REU=");
Gelöscht : user_pref("CT3241949.cbfirsttime.enc", "TW9uIEphbiAyMSAyMDEzIDE0OjIzOjQ5IEdNVCswMTAw");
Gelöscht : user_pref("CT3241949.countryCode", "DE");
Gelöscht : user_pref("CT3241949.enableAlerts", "never");
Gelöscht : user_pref("CT3241949.enableFix404ByUser", "FALSE");
Gelöscht : user_pref("CT3241949.event_data.enc", "JTVCJTVE");
Gelöscht : user_pref("CT3241949.fired_events.enc", "");
Gelöscht : user_pref("CT3241949.firstTimeDialogOpened", "true");
Gelöscht : user_pref("CT3241949.fixPageNotFoundErrorByUser", "TRUE");
Gelöscht : user_pref("CT3241949.fixPageNotFoundErrorInHidden", "true");
Gelöscht : user_pref("CT3241949.fixUrls", true);
Gelöscht : user_pref("CT3241949.fullUserID", "UN43991296974977523.UP.20130628103508");
Gelöscht : user_pref("CT3241949.homepageuserchanged", true);
Gelöscht : user_pref("CT3241949.installType", "Unknown");
Gelöscht : user_pref("CT3241949.isCheckedStartAsHidden", true);
Gelöscht : user_pref("CT3241949.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT3241949.isFirstTimeToolbarLoading", "false");
Gelöscht : user_pref("CT3241949.isPerformedSmartBarTransition", "true");
Gelöscht : user_pref("CT3241949.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Gelöscht : user_pref("CT3241949.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Gelöscht : user_pref("CT3241949.key_date.enc", "MjE=");
Gelöscht : user_pref("CT3241949.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.condui[...]
Gelöscht : user_pref("CT3241949.lastVersion", "10.16.4.519");
Gelöscht : user_pref("CT3241949.migrateAppsAndComponents", true);
Gelöscht : user_pref("CT3241949.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]
Gelöscht : user_pref("CT3241949.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Gelöscht : user_pref("CT3241949.revertSettingsEnabled", "false");
Gelöscht : user_pref("CT3241949.search.searchAppId", "129887071061272563");
Gelöscht : user_pref("CT3241949.search.searchCount", "0");
Gelöscht : user_pref("CT3241949.searchInNewTabEnabledByUser", "false");
Gelöscht : user_pref("CT3241949.searchInNewTabEnabledInHidden", "true");
Gelöscht : user_pref("CT3241949.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}")[...]
Gelöscht : user_pref("CT3241949.searchSuggestEnabledByUser", "false");
Gelöscht : user_pref("CT3241949.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT3241949.sendUsageEnabled", "false");
Gelöscht : user_pref("CT3241949.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Gelöscht : user_pref("CT3241949.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Gelöscht : user_pref("CT3241949.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Gelöscht : user_pref("CT3241949.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Gelöscht : user_pref("CT3241949.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Gelöscht : user_pref("CT3241949.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Gelöscht : user_pref("CT3241949.serviceLayer_services_Configuration_lastUpdate", "1373902076396");
Gelöscht : user_pref("CT3241949.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1358774624965");
Gelöscht : user_pref("CT3241949.serviceLayer_services_appsMetadata_lastUpdate", "1358774624970");
Gelöscht : user_pref("CT3241949.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1358774624873");
Gelöscht : user_pref("CT3241949.serviceLayer_services_location_lastUpdate", "1372352445986");
Gelöscht : user_pref("CT3241949.serviceLayer_services_login_10.14.40.128_lastUpdate", "1359412412577");
Gelöscht : user_pref("CT3241949.serviceLayer_services_login_10.14.42.7_lastUpdate", "1361007728248");
Gelöscht : user_pref("CT3241949.serviceLayer_services_login_10.14.65.43_lastUpdate", "1364028721247");
Gelöscht : user_pref("CT3241949.serviceLayer_services_login_10.15.0.562_lastUpdate", "1366477426421");
Gelöscht : user_pref("CT3241949.serviceLayer_services_login_10.15.2.523_lastUpdate", "1369925325517");
Gelöscht : user_pref("CT3241949.serviceLayer_services_login_10.16.2.509_lastUpdate", "1372402221896");
Gelöscht : user_pref("CT3241949.serviceLayer_services_login_10.16.4.519_lastUpdate", "1373916560262");
Gelöscht : user_pref("CT3241949.serviceLayer_services_menu_769c590835a76d075fe33b9a87a87786_lastUpdate", "13587[...]
Gelöscht : user_pref("CT3241949.serviceLayer_services_menu_d32f45618f5a02bd965c56155a643855_lastUpdate", "13587[...]
Gelöscht : user_pref("CT3241949.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1358774624923");
Gelöscht : user_pref("CT3241949.serviceLayer_services_searchAPI_lastUpdate", "1373902075307");
Gelöscht : user_pref("CT3241949.serviceLayer_services_serviceMap_lastUpdate", "1373902075209");
Gelöscht : user_pref("CT3241949.serviceLayer_services_toolbarContextMenu_lastUpdate", "1358774624821");
Gelöscht : user_pref("CT3241949.serviceLayer_services_toolbarSettings_lastUpdate", "1373916560202");
Gelöscht : user_pref("CT3241949.serviceLayer_services_translation_lastUpdate", "1373902083739");
Gelöscht : user_pref("CT3241949.settingsINI", true);
Gelöscht : user_pref("CT3241949.showToolbarPermission", "false");
Gelöscht : user_pref("CT3241949.smartbar.CTID", "CT3241949");
Gelöscht : user_pref("CT3241949.smartbar.Uninstall", "0");
Gelöscht : user_pref("CT3241949.smartbar.isHidden", true);
Gelöscht : user_pref("CT3241949.smartbar.toolbarName", "FileConverter 1.3 ");
Gelöscht : user_pref("CT3241949.toolbarBornServerTime", "21-1-2013");
Gelöscht : user_pref("CT3241949.toolbarCurrentServerTime", "15-7-2013");
Gelöscht : user_pref("CT3241949.toolbarLoginClientTime", "Tue Mar 26 2013 22:58:55 GMT+0100");
Gelöscht : user_pref("CT3241949_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Gelöscht : user_pref("browser.BabylonToolbar_i.newTab", "");
Gelöscht : user_pref("browser.BabylonToolbar_i.newTabUrl", "");
Gelöscht : user_pref("browser.babylon.HPOnNewTab", "");
Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("extensions.BabylonToolbar.admin", false);
Gelöscht : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Gelöscht : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Gelöscht : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Gelöscht : user_pref("extensions.BabylonToolbar.babExt", "");
Gelöscht : user_pref("extensions.BabylonToolbar.babTrack", "affID=114351&tt=040912_mnt_3612_3");
Gelöscht : user_pref("extensions.BabylonToolbar.babext", "babExt");
Gelöscht : user_pref("extensions.BabylonToolbar.babtrack", "babTrack");
Gelöscht : user_pref("extensions.BabylonToolbar.bbDpng", "29");
Gelöscht : user_pref("extensions.BabylonToolbar.cntry", "DE");
Gelöscht : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Gelöscht : user_pref("extensions.BabylonToolbar.dfltlng", "en");
Gelöscht : user_pref("extensions.BabylonToolbar.dfltsrch", "false");
Gelöscht : user_pref("extensions.BabylonToolbar.dpkLst", "");
Gelöscht : user_pref("extensions.BabylonToolbar.envrmnt", "production");
Gelöscht : user_pref("extensions.BabylonToolbar.excTlbr", false);
Gelöscht : user_pref("extensions.BabylonToolbar.firstrun", false);
Gelöscht : user_pref("extensions.BabylonToolbar.hdrMd5", "0E554B69B9FADB145CE69D53508854B0");
Gelöscht : user_pref("extensions.BabylonToolbar.hmpg", false);
Gelöscht : user_pref("extensions.BabylonToolbar.hrdid", "bcac09fd00000000000020107a060231");
Gelöscht : user_pref("extensions.BabylonToolbar.id", "bcac09fd00000000000020107a060231");
Gelöscht : user_pref("extensions.BabylonToolbar.instlDay", "15590");
Gelöscht : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Gelöscht : user_pref("extensions.BabylonToolbar.instlday", "15590");
Gelöscht : user_pref("extensions.BabylonToolbar.instlref", "sst");
Gelöscht : user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false");
Gelöscht : user_pref("extensions.BabylonToolbar.keywordurl", "");
Gelöscht : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.7.2.023:39:52");
Gelöscht : user_pref("extensions.BabylonToolbar.lastdp", 20);
Gelöscht : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1");
Gelöscht : user_pref("extensions.BabylonToolbar.newTab", false);
Gelöscht : user_pref("extensions.BabylonToolbar.newtab", "false");
Gelöscht : user_pref("extensions.BabylonToolbar.newtaburl", "");
Gelöscht : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"59\",\"lastVrsn\":\"59\",\"vrsnLoad\[...]
Gelöscht : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Gelöscht : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Gelöscht : user_pref("extensions.BabylonToolbar.prtnrid", "babylon");
Gelöscht : user_pref("extensions.BabylonToolbar.savedVrsnTs", "1");
Gelöscht : user_pref("extensions.BabylonToolbar.sg", "azb");
Gelöscht : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Gelöscht : user_pref("extensions.BabylonToolbar.smplgrp", "azb");
Gelöscht : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Gelöscht : user_pref("extensions.BabylonToolbar.srcext", "ss");
Gelöscht : user_pref("extensions.BabylonToolbar.srch", "");
Gelöscht : user_pref("extensions.BabylonToolbar.srchprvdr", "");
Gelöscht : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Gelöscht : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Gelöscht : user_pref("extensions.BabylonToolbar.tlbrid", "base");
Gelöscht : user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Gelöscht : user_pref("extensions.BabylonToolbar.vrsn", "1.7.2.0");
Gelöscht : user_pref("extensions.BabylonToolbar.vrsnTs", "1.7.2.023:39:52");
Gelöscht : user_pref("extensions.BabylonToolbar.vrsni", "1.7.2.0");
Gelöscht : user_pref("extensions.BabylonToolbar.vrsnts", "1.7.2.023:39:52");
Gelöscht : user_pref("extensions.BabylonToolbar_i.babExt", "");
Gelöscht : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=114351&tt=040912_mnt_3612_3");
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", false);
Gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Gelöscht : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.7.2.023:39:52");
Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.bbDpng", "14");
Gelöscht : user_pref("extensions.delta.cntry", "DE");
Gelöscht : user_pref("extensions.delta.dfltLng", "de");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Gelöscht : user_pref("extensions.delta.hdrMd5", "D9D06BF87215B907D4991958445912AB");
Gelöscht : user_pref("extensions.delta.id", "bcac09fd00000000000020107a060231");
Gelöscht : user_pref("extensions.delta.instlDay", "15900");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.lastVrsnTs", "1.8.21.512:58:15");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.sg", "azb");
Gelöscht : user_pref("extensions.delta.smplGrp", "none");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.5");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.512:58:15");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.5");
Gelöscht : user_pref("extensions.delta_i.babExt", "");
Gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119357&tsp=4943");
Gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Gelöscht : user_pref("extensions.mywebsearch.prevDefaultEngine", "Ask.com");
Gelöscht : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Gelöscht : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
Gelöscht : user_pref("extensions.toolbar.mindspark._64Members_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Gelöscht : user_pref("id_chatzum_softonic.firstlaunch", "0");
Gelöscht : user_pref("id_chatzum_softonic.guid", "%7BC5741CA4-7948-1CA8-2365-2A1CC98E4FE6%7D");
Gelöscht : user_pref("id_chatzum_softonic.hiddenvisual", 0);
Gelöscht : user_pref("id_chatzum_softonic.popupblockedcnt", "58");
Gelöscht : user_pref("id_chatzum_softonic.variables.SVar1", "%15%11");
Gelöscht : user_pref("id_chatzum_softonic.variables.SVar10", "%13");
Gelöscht : user_pref("id_chatzum_softonic.variables.SVar2", "%1A%1B%11%1B%14%11%15%1A%13");
Gelöscht : user_pref("id_chatzum_softonic.variables.SVar3", "%13");
Gelöscht : user_pref("id_chatzum_softonic.variables.SVar4", "%13");
Gelöscht : user_pref("id_chatzum_softonic.variables.SVar5", "%13");
Gelöscht : user_pref("id_chatzum_softonic.variables.SVar6", "%13");
Gelöscht : user_pref("id_chatzum_softonic.variables.SVar7", "%13");
Gelöscht : user_pref("id_chatzum_softonic.variables.SVar8", "%13");
Gelöscht : user_pref("id_chatzum_softonic.variables.SVar9", "%13");
Gelöscht : user_pref("id_chatzum_softonic.variables.Var1", "62");
Gelöscht : user_pref("id_chatzum_softonic.variables.Var10", "0");
Gelöscht : user_pref("id_chatzum_softonic.variables.Var2", "982872690");
Gelöscht : user_pref("id_chatzum_softonic.variables.Var3", "0");
Gelöscht : user_pref("id_chatzum_softonic.variables.Var4", "0");
Gelöscht : user_pref("id_chatzum_softonic.variables.Var5", "0");
Gelöscht : user_pref("id_chatzum_softonic.variables.Var6", "0");
Gelöscht : user_pref("id_chatzum_softonic.variables.Var7", "0");
Gelöscht : user_pref("id_chatzum_softonic.variables.Var8", "0");
Gelöscht : user_pref("id_chatzum_softonic.variables.Var9", "0");
Gelöscht : user_pref("id_chatzum_softonic_installed_version", "1.0.20");
Gelöscht : user_pref("iminent.webbooster.scripts.minibar.SOFTONICREFRESHRATE", "140000");
Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.SOFTONICREFRESHRATE", "140000");
Gelöscht : user_pref("smartbar.machineId", "97P1V0AJUJ8B0WF081XKC1TEGSPLLJ3VAPUXYRI6+84SZO1UYE6IBQGGW5ZLDQ1HLUF[...]

*************************

AdwCleaner[S1].txt - [45272 octets] - [15/07/2013 21:34:11]

########## EOF - C:\AdwCleaner[S1].txt - [45333 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.0.9 (07.12.2013:2)
OS: Windows 7 Home Premium x64
Ran by Hartmut on 15.07.2013 at 21:42:49,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2A51D2F3-7C49-4A17-A57F-2CBC6405BFA1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C87395B5-70D9-4E25-AB1F-FF23936613EF}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{C87395B5-70D9-4E25-AB1F-FF23936613EF}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Hartmut\appdata\local\{154AAD9D-E7C6-42BC-BA30-B89C2E085CE6}
Successfully deleted: [Empty Folder] C:\Users\Hartmut\appdata\local\{1AA6DE20-377D-472D-A28F-193B0DDEE96E}
Successfully deleted: [Empty Folder] C:\Users\Hartmut\appdata\local\{27522591-ABBC-4C5D-A412-BF8C31A1E148}
Successfully deleted: [Empty Folder] C:\Users\Hartmut\appdata\local\{440DD25A-F462-484E-B38C-6D7A5106619E}
Successfully deleted: [Empty Folder] C:\Users\Hartmut\appdata\local\{51F63F29-181D-4B1B-88D8-A94DBE635CBA}
Successfully deleted: [Empty Folder] C:\Users\Hartmut\appdata\local\{E1552EC9-2620-4B9D-AE9D-52102F7F4975}
Successfully deleted: [Empty Folder] C:\Users\Hartmut\appdata\local\{E93FAC48-A450-453E-9120-07C1C82720F0}



~~~ FireFox

Successfully deleted: [File] C:\Users\Hartmut\AppData\Roaming\mozilla\firefox\profiles\ymtb1hss.default\invalidprefs.js
Successfully deleted the following from C:\Users\Hartmut\AppData\Roaming\mozilla\firefox\profiles\ymtb1hss.default\prefs.js

user_pref("extensions.crossrider.bic", "13fdcde8d37eb4c112e9d922a461d3e5");
user_pref("extensions.toolbar.mindspark._64Members_.hp.enabled", true);
user_pref("extensions.toolbar.mindspark._64Members_.initialized", true);
user_pref("extensions.toolbar.mindspark._64Members_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._64Members_.installation.installDate", "2012122401");
user_pref("extensions.toolbar.mindspark._64Members_.installation.partnerId", "^XP^xdm284^YY^de");
user_pref("extensions.toolbar.mindspark._64Members_.installation.partnerSubId", "CN_p2aC1r7QCFUm-zAodNhgADg");
user_pref("extensions.toolbar.mindspark._64Members_.installation.success", true);
user_pref("extensions.toolbar.mindspark._64Members_.installation.toolbarId", "CDBB1950-DBE2-4F1D-9F1A-B4982963DF23");
user_pref("extensions.toolbar.mindspark._64Members_.lastActivePing", "1356739508428");
user_pref("extensions.toolbar.mindspark._64Members_.options.defaultSearch", true);
user_pref("extensions.toolbar.mindspark._64Members_.options.homePageEnabled", true);
user_pref("extensions.toolbar.mindspark._64Members_.options.keywordEnabled", true);
user_pref("extensions.toolbar.mindspark._64Members_.options.tabEnabled", true);
user_pref("extensions.toolbar.mindspark._64Members_.weather.location", "10001");
user_pref("extensions.toolbar.mindspark.hp.enabled", true);
user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "televisionfanatic@mindspark.com");
user_pref("extensions.toolbar.mindspark.lastInstalled", "televisionfanatic@mindspark.com");
user_pref("iminent.webbooster.scripts.minibar.FavLinkSplitTestingClass", "v2");
user_pref("iminent.webbooster.scripts.minibar.LayoutId", "1");
user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.minibar.ShowThankyouPixel", "0");
user_pref("iminent.webbooster.scripts.minibar.displayFavLinks", "0");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent102", "1373902884125");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent109", "1367838262229");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent111", "1367838262235");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent112", "1365957621589");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent122", "1367838262243");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent134", "1371758949955");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent140", "1369603406444");
user_pref("iminent.webbooster.scripts.sslminibar.FavLinkSplitTestingClass", "v2");
user_pref("iminent.webbooster.scripts.sslminibar.LayoutId", "1");
user_pref("iminent.webbooster.scripts.sslminibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.sslminibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.sslminibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.sslminibar.ShowThankyouPixel", "0");
user_pref("iminent.webbooster.scripts.sslminibar.displayFavLinks", "0");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1373902031525");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent109", "1373800633689");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent110", "1368205029938");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent111", "1373800633694");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent112", "1373800637780");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent122", "1373800633699");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent140", "1369603478241");
Emptied folder: C:\Users\Hartmut\AppData\Roaming\mozilla\firefox\profiles\ymtb1hss.default\minidumps [33 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.07.2013 at 21:52:26,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by Hartmut (administrator) on 15-07-2013 21:54:41
Running from C:\Users\Hartmut\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-10] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [SetDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-21] (Microsoft Corporation)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: G - G:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {9c59d10c-faa1-11e1-9c18-ec9a745376c3} - G:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {9c59d11d-faa1-11e1-9c18-ec9a745376c3} - G:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {d655124d-edbf-11e1-aae1-ec9a745376c3} - G:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {d65512de-edbf-11e1-aae1-ec9a745376c3} - H:\setup_vmc_lite.exe /checkApplicationPresence
HKLM-x32\...\Run: [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [343168 2011-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPQuickWebProxy] - "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [169528 2011-10-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-09-15] (EasyBits Software AS)
HKLM-x32\...\Run: [MobileConnect] - %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent [2403840 2009-09-11] (Vodafone)
HKLM-x32\...\Run: [BCSSync] - "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
SearchScopes: HKLM - {C87395B5-70D9-4E25-AB1F-FF23936613EF} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL [52920 2011-10-14] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\searchplugins\ChatZumSearch.xml
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-28] (Advanced Micro Devices, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S3 MSSQL$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
S4 SQLAgent$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)
R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-11] (Vodafone)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-18] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-18] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-18] (Symantec Corporation)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130712.001\IDSvia64.sys [513184 2013-04-12] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130712.001\IDSvia64.sys [513184 2013-04-12] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130715.003\ENG64.SYS [126040 2013-05-24] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130715.003\ENG64.SYS [126040 2013-05-24] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130715.003\EX64.SYS [2098776 2013-05-24] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130715.003\EX64.SYS [2098776 2013-05-24] (Symantec Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-03-29] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
S1 StarOpen; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-15 21:52 - 2013-07-15 21:52 - 00007005 _____ C:\Users\Hartmut\Desktop\JRT.txt
2013-07-15 21:42 - 2013-07-15 21:42 - 00000000 ____D C:\Windows\ERUNT
2013-07-15 21:41 - 2013-07-15 21:41 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\Hartmut\Desktop\JRT.exe
2013-07-15 21:39 - 2013-07-15 21:39 - 00045291 _____ C:\Users\Hartmut\Desktop\AdwCleaner[S1].txt
2013-07-15 21:34 - 2013-07-15 21:34 - 00045291 _____ C:\AdwCleaner[S1].txt
2013-07-15 21:32 - 2013-07-15 21:32 - 00662345 _____ C:\Users\Hartmut\Desktop\adwcleaner.exe
2013-07-15 17:35 - 2013-07-15 17:35 - 00027715 _____ C:\Users\Hartmut\Desktop\Addition.txt
2013-07-15 17:33 - 2013-07-15 17:33 - 00000000 ____D C:\FRST
2013-07-15 17:30 - 2013-07-15 17:32 - 01777839 _____ (Farbar) C:\Users\Hartmut\Desktop\FRST64.exe
2013-07-15 09:18 - 2013-07-15 09:18 - 00003279 _____ C:\Users\Hartmut\Desktop\Gmer.txt
2013-07-15 09:18 - 2013-07-15 09:18 - 00000248 _____ C:\Users\Hartmut\Desktop\defogger_enable.log
2013-07-15 09:02 - 2013-07-15 09:02 - 00377856 _____ C:\Users\Hartmut\Desktop\gmer_2.1.19163.exe
2013-07-15 08:45 - 2013-07-15 08:45 - 00000476 _____ C:\Users\Hartmut\Desktop\defogger_disable.log
2013-07-15 08:44 - 2013-07-15 08:44 - 00050477 _____ C:\Users\Hartmut\Desktop\Defogger.exe
2013-07-15 08:03 - 2013-07-15 08:03 - 00106886 _____ C:\Users\Hartmut\Desktop\Extras.Txt
2013-07-15 08:01 - 2013-07-15 09:00 - 00103778 _____ C:\Users\Hartmut\Desktop\OTL.Txt
2013-07-15 07:46 - 2013-07-15 07:46 - 00602112 _____ (OldTimer Tools) C:\Users\Hartmut\Desktop\OTL.exe
2013-07-14 13:03 - 2013-07-14 13:03 - 00000000 ____D C:\Users\Hartmut\Qtrax
2013-07-14 12:59 - 2013-07-14 12:59 - 00003818 _____ C:\Windows\System32\Tasks\QtraxPlayer
2013-07-14 12:55 - 2013-07-14 12:55 - 00003250 _____ C:\Windows\System32\Tasks\DSite
2013-07-14 12:54 - 2013-07-14 12:54 - 00793536 _____ C:\Users\Hartmut\Desktop\ZipOpenerSetup.exe
2013-07-12 06:35 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-12 06:35 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-12 06:35 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-12 06:35 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-12 06:35 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-12 06:35 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-12 06:35 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-12 06:35 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-12 06:35 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-12 06:35 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-12 06:35 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-12 06:35 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-12 06:35 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-12 06:35 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 06:35 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 06:35 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-12 06:35 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-12 06:35 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-12 06:35 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-12 06:35 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-12 06:35 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-11 09:56 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 09:56 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 09:56 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 09:56 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 09:51 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 09:50 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 09:50 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 09:41 - 2013-07-11 09:51 - 00000000 ____D C:\Users\Hartmut\Documents\Kontoauszüge
2013-07-08 13:33 - 2013-07-08 13:43 - 00000000 ____D C:\Users\Hartmut\Desktop\ebook_neu
2013-07-08 13:31 - 2013-07-08 13:33 - 00000000 ____D C:\Users\Hartmut\Desktop\ebook
2013-07-07 10:27 - 2013-07-07 17:23 - 00000000 ____D C:\Users\Hartmut\Desktop\Speicherstick
2013-06-28 10:41 - 2013-07-14 12:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-22 22:51 - 2013-04-17 09:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-22 22:51 - 2013-04-17 08:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-06-21 18:33 - 2013-06-21 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-21 18:33 - 2013-06-21 18:33 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-21 18:33 - 2013-06-21 18:33 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-06-21 18:33 - 2013-06-21 18:33 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-06-21 18:33 - 2013-06-21 18:33 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-21 18:33 - 2013-06-21 18:33 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-06-21 18:33 - 2013-06-21 18:33 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-21 18:33 - 2013-06-21 18:33 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-21 18:25 - 2013-06-21 18:25 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-21 18:22 - 2013-06-21 18:39 - 00010360 _____ C:\Windows\IE10_main.log
2013-06-21 10:31 - 2013-06-21 10:31 - 00004944 _____ C:\Windows\SysWOW64\jupdate-1.7.0_25-b16.log
2013-06-21 10:31 - 2013-06-12 21:47 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-21 10:31 - 2013-06-12 21:43 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-21 10:31 - 2013-06-12 21:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-21 10:31 - 2013-06-12 21:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

==================== One Month Modified Files and Folders =======

2013-07-15 21:52 - 2013-07-15 21:52 - 00007005 _____ C:\Users\Hartmut\Desktop\JRT.txt
2013-07-15 21:44 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-15 21:44 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-15 21:42 - 2013-07-15 21:42 - 00000000 ____D C:\Windows\ERUNT
2013-07-15 21:41 - 2013-07-15 21:41 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\Hartmut\Desktop\JRT.exe
2013-07-15 21:39 - 2013-07-15 21:39 - 00045291 _____ C:\Users\Hartmut\Desktop\AdwCleaner[S1].txt
2013-07-15 21:36 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-15 21:36 - 2009-07-14 06:51 - 00085081 _____ C:\Windows\setupact.log
2013-07-15 21:35 - 2011-12-17 01:37 - 01715831 _____ C:\Windows\WindowsUpdate.log
2013-07-15 21:34 - 2013-07-15 21:34 - 00045291 _____ C:\AdwCleaner[S1].txt
2013-07-15 21:32 - 2013-07-15 21:32 - 00662345 _____ C:\Users\Hartmut\Desktop\adwcleaner.exe
2013-07-15 21:26 - 2012-09-26 16:38 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-15 17:35 - 2013-07-15 17:35 - 00027715 _____ C:\Users\Hartmut\Desktop\Addition.txt
2013-07-15 17:33 - 2013-07-15 17:33 - 00000000 ____D C:\FRST
2013-07-15 17:32 - 2013-07-15 17:30 - 01777839 _____ (Farbar) C:\Users\Hartmut\Desktop\FRST64.exe
2013-07-15 09:18 - 2013-07-15 09:18 - 00003279 _____ C:\Users\Hartmut\Desktop\Gmer.txt
2013-07-15 09:18 - 2013-07-15 09:18 - 00000248 _____ C:\Users\Hartmut\Desktop\defogger_enable.log
2013-07-15 09:18 - 2012-02-24 15:04 - 00000000 ____D C:\Users\Hartmut
2013-07-15 09:02 - 2013-07-15 09:02 - 00377856 _____ C:\Users\Hartmut\Desktop\gmer_2.1.19163.exe
2013-07-15 09:00 - 2013-07-15 08:01 - 00103778 _____ C:\Users\Hartmut\Desktop\OTL.Txt
2013-07-15 08:45 - 2013-07-15 08:45 - 00000476 _____ C:\Users\Hartmut\Desktop\defogger_disable.log
2013-07-15 08:44 - 2013-07-15 08:44 - 00050477 _____ C:\Users\Hartmut\Desktop\Defogger.exe
2013-07-15 08:25 - 2012-04-17 20:32 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-07-15 08:25 - 2012-03-11 13:40 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-07-15 08:03 - 2013-07-15 08:03 - 00106886 _____ C:\Users\Hartmut\Desktop\Extras.Txt
2013-07-15 07:46 - 2013-07-15 07:46 - 00602112 _____ (OldTimer Tools) C:\Users\Hartmut\Desktop\OTL.exe
2013-07-15 07:36 - 2010-11-21 05:47 - 00077586 _____ C:\Windows\PFRO.log
2013-07-14 13:13 - 2013-05-25 14:51 - 00000000 ____D C:\Program Files (x86)\Pixum
2013-07-14 13:11 - 2013-05-25 11:40 - 00000000 ____D C:\Users\Hartmut\AppData\Roaming\Dropbox
2013-07-14 13:11 - 2012-02-24 15:10 - 00000000 ___RD C:\Users\Hartmut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-14 13:08 - 2012-02-24 16:45 - 00000000 ____D C:\Users\Hartmut\AppData\Local\CrashDumps
2013-07-14 13:03 - 2013-07-14 13:03 - 00000000 ____D C:\Users\Hartmut\Qtrax
2013-07-14 12:59 - 2013-07-14 12:59 - 00003818 _____ C:\Windows\System32\Tasks\QtraxPlayer
2013-07-14 12:59 - 2013-06-28 10:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-14 12:55 - 2013-07-14 12:55 - 00003250 _____ C:\Windows\System32\Tasks\DSite
2013-07-14 12:54 - 2013-07-14 12:54 - 00793536 _____ C:\Users\Hartmut\Desktop\ZipOpenerSetup.exe
2013-07-12 11:44 - 2013-05-25 11:43 - 00000000 ___RD C:\Users\Hartmut\Dropbox
2013-07-12 07:05 - 2009-07-14 06:45 - 00417720 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 07:04 - 2013-03-19 20:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 07:04 - 2013-03-19 20:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 07:03 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-12 07:03 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-12 06:47 - 2012-09-26 16:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-12 06:43 - 2011-10-15 07:15 - 00766590 _____ C:\Windows\system32\perfh007.dat
2013-07-12 06:43 - 2011-10-15 07:15 - 00174284 _____ C:\Windows\system32\perfc007.dat
2013-07-12 06:43 - 2009-07-14 07:13 - 01829634 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-12 06:36 - 2012-08-18 00:25 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-11 12:56 - 2011-12-17 01:55 - 00000000 ____D C:\ProgramData\Norton
2013-07-11 09:51 - 2013-07-11 09:41 - 00000000 ____D C:\Users\Hartmut\Documents\Kontoauszüge
2013-07-10 14:56 - 2012-11-20 19:46 - 00000340 _____ C:\Windows\Tasks\HPCeeScheduleForHartmut.job
2013-07-09 12:53 - 2012-11-20 19:46 - 00003198 _____ C:\Windows\System32\Tasks\HPCeeScheduleForHartmut
2013-07-09 08:28 - 2011-02-10 21:23 - 00000000 ____D C:\SWSetup
2013-07-08 13:43 - 2013-07-08 13:33 - 00000000 ____D C:\Users\Hartmut\Desktop\ebook_neu
2013-07-08 13:33 - 2013-07-08 13:31 - 00000000 ____D C:\Users\Hartmut\Desktop\ebook
2013-07-07 17:23 - 2013-07-07 10:27 - 00000000 ____D C:\Users\Hartmut\Desktop\Speicherstick
2013-07-06 02:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-07-03 10:06 - 2011-12-17 01:43 - 01785536 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-30 14:31 - 2012-07-19 16:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-27 18:57 - 2013-05-26 11:32 - 00000000 ____D C:\ProgramData\tmp
2013-06-25 07:52 - 2013-05-12 10:07 - 00000000 ____D C:\Users\Public\Downloads\Norton
2013-06-22 10:32 - 2012-02-24 15:10 - 00001409 _____ C:\Users\Hartmut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-06-22 10:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-06-22 10:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-06-22 10:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-06-22 10:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-06-22 10:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-21 18:39 - 2013-06-21 18:22 - 00010360 _____ C:\Windows\IE10_main.log
2013-06-21 18:33 - 2013-06-21 18:33 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-06-21 18:33 - 2013-06-21 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-21 18:33 - 2013-06-21 18:33 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-21 18:33 - 2013-06-21 18:33 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-06-21 18:33 - 2013-06-21 18:33 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-06-21 18:33 - 2013-06-21 18:33 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-21 18:33 - 2013-06-21 18:33 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-06-21 18:33 - 2013-06-21 18:33 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-21 18:33 - 2013-06-21 18:33 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-21 18:25 - 2013-06-21 18:25 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-21 10:31 - 2013-06-21 10:31 - 00004944 _____ C:\Windows\SysWOW64\jupdate-1.7.0_25-b16.log
2013-06-21 10:31 - 2012-11-13 21:15 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-20 15:40 - 2013-05-26 11:32 - 00000000 ____D C:\ProgramData\hps

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-05 15:36

==================== End Of Log ============================

--- --- ---

--- --- ---

Bin ich das Ding endlich los?

LG

schrauber · 16.07.2013, 07:13

Onlinescan, dann Reste entfernen, dann sollten wir durch sein

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch probleme?

LisiBisi · 18.07.2013, 21:12

Hallo,

entschuldige bitte, dass ich jetzt erst antworte.

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=36e7b0111bf6dd4ca4131bc768dc6e22
# engine=14445
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-18 06:09:45
# local_time=2013-07-18 08:09:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 95 1768370 136767570 0 0
# compatibility_mode=5893 16776574 100 94 565565 125800835 0 0
# scanned=182083
# found=2
# cleaned=0
# scan_time=17694
sh=A6966EF367CA3D7C0F225DB2B5A9CDFB186FEF09 ft=1 fh=0fb68a32239f407c vn="Win32/Adware.Bundlore application" ac=I fn="C:\Users\Hartmut\Downloads\video_downloader.exe"
sh=31EA98EE28122E857254C0267261D4E823195BDA ft=1 fh=4a3bd93d2eb60967 vn="Win32/Adware.1ClickDownload.M application" ac=I fn="C:\Users\Hartmut\Videos\wie_beim_ersten_mal.exe"

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.70  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 25  
 Adobe Flash Player 11.7.700.224  
 Adobe Reader XI  
 Mozilla Firefox (22.0) 
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
 Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by Hartmut (administrator) on 18-07-2013 22:04:09
Running from C:\Users\Hartmut\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-10] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [SetDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-21] (Microsoft Corporation)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: G - G:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {9c59d10c-faa1-11e1-9c18-ec9a745376c3} - G:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {9c59d11d-faa1-11e1-9c18-ec9a745376c3} - G:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {d655124d-edbf-11e1-aae1-ec9a745376c3} - G:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {d65512de-edbf-11e1-aae1-ec9a745376c3} - H:\setup_vmc_lite.exe /checkApplicationPresence
HKLM-x32\...\Run: [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [343168 2011-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPQuickWebProxy] - "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [169528 2011-10-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-09-15] (EasyBits Software AS)
HKLM-x32\...\Run: [MobileConnect] - %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent [2403840 2009-09-11] (Vodafone)
HKLM-x32\...\Run: [BCSSync] - "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
SearchScopes: HKLM - {C87395B5-70D9-4E25-AB1F-FF23936613EF} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL [52920 2011-10-14] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Hartmut\AppData\Roaming\Mozilla\Firefox\Profiles\ymtb1hss.default\searchplugins\ChatZumSearch.xml
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-28] (Advanced Micro Devices, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S3 MSSQL$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
S4 SQLAgent$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)
R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-11] (Vodafone)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-18] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-18] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-18] (Symantec Corporation)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130717.001\IDSvia64.sys [513184 2013-04-12] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130717.001\IDSvia64.sys [513184 2013-04-12] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130718.004\ENG64.SYS [126040 2013-05-24] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130718.004\ENG64.SYS [126040 2013-05-24] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130718.004\EX64.SYS [2098776 2013-05-24] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130718.004\EX64.SYS [2098776 2013-05-24] (Symantec Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-03-29] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
S1 StarOpen; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-18 20:22 - 2013-07-18 20:22 - 00891062 _____ C:\Users\Hartmut\Desktop\SecurityCheck.exe
2013-07-18 15:03 - 2013-07-18 15:04 - 02347384 _____ (ESET) C:\Users\Hartmut\Desktop\esetsmartinstaller_enu.exe
2013-07-15 21:56 - 2013-07-15 21:56 - 00059831 _____ C:\Users\Hartmut\Desktop\FRST1.txt
2013-07-15 21:52 - 2013-07-15 21:52 - 00007005 _____ C:\Users\Hartmut\Desktop\JRT.txt
2013-07-15 21:42 - 2013-07-15 21:42 - 00000000 ____D C:\Windows\ERUNT
2013-07-15 21:41 - 2013-07-15 21:41 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\Hartmut\Desktop\JRT.exe
2013-07-15 21:39 - 2013-07-15 21:39 - 00045291 _____ C:\Users\Hartmut\Desktop\AdwCleaner[S1].txt
2013-07-15 21:34 - 2013-07-15 21:34 - 00045291 _____ C:\AdwCleaner[S1].txt
2013-07-15 21:32 - 2013-07-15 21:32 - 00662345 _____ C:\Users\Hartmut\Desktop\adwcleaner.exe
2013-07-15 17:35 - 2013-07-15 17:35 - 00027715 _____ C:\Users\Hartmut\Desktop\Addition.txt
2013-07-15 17:33 - 2013-07-15 17:33 - 00000000 ____D C:\FRST
2013-07-15 17:30 - 2013-07-15 17:32 - 01777839 _____ (Farbar) C:\Users\Hartmut\Desktop\FRST64.exe
2013-07-15 09:18 - 2013-07-15 09:18 - 00003279 _____ C:\Users\Hartmut\Desktop\Gmer.txt
2013-07-15 09:18 - 2013-07-15 09:18 - 00000248 _____ C:\Users\Hartmut\Desktop\defogger_enable.log
2013-07-15 09:02 - 2013-07-15 09:02 - 00377856 _____ C:\Users\Hartmut\Desktop\gmer_2.1.19163.exe
2013-07-15 08:45 - 2013-07-15 08:45 - 00000476 _____ C:\Users\Hartmut\Desktop\defogger_disable.log
2013-07-15 08:44 - 2013-07-15 08:44 - 00050477 _____ C:\Users\Hartmut\Desktop\Defogger.exe
2013-07-15 08:03 - 2013-07-15 08:03 - 00106886 _____ C:\Users\Hartmut\Desktop\Extras.Txt
2013-07-15 08:01 - 2013-07-15 09:00 - 00103778 _____ C:\Users\Hartmut\Desktop\OTL.Txt
2013-07-15 07:46 - 2013-07-15 07:46 - 00602112 _____ (OldTimer Tools) C:\Users\Hartmut\Desktop\OTL.exe
2013-07-14 13:03 - 2013-07-14 13:03 - 00000000 ____D C:\Users\Hartmut\Qtrax
2013-07-14 12:59 - 2013-07-14 12:59 - 00003818 _____ C:\Windows\System32\Tasks\QtraxPlayer
2013-07-14 12:55 - 2013-07-14 12:55 - 00003250 _____ C:\Windows\System32\Tasks\DSite
2013-07-14 12:54 - 2013-07-14 12:54 - 00793536 _____ C:\Users\Hartmut\Desktop\ZipOpenerSetup.exe
2013-07-12 06:35 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-12 06:35 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-12 06:35 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-12 06:35 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-12 06:35 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-12 06:35 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-12 06:35 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-12 06:35 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-12 06:35 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-12 06:35 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-12 06:35 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-12 06:35 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-12 06:35 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-12 06:35 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 06:35 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 06:35 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-12 06:35 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-12 06:35 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-12 06:35 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-12 06:35 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-12 06:35 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-12 06:35 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-11 09:56 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 09:56 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 09:56 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 09:56 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 09:51 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 09:50 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 09:50 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 09:41 - 2013-07-11 09:51 - 00000000 ____D C:\Users\Hartmut\Documents\Kontoauszüge
2013-07-08 13:33 - 2013-07-08 13:43 - 00000000 ____D C:\Users\Hartmut\Desktop\ebook_neu
2013-07-08 13:31 - 2013-07-08 13:33 - 00000000 ____D C:\Users\Hartmut\Desktop\ebook
2013-07-07 10:27 - 2013-07-07 17:23 - 00000000 ____D C:\Users\Hartmut\Desktop\Speicherstick
2013-06-28 10:41 - 2013-07-14 12:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-22 22:51 - 2013-04-17 09:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-22 22:51 - 2013-04-17 08:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-06-21 18:33 - 2013-06-21 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-21 18:33 - 2013-06-21 18:33 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-21 18:33 - 2013-06-21 18:33 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-06-21 18:33 - 2013-06-21 18:33 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-06-21 18:33 - 2013-06-21 18:33 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-21 18:33 - 2013-06-21 18:33 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-06-21 18:33 - 2013-06-21 18:33 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-21 18:33 - 2013-06-21 18:33 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-21 18:25 - 2013-06-21 18:25 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-21 18:22 - 2013-06-21 18:39 - 00010360 _____ C:\Windows\IE10_main.log
2013-06-21 10:31 - 2013-06-21 10:31 - 00004944 _____ C:\Windows\SysWOW64\jupdate-1.7.0_25-b16.log
2013-06-21 10:31 - 2013-06-12 21:47 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-21 10:31 - 2013-06-12 21:43 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-21 10:31 - 2013-06-12 21:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-21 10:31 - 2013-06-12 21:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

==================== One Month Modified Files and Folders =======

2013-07-18 21:58 - 2012-09-26 16:38 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-18 20:58 - 2011-12-17 01:37 - 01749344 _____ C:\Windows\WindowsUpdate.log
2013-07-18 20:22 - 2013-07-18 20:22 - 00891062 _____ C:\Users\Hartmut\Desktop\SecurityCheck.exe
2013-07-18 15:08 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-18 15:08 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-18 15:04 - 2013-07-18 15:03 - 02347384 _____ (ESET) C:\Users\Hartmut\Desktop\esetsmartinstaller_enu.exe
2013-07-18 14:58 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-18 14:58 - 2009-07-14 06:51 - 00085193 _____ C:\Windows\setupact.log
2013-07-15 21:56 - 2013-07-15 21:56 - 00059831 _____ C:\Users\Hartmut\Desktop\FRST1.txt
2013-07-15 21:52 - 2013-07-15 21:52 - 00007005 _____ C:\Users\Hartmut\Desktop\JRT.txt
2013-07-15 21:42 - 2013-07-15 21:42 - 00000000 ____D C:\Windows\ERUNT
2013-07-15 21:41 - 2013-07-15 21:41 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\Hartmut\Desktop\JRT.exe
2013-07-15 21:39 - 2013-07-15 21:39 - 00045291 _____ C:\Users\Hartmut\Desktop\AdwCleaner[S1].txt
2013-07-15 21:34 - 2013-07-15 21:34 - 00045291 _____ C:\AdwCleaner[S1].txt
2013-07-15 21:32 - 2013-07-15 21:32 - 00662345 _____ C:\Users\Hartmut\Desktop\adwcleaner.exe
2013-07-15 17:35 - 2013-07-15 17:35 - 00027715 _____ C:\Users\Hartmut\Desktop\Addition.txt
2013-07-15 17:33 - 2013-07-15 17:33 - 00000000 ____D C:\FRST
2013-07-15 17:32 - 2013-07-15 17:30 - 01777839 _____ (Farbar) C:\Users\Hartmut\Desktop\FRST64.exe
2013-07-15 09:18 - 2013-07-15 09:18 - 00003279 _____ C:\Users\Hartmut\Desktop\Gmer.txt
2013-07-15 09:18 - 2013-07-15 09:18 - 00000248 _____ C:\Users\Hartmut\Desktop\defogger_enable.log
2013-07-15 09:18 - 2012-02-24 15:04 - 00000000 ____D C:\Users\Hartmut
2013-07-15 09:02 - 2013-07-15 09:02 - 00377856 _____ C:\Users\Hartmut\Desktop\gmer_2.1.19163.exe
2013-07-15 09:00 - 2013-07-15 08:01 - 00103778 _____ C:\Users\Hartmut\Desktop\OTL.Txt
2013-07-15 08:45 - 2013-07-15 08:45 - 00000476 _____ C:\Users\Hartmut\Desktop\defogger_disable.log
2013-07-15 08:44 - 2013-07-15 08:44 - 00050477 _____ C:\Users\Hartmut\Desktop\Defogger.exe
2013-07-15 08:25 - 2012-04-17 20:32 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-07-15 08:25 - 2012-03-11 13:40 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-07-15 08:03 - 2013-07-15 08:03 - 00106886 _____ C:\Users\Hartmut\Desktop\Extras.Txt
2013-07-15 07:46 - 2013-07-15 07:46 - 00602112 _____ (OldTimer Tools) C:\Users\Hartmut\Desktop\OTL.exe
2013-07-15 07:36 - 2010-11-21 05:47 - 00077586 _____ C:\Windows\PFRO.log
2013-07-14 13:13 - 2013-05-25 14:51 - 00000000 ____D C:\Program Files (x86)\Pixum
2013-07-14 13:11 - 2013-05-25 11:40 - 00000000 ____D C:\Users\Hartmut\AppData\Roaming\Dropbox
2013-07-14 13:11 - 2012-02-24 15:10 - 00000000 ___RD C:\Users\Hartmut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-14 13:08 - 2012-02-24 16:45 - 00000000 ____D C:\Users\Hartmut\AppData\Local\CrashDumps
2013-07-14 13:03 - 2013-07-14 13:03 - 00000000 ____D C:\Users\Hartmut\Qtrax
2013-07-14 12:59 - 2013-07-14 12:59 - 00003818 _____ C:\Windows\System32\Tasks\QtraxPlayer
2013-07-14 12:59 - 2013-06-28 10:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-14 12:55 - 2013-07-14 12:55 - 00003250 _____ C:\Windows\System32\Tasks\DSite
2013-07-14 12:54 - 2013-07-14 12:54 - 00793536 _____ C:\Users\Hartmut\Desktop\ZipOpenerSetup.exe
2013-07-12 11:44 - 2013-05-25 11:43 - 00000000 ___RD C:\Users\Hartmut\Dropbox
2013-07-12 07:05 - 2009-07-14 06:45 - 00417720 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 07:04 - 2013-03-19 20:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 07:04 - 2013-03-19 20:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 07:03 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-12 07:03 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-12 06:47 - 2012-09-26 16:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-12 06:43 - 2011-10-15 07:15 - 00766590 _____ C:\Windows\system32\perfh007.dat
2013-07-12 06:43 - 2011-10-15 07:15 - 00174284 _____ C:\Windows\system32\perfc007.dat
2013-07-12 06:43 - 2009-07-14 07:13 - 01829634 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-12 06:36 - 2012-08-18 00:25 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-11 12:56 - 2011-12-17 01:55 - 00000000 ____D C:\ProgramData\Norton
2013-07-11 09:51 - 2013-07-11 09:41 - 00000000 ____D C:\Users\Hartmut\Documents\Kontoauszüge
2013-07-10 14:56 - 2012-11-20 19:46 - 00000340 _____ C:\Windows\Tasks\HPCeeScheduleForHartmut.job
2013-07-09 12:53 - 2012-11-20 19:46 - 00003198 _____ C:\Windows\System32\Tasks\HPCeeScheduleForHartmut
2013-07-09 08:28 - 2011-02-10 21:23 - 00000000 ____D C:\SWSetup
2013-07-08 13:43 - 2013-07-08 13:33 - 00000000 ____D C:\Users\Hartmut\Desktop\ebook_neu
2013-07-08 13:33 - 2013-07-08 13:31 - 00000000 ____D C:\Users\Hartmut\Desktop\ebook
2013-07-07 17:23 - 2013-07-07 10:27 - 00000000 ____D C:\Users\Hartmut\Desktop\Speicherstick
2013-07-06 02:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-07-03 10:06 - 2011-12-17 01:43 - 01785536 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-30 14:31 - 2012-07-19 16:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-27 18:57 - 2013-05-26 11:32 - 00000000 ____D C:\ProgramData\tmp
2013-06-25 07:52 - 2013-05-12 10:07 - 00000000 ____D C:\Users\Public\Downloads\Norton
2013-06-22 10:32 - 2012-02-24 15:10 - 00001409 _____ C:\Users\Hartmut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-06-22 10:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-06-22 10:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-06-22 10:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-06-22 10:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-06-22 10:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-21 18:39 - 2013-06-21 18:22 - 00010360 _____ C:\Windows\IE10_main.log
2013-06-21 18:33 - 2013-06-21 18:33 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-06-21 18:33 - 2013-06-21 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-21 18:33 - 2013-06-21 18:33 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-21 18:33 - 2013-06-21 18:33 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-06-21 18:33 - 2013-06-21 18:33 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-06-21 18:33 - 2013-06-21 18:33 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-21 18:33 - 2013-06-21 18:33 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-06-21 18:33 - 2013-06-21 18:33 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-21 18:33 - 2013-06-21 18:33 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-21 18:33 - 2013-06-21 18:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-06-21 18:33 - 2013-06-21 18:33 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-21 18:25 - 2013-06-21 18:25 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-21 18:25 - 2013-06-21 18:25 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-21 10:31 - 2013-06-21 10:31 - 00004944 _____ C:\Windows\SysWOW64\jupdate-1.7.0_25-b16.log
2013-06-21 10:31 - 2012-11-13 21:15 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-20 15:40 - 2013-05-26 11:32 - 00000000 ____D C:\ProgramData\hps

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-05 15:36

==================== End Of Log ============================

--- --- ---

Und nun? Was passiert mit den ganzen Programmen die ich runter geladen hab?
Muss ich die bzw. sollte ich die wieder deinstallieren?

LG

schrauber · 19.07.2013, 09:27

Die Funde von ESET bitte manuell löschen.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

LisiBisi · 19.07.2013, 11:59

Super danke...

Ohne dich hätte ich das nicht geschafft.

LG

schrauber · 19.07.2013, 12:23

Gern Geschehen

19.07.2013, 12:23	#10
schrauber /// the machine /// TB-Ausbilder	Iminent, Hilfe zur Deinstalation Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Iminent, Hilfe zur Deinstalation

Log-Analyse und Auswertung: Iminent, Hilfe zur Deinstalation