| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Seit Update auf Windows 8.1 überall Werbung auf dem Desktop, Reste von Imminent?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.11.2013, 11:22
| #1 |
| |  Seit Update auf Windows 8.1 überall Werbung auf dem Desktop, Reste von Imminent? Ich habe auf meinem Notebook (32-bit)und auf unserem neuen HP Pavillion Desktop (64-bit)jeweils ein Update auf Windows 8.1 erstellt. Auf dem Notebook nutze ich Internet Explorer als Browser, auf dem Desktop Firefox. Seit ich vor 2 Tagen bei beiden Rechnern ein Update auf Windows 8.1 gemacht habe, und auch die neueste Version von Firefox installiert habe, taucht auf dem Desktop überall Werbung auf und bei Öffnung eines neuen Fensters mit Firefox kommt gleich noch ein Popupfenster mit blinkenden Spielen, obwohl der Popupblocker eingeschaltet ist. Auch auf dem Notebook öffnet sich beim Internet Explorer gleich ein 2. Fenster mit Werbung, allerdings ist hier weniger Werbung in den Fenstern. Ich hatte festgestellt, dass Imminent installiert war, aus welchem Grund auch immer. Da mein Göttergatte den Desktop benutzt, kann ich nicht ausschließen, dass er es mit einem Spiel heruntergeladen hat, auch wenn er diese Vermutung weit von sich weist. Ich habe gelesen dass andere ähnliche Probleme haben, aber eben nicht genau das gleiche, soweit ich es sehen kann. Ich habe Imminent aus den Programmen deinstalliert, Firefox deinstalliert und neu installiert und neu gestartet. Für weitere Aktionen bitte ich Euch um Hilfe. Auf beiden Rechnern läuft Norton 360 online. Vielen Dank Helgamarie Geändert von Helgamarie (08.11.2013 um 11:31 Uhr) Grund: Rechtschreibfehler |
|
08.11.2013, 12:09
| #2 |
| /// the machine /// TB-Ausbilder    | Seit Update auf Windows 8.1 überall Werbung auf dem Desktop, Reste von Imminent? hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
09.11.2013, 14:06
| #3 |
| | Seit Update auf Windows 8.1 überall Werbung auf dem Desktop, Reste von Imminent? Danke für die schnelle Antwort!
__________________Hier sind die Daten für den Desktop Hp Pavilion mit 64-bit. Dabei habe ich erst gesehen dass System 32 auf dem neuen Rechner ist!? FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by Dietrich (administrator) on HEINRICH on 09-11-2013 12:16:23
Running from C:\Users\Dietrich\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\WINDOWS\system32\atiesrxx.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Advanced Micro Devices Inc.) c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20279_x64__8wekyb3d8bbwe\LiveComm.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\Beats64.exe [37888 2012-09-19] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-19] (IDT, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-05-15] (Advanced Micro Devices, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM - {C9EA9183-FABE-4FCC-94FD-54C65FC3D345} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 - {C9EA9183-FABE-4FCC-94FD-54C65FC3D345} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKCU - {C9EA9183-FABE-4FCC-94FD-54C65FC3D345} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Doowwnloaade keepuer - {012793D7-2BF6-A05E-D321-75B61502E04C} - C:\Program Files (x86)\Doowwnloaade keepuer\E8X4e.x64.dll ()
BHO-x32: Doowwnloaade keepuer - {012793D7-2BF6-A05E-D321-75B61502E04C} - C:\Program Files (x86)\Doowwnloaade keepuer\E8X4e.dll ()
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Dietrich\AppData\Roaming\Mozilla\Firefox\Profiles\wr77sg2k.default
FF user.js: detected! => C:\Users\Dietrich\AppData\Roaming\Mozilla\Firefox\Profiles\wr77sg2k.default\user.js
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Dietrich\AppData\Roaming\Mozilla\Firefox\Profiles\wr77sg2k.default\searchplugins\iminent.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Doowwnloaade keepuer - C:\Users\Dietrich\AppData\Roaming\Mozilla\Firefox\Profiles\wr77sg2k.default\Extensions\vncoi@ouoe-.co.uk
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Doowwnloaade keepuer) - C:\Users\Dietrich\AppData\Local\Google\Chrome\User Data\Default\Extensions\obpdjcddbcfnlhjgmfncephimikkmplb\1.6
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\Exts\Chrome.crx
==================== Services (Whitelisted) =================
S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [533504 2013-09-30] (Microsoft Corporation)
S3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [1302016 2013-09-30] (Microsoft Corporation)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2013-08-22] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 lfsvc; C:\Windows\System32\GeofenceMonitorService.dll [491520 2013-09-30] (Microsoft Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R3 NcbService; C:\Windows\System32\ncbservice.dll [151040 2013-08-22] (Microsoft Corporation)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [130560 2013-08-22] (Microsoft Corporation)
S3 smphost; C:\Windows\System32\smphost.dll [13312 2013-08-22] (Microsoft Corporation)
S3 vmicguestinterface; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-11-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [24576 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1581568 2013-09-30] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [76800 2013-08-22] (Microsoft Corporation)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2013-11-04] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-11-04] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20131101.003\BHDrvx64.sys [1524824 2013-10-23] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-27] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20131108.001\IDSvia64.sys [521816 2013-10-28] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-09-30] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131108.018\ENG64.SYS [126040 2013-10-30] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131108.018\EX64.SYS [2099288 2013-10-30] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [56672 2013-08-22] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-08-02] (Symantec Corporation)
S1 SymIM; C:\Windows\system32\DRIVERS\SymIMv.sys [43680 2013-03-05] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 tilfilter; C:\Windows\System32\drivers\TIxHCIlfilter.sys [17528 2012-11-20] (Texas Instruments, Inc.)
R3 tiufilter; C:\Windows\System32\drivers\TIxHCIufilter.sys [23184 2012-11-20] (Texas Instruments, Inc.)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
NETSVC: lfsvc -> C:\Windows\System32\GeofenceMonitorService.dll (Microsoft Corporation)
==================== One Month Created Files and Folders ========
2013-11-09 12:16 - 2013-11-09 12:16 - 00000000 ____D C:\FRST
2013-11-09 12:15 - 2013-11-09 12:15 - 01957098 _____ (Farbar) C:\Users\Dietrich\Downloads\FRST64.exe
2013-11-08 09:59 - 2013-11-08 10:01 - 00001161 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-08 09:59 - 2013-11-08 10:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-07 06:38 - 2013-11-07 06:38 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2013-11-05 08:52 - 2013-11-05 09:04 - 00000000 ____D C:\ProgramData\Recovery
2013-11-04 21:10 - 2013-11-04 21:10 - 00000000 ____D C:\ProgramData\ATI
2013-11-04 21:00 - 2013-11-04 21:00 - 00801864 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2013-11-04 21:00 - 2013-11-04 21:00 - 00073800 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2013-11-04 21:00 - 2013-11-04 21:00 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-11-04 20:39 - 2013-05-25 13:46 - 00002100 _____ C:\Users\Dietrich\Desktop\Mozilla Thunderbird.lnk
2013-11-04 20:34 - 2013-11-04 20:34 - 00001127 _____ C:\Users\Dietrich\Desktop\Lenovo L2251pwD(DisplayPort) - Verknüpfung.lnk
2013-11-04 20:28 - 2013-11-04 20:28 - 00001117 _____ C:\Users\Public\Desktop\HP Quick Start.lnk
2013-11-04 20:28 - 2013-11-04 20:28 - 00000000 ____D C:\Users\Dietrich\AppData\Local\HP Quick Start
2013-11-04 20:27 - 2013-11-04 20:27 - 00000000 ____D C:\Program Files (x86)\Texas Instruments Inc
2013-11-04 20:26 - 2013-11-04 20:26 - 00000000 ____D C:\ProgramData\AMD
2013-11-04 20:26 - 2013-11-04 20:26 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-11-04 20:24 - 2013-11-04 20:24 - 29157376 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 24229376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 23815168 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 19870720 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 16082944 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 13703168 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 11660800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2013-11-04 20:24 - 2013-11-04 20:24 - 03342768 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2013-11-04 20:24 - 2013-11-04 20:24 - 03309936 _____ C:\WINDOWS\system32\atiumd6a.cap
2013-11-04 20:24 - 2013-11-04 20:24 - 00695004 _____ C:\WINDOWS\system32\atiicdxx.dat
2013-11-04 20:24 - 2013-11-04 20:24 - 00581120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2013-11-04 20:24 - 2013-11-04 20:24 - 00562688 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2013-11-04 20:24 - 2013-11-04 20:24 - 00524368 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2013-11-04 20:24 - 2013-11-04 20:24 - 00524368 _____ C:\WINDOWS\system32\atiapfxx.blb
2013-11-04 20:24 - 2013-11-04 20:24 - 00430080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00241152 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2013-11-04 20:24 - 2013-11-04 20:24 - 00231604 _____ C:\WINDOWS\system32\ativvaxy_cik.dat
2013-11-04 20:24 - 2013-11-04 20:24 - 00230064 _____ C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2013-11-04 20:24 - 2013-11-04 20:24 - 00222720 _____ C:\WINDOWS\system32\clinfo.exe
2013-11-04 20:24 - 2013-11-04 20:24 - 00163840 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2013-11-04 20:24 - 2013-11-04 20:24 - 00120320 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00110080 _____ (TODO: <Company name>) C:\WINDOWS\system32\DelayAPO.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00098744 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdW86.sys
2013-11-04 20:24 - 2013-11-04 20:24 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00076800 _____ (AMD) C:\WINDOWS\system32\coinst_12.105.8.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00076288 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00075600 _____ C:\WINDOWS\system32\ativce02.dat
2013-11-04 20:24 - 2013-11-04 20:24 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00065536 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00064000 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00056320 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00054784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00051200 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00050176 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00046080 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00044544 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00044066 _____ C:\WINDOWS\atiogl.xml
2013-11-04 20:24 - 2013-11-04 20:24 - 00044032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00044032 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00034816 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00026112 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00021160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmafd.sys
2013-11-04 20:24 - 2013-11-04 20:24 - 00017920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00000000 ____D C:\Users\Dietrich\AppData\Roaming\WinBatch
2013-11-04 15:33 - 2013-11-04 15:37 - 49825176 _____ C:\Users\Dietrich\Downloads\mpnx_4_1-win-mx360-4_1_0-ea23_2(1).exe
2013-11-04 15:09 - 2013-11-04 15:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360
2013-11-04 15:03 - 2013-11-09 06:51 - 00000000 __RDO C:\Users\Dietrich\SkyDrive
2013-11-04 15:01 - 2013-11-04 15:01 - 00001452 _____ C:\Users\Dietrich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-04 15:00 - 2013-11-04 15:00 - 00000020 ___SH C:\Users\Dietrich\ntuser.ini
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-11-04 14:44 - 2013-11-08 20:51 - 02023969 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-04 14:44 - 2013-11-04 14:44 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-11-04 14:38 - 2013-11-04 14:38 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata
2013-11-04 14:38 - 2013-11-04 14:38 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-11-04 14:38 - 2013-11-04 14:38 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata
2013-11-04 14:38 - 2013-11-04 14:38 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-11-04 14:36 - 2013-11-04 14:36 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-11-04 14:35 - 2013-11-04 15:03 - 00000000 ____D C:\Users\Dietrich
2013-11-04 14:35 - 2013-11-04 14:44 - 00026673 _____ C:\WINDOWS\diagwrn.xml
2013-11-04 14:35 - 2013-11-04 14:44 - 00026673 _____ C:\WINDOWS\diagerr.xml
2013-11-04 14:35 - 2013-11-04 14:36 - 00000000 ___RD C:\Users\Dietrich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\Vorlagen
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\Startmenü
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\Netzwerkumgebung
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\Lokale Einstellungen
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\Eigene Dateien
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\Druckumgebung
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\Documents\Eigene Musik
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\Documents\Eigene Bilder
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\AppData\Local\Verlauf
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\AppData\Local\Anwendungsdaten
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\Anwendungsdaten
2013-11-04 14:35 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Dietrich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-04 14:35 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Dietrich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-11-04 14:35 - 2013-08-22 16:36 - 00000000 ____D C:\Users\Dietrich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-04 14:34 - 2013-11-04 14:36 - 00012096 _____ C:\WINDOWS\iis.log
2013-11-04 14:34 - 2013-11-04 14:34 - 01914374 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2013-11-04 14:33 - 2013-11-04 14:33 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-11-04 14:33 - 2013-11-04 14:33 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-11-04 14:33 - 2013-11-04 14:33 - 00000000 ____D C:\Program Files\AMD
2013-11-04 14:33 - 2013-11-04 14:33 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2013-11-04 14:32 - 2013-11-04 14:32 - 00000000 __SHD C:\Recovery
2013-11-04 14:31 - 2013-11-04 15:01 - 00000000 ___DC C:\WINDOWS\Panther
2013-11-04 14:31 - 2013-11-04 14:31 - 23213056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-04 14:31 - 2013-11-04 14:31 - 17143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-11-04 14:31 - 2013-11-04 14:31 - 12995072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-04 14:31 - 2013-11-04 14:31 - 11222016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-11-04 14:31 - 2013-11-04 14:31 - 02763776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-11-04 14:31 - 2013-11-04 14:31 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-11-04 14:31 - 2013-11-04 14:31 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-11-04 14:31 - 2013-11-04 14:31 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-11-04 14:31 - 2013-11-04 14:31 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2013-11-04 14:31 - 2013-11-04 14:31 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 02144768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 01537880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-11-04 14:30 - 2013-11-04 14:30 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00837120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-11-04 14:30 - 2013-11-04 14:30 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-11-04 14:30 - 2013-11-04 14:30 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-04 14:29 - 2013-11-04 14:39 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-11-04 14:29 - 2013-11-04 14:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2013-11-04 14:29 - 2013-11-04 14:29 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2013-11-04 14:29 - 2013-11-04 14:29 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-11-04 14:29 - 2013-11-04 14:29 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-11-04 14:29 - 2013-11-04 14:29 - 00000000 ____D C:\Program Files\MSBuild
2013-11-04 14:29 - 2013-11-04 14:29 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-11-04 14:29 - 2013-11-04 14:29 - 00000000 ____D C:\inetpub
2013-11-04 14:29 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2013-11-04 14:29 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-11-04 14:29 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2013-11-04 14:29 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2013-11-04 14:29 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-11-04 14:29 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2013-11-04 14:03 - 2013-11-04 14:44 - 00006579 _____ C:\WINDOWS\comsetup.log
2013-11-04 10:55 - 2013-11-04 10:55 - 00002097 _____ C:\Users\Public\Desktop\Canon MP Navigator EX 4.1.lnk
2013-11-04 10:16 - 2013-11-04 10:17 - 04954736 _____ (Microsoft Corporation) C:\Users\Dietrich\Downloads\WindowsUpgradeAssistant(1).exe
2013-11-02 14:48 - 2013-11-02 14:48 - 00153120 _____ (Amônétízé Ltd) C:\Users\Dietrich\Downloads\FlashPlayer__4003_i117793176_il296.exe
2013-10-30 20:22 - 2013-10-30 20:22 - 00001951 _____ C:\Users\Public\Desktop\EZDownloader.lnk
2013-10-30 20:22 - 2013-10-30 20:22 - 00000000 ____D C:\WINDOWS\SysWOW64\X86
2013-10-30 20:22 - 2013-10-30 20:22 - 00000000 ____D C:\WINDOWS\SysWOW64\AMD64
2013-10-30 20:22 - 2013-10-30 20:22 - 00000000 ____D C:\ProgramData\RightClick
2013-10-30 20:22 - 2013-10-30 20:22 - 00000000 ____D C:\Program Files (x86)\EZDownloader
2013-10-30 20:21 - 2013-11-08 08:31 - 00000898 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2013-10-30 20:21 - 2013-11-08 08:31 - 00000000 ____D C:\Program Files (x86)\IminentToolbar
2013-10-30 20:21 - 2013-10-30 20:21 - 00000000 ____D C:\ProgramData\Doowwnloaade keepuer
2013-10-30 20:21 - 2013-10-30 20:21 - 00000000 ____D C:\ProgramData\408c00b10816348d
2013-10-30 20:21 - 2013-10-30 20:21 - 00000000 ____D C:\Program Files (x86)\Doowwnloaade keepuer
2013-10-30 20:19 - 2013-10-30 20:22 - 00000000 ____D C:\ProgramData\InstallMate
2013-10-24 01:35 - 2013-11-04 12:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
==================== One Month Modified Files and Folders =======
2013-11-09 12:16 - 2013-11-09 12:16 - 00000000 ____D C:\FRST
2013-11-09 12:15 - 2013-11-09 12:15 - 01957098 _____ (Farbar) C:\Users\Dietrich\Downloads\FRST64.exe
2013-11-09 12:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-11-09 11:27 - 2013-05-25 14:28 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-09 11:19 - 2013-05-26 20:56 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-09 06:51 - 2013-11-04 15:03 - 00000000 __RDO C:\Users\Dietrich\SkyDrive
2013-11-09 04:27 - 2013-05-25 14:28 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-09 02:33 - 2013-05-26 12:13 - 00003182 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDietrich
2013-11-09 02:33 - 2013-05-26 12:13 - 00000362 _____ C:\WINDOWS\Tasks\HPCeeScheduleForDietrich.job
2013-11-08 20:51 - 2013-11-04 14:44 - 02023969 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-08 10:18 - 2013-05-25 12:55 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-889190479-538996979-3614851630-1001
2013-11-08 10:01 - 2013-11-08 09:59 - 00001161 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-08 10:01 - 2013-11-08 09:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-08 09:59 - 2013-05-25 13:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-08 09:46 - 2013-09-09 16:39 - 00000000 ____D C:\Users\Dietrich\AppData\Local\CrashDumps
2013-11-08 09:03 - 2013-09-30 05:14 - 01980870 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-08 09:03 - 2013-09-30 04:56 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat
2013-11-08 09:03 - 2013-09-30 04:56 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat
2013-11-08 08:59 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-08 08:58 - 2013-09-29 20:04 - 00001844 _____ C:\WINDOWS\PFRO.log
2013-11-08 08:58 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-11-08 08:31 - 2013-10-30 20:21 - 00000898 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2013-11-08 08:31 - 2013-10-30 20:21 - 00000000 ____D C:\Program Files (x86)\IminentToolbar
2013-11-07 18:32 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-11-07 06:39 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-11-07 06:38 - 2013-11-07 06:38 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2013-11-07 06:38 - 2013-05-25 12:49 - 00000000 ____D C:\Users\Dietrich\AppData\Local\Packages
2013-11-05 18:09 - 2013-05-26 12:13 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2013-11-05 10:53 - 2012-07-26 09:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2013-11-05 09:04 - 2013-11-05 08:52 - 00000000 ____D C:\ProgramData\Recovery
2013-11-04 21:58 - 2012-11-22 21:06 - 00000000 ____D C:\ProgramData\CyberLink
2013-11-04 21:58 - 2012-11-22 21:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-04 21:57 - 2012-11-22 21:12 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2013-11-04 21:57 - 2012-11-22 21:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2013-11-04 21:57 - 2012-11-22 21:12 - 00029480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2013-11-04 21:57 - 2012-08-02 04:15 - 00000000 ____D C:\SWSETUP
2013-11-04 21:11 - 2013-08-22 15:46 - 00293809 _____ C:\WINDOWS\setupact.log
2013-11-04 21:10 - 2013-11-04 21:10 - 00000000 ____D C:\ProgramData\ATI
2013-11-04 21:00 - 2013-11-04 21:00 - 00801864 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2013-11-04 21:00 - 2013-11-04 21:00 - 00073800 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2013-11-04 21:00 - 2013-11-04 21:00 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-11-04 20:34 - 2013-11-04 20:34 - 00001127 _____ C:\Users\Dietrich\Desktop\Lenovo L2251pwD(DisplayPort) - Verknüpfung.lnk
2013-11-04 20:28 - 2013-11-04 20:28 - 00001117 _____ C:\Users\Public\Desktop\HP Quick Start.lnk
2013-11-04 20:28 - 2013-11-04 20:28 - 00000000 ____D C:\Users\Dietrich\AppData\Local\HP Quick Start
2013-11-04 20:27 - 2013-11-04 20:27 - 00000000 ____D C:\Program Files (x86)\Texas Instruments Inc
2013-11-04 20:26 - 2013-11-04 20:26 - 00000000 ____D C:\ProgramData\AMD
2013-11-04 20:26 - 2013-11-04 20:26 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-11-04 20:26 - 2012-11-22 21:02 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-11-04 20:24 - 2013-11-04 20:24 - 29157376 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 24229376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 23815168 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 19870720 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 16082944 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 13703168 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 11660800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2013-11-04 20:24 - 2013-11-04 20:24 - 03342768 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2013-11-04 20:24 - 2013-11-04 20:24 - 03309936 _____ C:\WINDOWS\system32\atiumd6a.cap
2013-11-04 20:24 - 2013-11-04 20:24 - 00695004 _____ C:\WINDOWS\system32\atiicdxx.dat
2013-11-04 20:24 - 2013-11-04 20:24 - 00581120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2013-11-04 20:24 - 2013-11-04 20:24 - 00562688 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2013-11-04 20:24 - 2013-11-04 20:24 - 00524368 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2013-11-04 20:24 - 2013-11-04 20:24 - 00524368 _____ C:\WINDOWS\system32\atiapfxx.blb
2013-11-04 20:24 - 2013-11-04 20:24 - 00430080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00241152 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2013-11-04 20:24 - 2013-11-04 20:24 - 00231604 _____ C:\WINDOWS\system32\ativvaxy_cik.dat
2013-11-04 20:24 - 2013-11-04 20:24 - 00230064 _____ C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2013-11-04 20:24 - 2013-11-04 20:24 - 00222720 _____ C:\WINDOWS\system32\clinfo.exe
2013-11-04 20:24 - 2013-11-04 20:24 - 00163840 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2013-11-04 20:24 - 2013-11-04 20:24 - 00120320 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00110080 _____ (TODO: <Company name>) C:\WINDOWS\system32\DelayAPO.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00098744 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdW86.sys
2013-11-04 20:24 - 2013-11-04 20:24 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00076800 _____ (AMD) C:\WINDOWS\system32\coinst_12.105.8.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00076288 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00075600 _____ C:\WINDOWS\system32\ativce02.dat
2013-11-04 20:24 - 2013-11-04 20:24 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00065536 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00064000 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00056320 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00054784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00051200 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00050176 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00046080 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00044544 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00044066 _____ C:\WINDOWS\atiogl.xml
2013-11-04 20:24 - 2013-11-04 20:24 - 00044032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00044032 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00034816 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00026112 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00021160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmafd.sys
2013-11-04 20:24 - 2013-11-04 20:24 - 00017920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2013-11-04 20:24 - 2013-11-04 20:24 - 00000000 ____D C:\Users\Dietrich\AppData\Roaming\WinBatch
2013-11-04 20:24 - 2013-09-26 19:02 - 08272648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2013-11-04 20:24 - 2013-09-26 19:02 - 07234360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2013-11-04 20:24 - 2013-09-26 19:02 - 06985624 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2013-11-04 20:24 - 2013-09-26 19:02 - 05944264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2013-11-04 20:24 - 2013-09-26 19:02 - 05001344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2013-11-04 20:24 - 2013-09-26 19:02 - 04450776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2013-11-04 20:24 - 2013-09-26 19:02 - 01155264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2013-11-04 20:24 - 2013-09-26 19:02 - 00970912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2013-11-04 20:24 - 2013-09-26 19:02 - 00636416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2013-11-04 20:24 - 2013-09-26 19:02 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2013-11-04 20:24 - 2013-09-26 19:02 - 00139696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2013-11-04 20:24 - 2013-09-26 19:02 - 00118584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2013-11-04 20:24 - 2013-09-26 19:02 - 00112440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2013-11-04 20:24 - 2013-09-26 19:02 - 00092304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2013-11-04 15:45 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\restore
2013-11-04 15:37 - 2013-11-04 15:33 - 49825176 _____ C:\Users\Dietrich\Downloads\mpnx_4_1-win-mx360-4_1_0-ea23_2(1).exe
2013-11-04 15:09 - 2013-11-04 15:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360
2013-11-04 15:03 - 2013-11-04 14:35 - 00000000 ____D C:\Users\Dietrich
2013-11-04 15:02 - 2013-05-25 12:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2013-11-04 15:01 - 2013-11-04 15:01 - 00001452 _____ C:\Users\Dietrich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-04 15:01 - 2013-11-04 14:31 - 00000000 ___DC C:\WINDOWS\Panther
2013-11-04 15:01 - 2013-07-31 09:02 - 00003206 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2013-11-04 15:01 - 2013-05-25 12:49 - 00000000 ___RD C:\Users\Dietrich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-04 15:01 - 2013-05-25 12:49 - 00000000 ___RD C:\Users\Dietrich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-04 15:00 - 2013-11-04 15:00 - 00000020 ___SH C:\Users\Dietrich\ntuser.ini
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-11-04 14:45 - 2013-11-04 14:45 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-11-04 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows NT
2013-11-04 14:45 - 2013-08-22 14:36 - 00000000 __RHD C:\Users\Default
2013-11-04 14:44 - 2013-11-04 14:44 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-11-04 14:44 - 2013-11-04 14:35 - 00026673 _____ C:\WINDOWS\diagwrn.xml
2013-11-04 14:44 - 2013-11-04 14:35 - 00026673 _____ C:\WINDOWS\diagerr.xml
2013-11-04 14:44 - 2013-11-04 14:03 - 00006579 _____ C:\WINDOWS\comsetup.log
2013-11-04 14:44 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Registration
2013-11-04 14:42 - 2013-08-22 16:36 - 00000000 __RSD C:\WINDOWS\Media
2013-11-04 14:42 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Public\Libraries
2013-11-04 14:41 - 2012-11-22 20:57 - 00000000 ____D C:\ProgramData\SoundResearch
2013-11-04 14:40 - 2013-08-22 15:44 - 00492520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-11-04 14:39 - 2013-11-04 14:29 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-11-04 14:39 - 2013-09-30 04:59 - 00000000 ____D C:\WINDOWS\ShellNew
2013-11-04 14:39 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2013-11-04 14:39 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2013-11-04 14:39 - 2012-11-22 21:14 - 00000000 ____D C:\WINDOWS\en
2013-11-04 14:39 - 2012-11-22 21:14 - 00000000 ____D C:\WINDOWS\de
2013-11-04 14:38 - 2013-11-04 14:38 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata
2013-11-04 14:38 - 2013-11-04 14:38 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-11-04 14:38 - 2013-11-04 14:38 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata
2013-11-04 14:38 - 2013-11-04 14:38 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-11-04 14:38 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2013-11-04 14:38 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2013-11-04 14:38 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\system32\WCN
2013-11-04 14:38 - 2013-08-22 16:37 - 00004893 _____ C:\WINDOWS\DtcInstall.log
2013-11-04 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2013-11-04 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2013-11-04 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2013-11-04 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\spool
2013-11-04 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-11-04 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\IME
2013-11-04 14:38 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2013-11-04 14:38 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-11-04 14:38 - 2012-07-26 06:37 - 00000000 ____D C:\Users\Default.migrated
2013-11-04 14:37 - 2013-08-22 16:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2013-11-04 14:37 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2013-11-04 14:37 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2013-11-04 14:37 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\IME
2013-11-04 14:37 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Help
2013-11-04 14:37 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-11-04 14:37 - 2013-05-27 12:32 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2013-11-04 14:37 - 2012-08-01 18:06 - 00000000 ____D C:\ProgramData\PRICache
2013-11-04 14:36 - 2013-11-04 14:36 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-11-04 14:36 - 2013-11-04 14:35 - 00000000 ___RD C:\Users\Dietrich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-04 14:36 - 2013-11-04 14:34 - 00012096 _____ C:\WINDOWS\iis.log
2013-11-04 14:36 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\Vorlagen
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\Startmenü
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\Netzwerkumgebung
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\Lokale Einstellungen
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\Eigene Dateien
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\Druckumgebung
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\Documents\Eigene Musik
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\Documents\Eigene Bilder
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\AppData\Local\Verlauf
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\AppData\Local\Anwendungsdaten
2013-11-04 14:35 - 2013-11-04 14:35 - 00000000 _SHDL C:\Users\Dietrich\Anwendungsdaten
2013-11-04 14:34 - 2013-11-04 14:34 - 01914374 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2013-11-04 14:33 - 2013-11-04 14:33 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-11-04 14:33 - 2013-11-04 14:33 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-11-04 14:33 - 2013-11-04 14:33 - 00000000 ____D C:\Program Files\AMD
2013-11-04 14:33 - 2013-11-04 14:33 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2013-11-04 14:32 - 2013-11-04 14:32 - 00000000 __SHD C:\Recovery
2013-11-04 14:31 - 2013-11-04 14:31 - 23213056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-04 14:31 - 2013-11-04 14:31 - 17143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-11-04 14:31 - 2013-11-04 14:31 - 12995072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-04 14:31 - 2013-11-04 14:31 - 11222016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-11-04 14:31 - 2013-11-04 14:31 - 02763776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-11-04 14:31 - 2013-11-04 14:31 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-11-04 14:31 - 2013-11-04 14:31 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-11-04 14:31 - 2013-11-04 14:31 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-11-04 14:31 - 2013-11-04 14:31 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2013-11-04 14:31 - 2013-11-04 14:31 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2013-11-04 14:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-11-04 14:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-04 14:31 - 2013-08-22 16:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2013-11-04 14:30 - 2013-11-04 14:30 - 02144768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 01537880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-11-04 14:30 - 2013-11-04 14:30 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00837120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-11-04 14:30 - 2013-11-04 14:30 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-11-04 14:30 - 2013-11-04 14:30 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2013-11-04 14:30 - 2013-11-04 14:30 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-04 14:30 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-11-04 14:30 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2013-11-04 14:29 - 2013-11-04 14:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2013-11-04 14:29 - 2013-11-04 14:29 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2013-11-04 14:29 - 2013-11-04 14:29 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2013-11-04 14:29 - 2013-11-04 14:29 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-11-04 14:29 - 2013-11-04 14:29 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-11-04 14:29 - 2013-11-04 14:29 - 00000000 ____D C:\Program Files\MSBuild
2013-11-04 14:29 - 2013-11-04 14:29 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-11-04 14:29 - 2013-11-04 14:29 - 00000000 ____D C:\inetpub
2013-11-04 14:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2013-11-04 14:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2013-11-04 14:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2013-11-04 14:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2013-11-04 14:22 - 2013-05-25 12:49 - 01587971 _____ C:\WINDOWS\WindowsUpdate (1).log
2013-11-04 13:40 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-11-04 12:13 - 2013-10-24 01:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-04 10:55 - 2013-11-04 10:55 - 00002097 _____ C:\Users\Public\Desktop\Canon MP Navigator EX 4.1.lnk
2013-11-04 10:55 - 2013-05-27 11:51 - 00000000 ____D C:\Program Files (x86)\Canon
2013-11-04 10:55 - 2013-05-25 14:39 - 00000000 ____D C:\Users\Dietrich\Downloads\Pixma MP610
2013-11-04 10:17 - 2013-11-04 10:16 - 04954736 _____ (Microsoft Corporation) C:\Users\Dietrich\Downloads\WindowsUpgradeAssistant(1).exe
2013-11-02 14:48 - 2013-11-02 14:48 - 00153120 _____ (Amônétízé Ltd) C:\Users\Dietrich\Downloads\FlashPlayer__4003_i117793176_il296.exe
2013-10-30 20:22 - 2013-10-30 20:22 - 00001951 _____ C:\Users\Public\Desktop\EZDownloader.lnk
2013-10-30 20:22 - 2013-10-30 20:22 - 00000000 ____D C:\WINDOWS\SysWOW64\X86
2013-10-30 20:22 - 2013-10-30 20:22 - 00000000 ____D C:\WINDOWS\SysWOW64\AMD64
2013-10-30 20:22 - 2013-10-30 20:22 - 00000000 ____D C:\ProgramData\RightClick
2013-10-30 20:22 - 2013-10-30 20:22 - 00000000 ____D C:\Program Files (x86)\EZDownloader
2013-10-30 20:22 - 2013-10-30 20:19 - 00000000 ____D C:\ProgramData\InstallMate
2013-10-30 20:21 - 2013-10-30 20:21 - 00000000 ____D C:\ProgramData\Doowwnloaade keepuer
2013-10-30 20:21 - 2013-10-30 20:21 - 00000000 ____D C:\ProgramData\408c00b10816348d
2013-10-30 20:21 - 2013-10-30 20:21 - 00000000 ____D C:\Program Files (x86)\Doowwnloaade keepuer
2013-10-30 20:21 - 2013-05-25 14:28 - 00000000 ____D C:\Users\Dietrich\AppData\Local\Google
2013-10-27 08:33 - 2013-05-26 12:13 - 00000000 _____ C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-10-10 17:34 - 2013-05-25 13:34 - 00000000 ____D C:\Users\Dietrich\AppData\Local\Mozilla
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2013-08-22 12:40] - [2013-08-22 13:39] - 0312160 ____A (Microsoft Corporation) 9F9CE33B50611A1C61A46B8911E0B30B
LastRegBack: 2013-11-04 14:32
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2013
Ran by Dietrich at 2013-11-09 12:16:42
Running from C:\Users\Dietrich\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 Online (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Online (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 Online (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
AMD Accelerated Video Transcoding (Version: 12.10.100.30515)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.911.0)
Bonjour (Version: 3.0.0.10)
Canon Easy-PhotoPrint EX (x32 Version: 4.1.6)
Canon MP Navigator EX 1.0 (x32)
Canon MP Navigator EX 4.1 (x32)
Canon MP610 series
Canon My Printer (x32 Version: 3.1.0)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2013.0515.725.11427)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0515.725.11427)
Catalyst Control Center InstallProxy (x32 Version: 2013.0515.725.11427)
Catalyst Control Center Localization All (x32 Version: 2013.0515.725.11427)
Catalyst Control Center Profiles Desktop (x32 Version: 2013.0515.725.11427)
CCC Help Chinese Standard (x32 Version: 2013.0515.0724.11427)
CCC Help Chinese Traditional (x32 Version: 2013.0515.0724.11427)
CCC Help Czech (x32 Version: 2013.0515.0724.11427)
CCC Help Danish (x32 Version: 2013.0515.0724.11427)
CCC Help Dutch (x32 Version: 2013.0515.0724.11427)
CCC Help English (x32 Version: 2013.0515.0724.11427)
CCC Help Finnish (x32 Version: 2013.0515.0724.11427)
CCC Help French (x32 Version: 2013.0515.0724.11427)
CCC Help German (x32 Version: 2013.0515.0724.11427)
CCC Help Greek (x32 Version: 2013.0515.0724.11427)
CCC Help Hungarian (x32 Version: 2013.0515.0724.11427)
CCC Help Italian (x32 Version: 2013.0515.0724.11427)
CCC Help Japanese (x32 Version: 2013.0515.0724.11427)
CCC Help Korean (x32 Version: 2013.0515.0724.11427)
CCC Help Norwegian (x32 Version: 2013.0515.0724.11427)
CCC Help Polish (x32 Version: 2013.0515.0724.11427)
CCC Help Portuguese (x32 Version: 2013.0515.0724.11427)
CCC Help Russian (x32 Version: 2013.0515.0724.11427)
CCC Help Spanish (x32 Version: 2013.0515.0724.11427)
CCC Help Swedish (x32 Version: 2013.0515.0724.11427)
CCC Help Thai (x32 Version: 2013.0515.0724.11427)
CCC Help Turkish (x32 Version: 2013.0515.0724.11427)
ccc-utility64 (Version: 2013.0515.725.11427)
Connected Music powered by Universal Music Group version 1.0 (x32 Version: 1.0)
CyberLink LabelPrint (x32 Version: 2.5.1.5510)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916)
CyberLink PhotoDirector (x32 Version: 2.0.1.3109)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1902)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925)
CyberLink PowerDVD (x32 Version: 10.0.8.5511)
D3DX10 (x32 Version: 15.4.2368.0902)
Doowwnloaade keepuer (x32 Version: 2.0.0.1479)
EZDownloader (x32 Version: 1.0)
Google Earth (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.165)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000)
HP Connected Music (Meridian - installer) (x32 Version: v1.0)
HP Connected Remote (x32 Version: 1.0.1206)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Postscript Converter (Version: 3.1.3591)
HP Quick Start (x32 Version: 1.0.4660.30220)
HP Registration Service (Version: 1.0.5976.4186)
HP Support Assistant (x32 Version: 7.0.33.6)
HP Support Information (x32 Version: 12.00.0000)
HydraVision (x32 Version: 4.2.252.0)
IDT Audio (x32 Version: 1.0.6418.0)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 25.0 (x86 de) (x32 Version: 25.0)
Mozilla Maintenance Service (x32 Version: 25.0)
Mozilla Thunderbird 24.1.0 (x86 de) (x32 Version: 24.1.0)
MSVCRT (x32 Version: 15.4.2862.0708)
Norton 360 (x32 Version: 20.4.0.40)
Realtek Ethernet Controller Driver (x32 Version: 8.15.410.2013)
Recovery Manager (x32 Version: 5.5.0.5530)
TI xHCI Filter Driver 1.0.0.4 (x32 Version: 1.0.0.4)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
==================== Restore Points =========================
04-11-2013 14:45:13 Windows Update
==================== Hosts content: ==========================
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0F379850-7F91-414D-8C7C-EF3580A760BD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-25] (Google Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5933BB02-6D17-4CB7-8E3B-D6FCAE65CF70} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {86B3653B-E2F4-43B1-BA49-59B20EDFDD22} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8A50ECF5-674D-4813-B950-61C1953570BA} - System32\Tasks\HPCeeScheduleForDietrich => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\System32\AppXDeploymentClient.dll [2013-09-30] (Microsoft Corporation)
Task: {9E1339E7-CD5C-4D57-B2AE-2F65918BE072} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\symerr.exe [2013-06-04] (Symantec Corporation)
Task: {9FE8E9A5-3FF8-4417-AE4B-0ECD6FF6734B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {BDEBF5E6-48DD-48C0-90E9-F50EBB7AD57E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\wscstub.exe [2013-06-04] (Symantec Corporation)
Task: {C55C7DA0-06D2-40BE-ADDD-7A092830F400} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {C76D5EA5-FB76-413A-9A33-6C4B17C6D178} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\symerr.exe [2013-06-04] (Symantec Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F244EF60-1B67-4285-9197-3384D872A793} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2012-07-13] (Hewlett-Packard)
Task: {F8CB3D63-82E3-4A78-8E34-CC3EB28DCCCA} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\Windows\System32\oobe\setupsqm.exe [2013-08-22] (Microsoft Corporation)
Task: {FFAC0E2C-42E3-40C9-A148-47209C830C51} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-25] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForDietrich.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2012-08-29 11:02 - 2012-08-29 11:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2013-11-04 15:02 - 2013-11-04 15:02 - 00120224 _____ () C:\Users\Dietrich\AppData\Local\assembly\dl3\A15349OT.P8D\OWG8BDCT.ARC\d1b44c9e\0017145d_cd85cd01\HPItunesModule.DLL
2012-08-29 11:02 - 2012-08-29 11:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-08-29 11:02 - 2012-08-29 11:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-02-12 15:05 - 2013-02-12 15:05 - 00098304 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2013-02-12 15:05 - 2013-02-12 15:05 - 00028672 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResourcesNet4.dll
2012-11-22 21:02 - 2012-07-18 09:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-08-02 00:12 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\wincfi39.dll
2012-11-22 21:08 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-10-24 01:35 - 2013-11-04 12:13 - 03008624 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-10-24 01:35 - 2013-11-04 12:13 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-10-24 01:35 - 2013-11-04 12:13 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-11-08 09:59 - 2013-10-26 02:53 - 03368048 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Dietrich\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker => ""="Service"
==================== Faulty Device Manager Devices =============
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8168
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/08/2013 06:18:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3203
Error: (11/08/2013 06:18:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3203
Error: (11/08/2013 06:18:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/08/2013 06:18:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2140
Error: (11/08/2013 06:18:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2140
Error: (11/08/2013 06:18:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/08/2013 06:18:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1078
Error: (11/08/2013 06:18:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1078
Error: (11/08/2013 06:18:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/08/2013 09:46:08 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: HEINRICH)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
System errors:
=============
Error: (11/09/2013 10:00:00 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/08/2013 11:45:25 AM) (Source: NetBT) (User: )
Description: Der Name "WIRTSHAUS :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.101
registriert werden. Der Computer mit IP-Adresse 192.168.2.102 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (11/08/2013 10:00:00 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/08/2013 09:45:50 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Error: (11/08/2013 09:01:14 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Error: (11/08/2013 08:58:20 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Error: (11/07/2013 10:00:01 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/07/2013 03:10:56 AM) (Source: NetBT) (User: )
Description: Der Name "WIRTSHAUS :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.101
registriert werden. Der Computer mit IP-Adresse 192.168.2.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (11/07/2013 03:05:46 AM) (Source: NetBT) (User: )
Description: Der Name "WIRTSHAUS :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.101
registriert werden. Der Computer mit IP-Adresse 192.168.2.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (11/07/2013 03:00:36 AM) (Source: NetBT) (User: )
Description: Der Name "WIRTSHAUS :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.101
registriert werden. Der Computer mit IP-Adresse 192.168.2.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 36%
Total physical RAM: 6099.32 MB
Available physical RAM: 3890.08 MB
Total Pagefile: 7123.32 MB
Available Pagefile: 4390.11 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:918.71 GB) (Free:881.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:10.99 GB) (Free:1.29 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (INTENSO) (Fixed) (Total:232.83 GB) (Free:206.14 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 19D355C0)
Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 233 GB) (Disk ID: 53CB4B65)
Partition 1: (Not Active) - (Size=233 GB) - (Type=0C)
==================== End Of Log ============================
und die Daten vom 32-bit Notebook: die FRST-Datei ist als Zipdatei im Anhang Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-10-2013
Ran by Helga at 2013-11-08 21:07:39
Running from C:\Users\Helga\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 Online (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Online (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 Online (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Deutsch (Version: 11.0.05)
Adobe Shockwave Player 12.0 (Version: 12.0.3.133)
Advanced Audio FX Engine
Advanced Video FX Engine
Advertising Center (Version: 0.0.0.2)
AlphaTast 1.4
AMD APP SDK Runtime (Version: 10.0.937.2)
AMD Catalyst Install Manager (Version: 8.0.877.0)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
Ashampoo Burning Studio 2013 v.11.0.5 (Version: 11.0.5)
Avery Wizard 4.0 (Version: 4.0.201)
Bonjour (Version: 3.0.0.10)
Bucharchiv v2 (Version: 2.00.256)
Canon Easy-PhotoPrint EX
Canon MP Navigator EX 1.0
Canon MP610 series
Canon My Printer
CD-LabelPrint
CloneDVD2 (Version: 2.9.3.0)
Dell Dock (Version: 2.0)
Dell System Detect (HKCU Version: 3.3.2.1)
Dell Webcam Center
Dell Webcam Manager
DesignPro 5 (Version: 5.5.708)
ElsterFormular (Version: 14.0.0.10899)
EVEREST Ultimate Edition v5.50 (Version: 5.50)
Foxit Reader (Version: 5.4.5.114)
Freemake Video Converter Version 4.0.1 (Version: 4.0.1)
Google Chrome (Version: 30.0.1599.101)
Google Earth Plug-in (Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4601.54)
Google Update Helper (Version: 1.3.21.165)
iCloud (Version: 3.0.2.163)
iDevice Manager (Version: 2.1.0.0)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Laptop Integrated Webcam Driver (1.04.01.1011)
Live! Cam Avatar (Version: 1.0)
Live! Cam Avatar Creator (Version: 4.6.0817.1)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
My Dell (Version: 3.4.6308.28)
Nero ControlCenter (Version: 9.0.0.1)
Nero Installer (Version: 4.4.9.0)
Nero MediaHome 4 (Version: 4.5.9.4)
Nero MediaHome 4 Essentials
Nero MediaHome 4 Help (Version: 4.5.5.0)
Nero Online Upgrade (Version: 1.3.0.0)
Netzmanager (Version: 1.071)
Norton 360 (Version: 20.4.0.40)
Picasa 3 (Version: 3.9)
QuickTime (Version: 7.74.80.86)
RICOH Media Driver ver.2.07.01.04 (Version: 2.07.01.04)
RICOH R5U8xx Media Driver ver.3.62.02 (Version: 3.62.02)
SiSoftware Sandra Lite 2013.SP1 (Version: 19.23.2013.1)
Skype™ 6.3 (Version: 6.3.105)
swMSM (Version: 12.0.0.1)
System Requirements Lab for Intel (Version: 4.5.13.0)
TomTom HOME (Version: 2.9.7)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
TSR Watermark Image software version 2.4.1.5 - Free version
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.0.6 (Version: 2.0.6)
WISO Steuer-Sparbuch 2013 (Version: 20.00.8137)
Zattoo4 4.0.5 (Version: 4.0.5)
==================== Restore Points =========================
26-10-2013 17:23:26 Installed Java 7 Update 45
30-10-2013 07:22:09 Windows Update
06-11-2013 19:02:18 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2013-08-22 07:13 - 2013-08-22 07:13 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {00BC77BF-3352-4FE8-9617-4F1B27BEC19A} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {137923A5-9C6D-41A9-B718-ADF848C29C28} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-09-06] (PC-Doctor, Inc.)
Task: {17233BE9-87E9-40B0-B003-AE9D2B92CBBE} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {1FDACBD0-0A52-4993-B529-BE55101B11B0} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files\Norton 360\Engine\20.4.0.40\symerr.exe [2013-06-04] (Symantec Corporation)
Task: {20CEB49C-2FE2-4761-9A0D-51EA379E643F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-09] (Google Inc.)
Task: {247BD142-0549-4E91-84B0-172C25563718} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {2A5B1B64-26CB-4C24-94BD-2C24B0959ADE} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files\Norton 360\Engine\20.4.0.40\symerr.exe [2013-06-04] (Symantec Corporation)
Task: {2A7E4327-4C22-4CA1-A293-C5F612EA8868} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton 360\Engine\20.4.0.40\wscstub.exe [2013-06-04] (Symantec Corporation)
Task: {2BE65564-89D1-4396-A5CC-D7D9283FC4A1} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {31B8A92F-58DB-4243-B550-38DABA0170B2} - System32\Tasks\Apple Diagnostics => C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe [2013-09-14] (Apple Inc.)
Task: {4B7EF56A-8A42-4BD2-BB5C-7C389AC54A37} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\System32\AppXDeploymentClient.dll [2013-09-30] (Microsoft Corporation)
Task: {66106EFC-27B6-41E7-8803-A0E8187C03AA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-09] (Google Inc.)
Task: {6C10CF55-4EDE-466F-AD7E-9912E7B9D5A2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {854E19F6-116B-412C-A713-F56974E1B300} - System32\Tasks\SystemToolsDailyTest => C:\Windows\System32\uaclauncher.exe
Task: {8B5819AE-7B44-478B-A3D3-8846AF160A8F} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {9178E100-3DB9-4E17-9457-16DDDB2A9481} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-09-06] (PC-Doctor, Inc.)
Task: {92ED6570-4654-4BFA-9A6C-1084C6939C16} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {9764CE34-661B-48C7-8079-DC2CDB876BE0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {997C8BBD-710B-4E66-B5BC-CC09575A58D2} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {A5D45ED3-F524-4574-8F39-527F3729D1E2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {C0D0F7C4-419F-41B3-90A2-FE79270B828A} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {CF5A1DDC-D14D-4D59-AD49-A19A645B087B} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DCF55BED-B1DF-4ABF-8D85-6542C7007799} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E4C8774A-2818-45A4-8A6D-11DDF6348886} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-06-10 07:44 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES\NORTON 360\ENGINE\20.4.0.40\wincfi39.dll
2013-10-25 08:07 - 2013-10-25 08:07 - 00284160 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\a892d1bbf65b915a482f416a005c4ea1\VistaBridgeLibrary.ni.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Helga\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker => ""="Service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/08/2013 00:33:59 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/08/2013 00:29:44 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/08/2013 11:53:33 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/08/2013 11:42:55 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: pcdrrealtime.p5x, Version: 6.0.6308.28, Zeitstempel: 0x5226d0c6
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.8387, Zeitstempel: 0x51ea24a5
Ausnahmecode: 0x40000015
Fehleroffset: 0x0005beae
ID des fehlerhaften Prozesses: 0x1918
Startzeit der fehlerhaften Anwendung: 0xpcdrrealtime.p5x0
Pfad der fehlerhaften Anwendung: pcdrrealtime.p5x1
Pfad des fehlerhaften Moduls: pcdrrealtime.p5x2
Berichtskennung: pcdrrealtime.p5x3
Vollständiger Name des fehlerhaften Pakets: pcdrrealtime.p5x4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pcdrrealtime.p5x5
Error: (11/08/2013 11:39:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 393140
Error: (11/08/2013 11:39:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 393140
Error: (11/08/2013 11:39:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/08/2013 08:27:43 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/08/2013 03:05:07 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14328
Error: (11/08/2013 03:05:07 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14328
System errors:
=============
Error: (11/08/2013 08:57:16 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/08/2013 08:53:38 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HEINRICH",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{570E8224-1178-4564-BFDD-CB1B64171-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (11/08/2013 08:52:58 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 08.11.2013 um 12:10:22 unerwartet heruntergefahren.
Error: (11/08/2013 00:15:03 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HEINRICH",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{570E8224-1178-4564-BFDD-CB1B64171-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (11/08/2013 00:10:22 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 08.11.2013 um 11:16:21 unerwartet heruntergefahren.
Error: (11/08/2013 11:57:13 AM) (Source: Microsoft-Windows-Kernel-Power) (User: NT-AUTORITÄT)
Description: 8\_TZ.THM2013-11-08T10:57:13.973561900Z364
Error: (11/08/2013 11:51:03 AM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HEINRICH",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{570E8224-1178-4564-BFDD-CB1B64171-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (11/08/2013 11:20:08 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/08/2013 11:16:21 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 08.11.2013 um 10:46:16 unerwartet heruntergefahren.
Error: (11/08/2013 10:49:33 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Microsoft Office Sessions:
=========================
Error: (08/20/2013 08:06:11 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 32 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 48%
Total physical RAM: 3062.04 MB
Available physical RAM: 1568.79 MB
Total Pagefile: 3830.04 MB
Available Pagefile: 2167.64 MB
Total Virtual: 2047.88 MB
Available Virtual: 1864.08 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:132.62 GB) (Free:47.46 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:97.66 GB) (Free:97.47 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: C8000000)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=133 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
|
10.11.2013, 07:05
| #4 |
| /// the machine /// TB-Ausbilder | Seit Update auf Windows 8.1 überall Werbung auf dem Desktop, Reste von Imminent? Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.11.2013, 12:32
| #5 |
| | Seit Update auf Windows 8.1 überall Werbung auf dem Desktop, Reste von Imminent? Endlich wieder etwas Zeit... Habe alles so gemacht. Hier die Daten vom Desktop: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.11.12.13 Windows 8 x64 NTFS Internet Explorer 11.0.9600.16384 Dietrich :: HEINRICH [Administrator] Schutz: Aktiviert 12.11.2013 22:09:19 mbam-log-2013-11-12 (22-09-19).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|H:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 394099 Laufzeit: 32 Minute(n), 7 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Program Files (x86)\Doowwnloaade keepuer\E8X4e.x64.dll (PUP.Optional.Multiplug) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter # AdwCleaner v3.012 - Bericht erstellt am 12/11/2013 um 22:52:44
# Updated 11/11/2013 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Dietrich - HEINRICH
# Gestartet von : C:\Users\Dietrich\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\RightClick
Ordner Gelöscht : C:\ProgramData\Doowwnloaade keepuer
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
Ordner Gelöscht : C:\Program Files (x86)\Doowwnloaade keepuer
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Datei Gelöscht : C:\Users\Dietrich\AppData\Roaming\Mozilla\Firefox\Profiles\wr77sg2k.default\searchplugins\iminent.xml
Datei Gelöscht : C:\Users\Dietrich\AppData\Roaming\Mozilla\Firefox\Profiles\wr77sg2k.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8.1 x64
Ran by Dietrich on 12.11.2013 at 23:00:13,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C9EA9183-FABE-4FCC-94FD-54C65FC3D345}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{C9EA9183-FABE-4FCC-94FD-54C65FC3D345}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{C9EA9183-FABE-4FCC-94FD-54C65FC3D345}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{C9EA9183-FABE-4FCC-94FD-54C65FC3D345}
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Dietrich\appdata\local\{68F9814E-DB02-4C42-AAC2-4E9B3898B432}
~~~ FireFox
Successfully deleted the following from C:\Users\Dietrich\AppData\Roaming\mozilla\firefox\profiles\wr77sg2k.default\prefs.js
user_pref("extensions.WbYn7X6.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self==window.top && \"www.google.com,mail.goo
Emptied folder: C:\Users\Dietrich\AppData\Roaming\mozilla\firefox\profiles\wr77sg2k.default\minidumps [9 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.11.2013 at 23:03:51,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2013 01
Ran by Dietrich (administrator) on HEINRICH on 12-11-2013 23:11:39
Running from C:\Users\Dietrich\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\WINDOWS\system32\atiesrxx.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Advanced Micro Devices Inc.) c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20279_x64__8wekyb3d8bbwe\LiveComm.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\Beats64.exe [37888 2012-09-19] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-19] (IDT, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-07] (Hewlett-Packard)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-05-15] (Advanced Micro Devices, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
|
|
21.11.2013, 09:26
| #6 |
| /// the machine /// TB-Ausbilder | Seit Update auf Windows 8.1 überall Werbung auf dem Desktop, Reste von Imminent?ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ --> Seit Update auf Windows 8.1 überall Werbung auf dem Desktop, Reste von Imminent? |
|
01.01.2014, 13:56
| #7 |
| | Seit Update auf Windows 8.1 überall Werbung auf dem Desktop, Reste von Imminent? Alles Gute zum Neuen Jahr! So wie es aussieht, sind die lästigen Popups jetzt weg. Vielen herzlichen Dank für die Hilfe!  Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=9031483064adfd48aaa6b047f99e2a9f
# engine=16475
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-01 12:15:29
# local_time=2014-01-01 01:15:29 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=3592 16777213 100 91 1476094 139241025 0 0
# compatibility_mode=5893 16776574 100 94 8063927 15824462 0 0
# scanned=176661
# found=2
# cleaned=0
# scan_time=2063
sh=C1DA84A1A2B388B22157693658267F8F31BEFC05 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Users\Dietrich\AppData\Local\Google\Chrome\User Data\default\extensions\obpdjcddbcfnlhjgmfncephimikkmplb\1.6\Eu6Nzv.js"
sh=7CD2C983EA5735473B62EC0228767386B59FD635 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Users\Dietrich\AppData\Roaming\Mozilla\Firefox\Profiles\wr77sg2k.default\extensions\vncoi@ouoe-.co.uk\content\bg.js"
Code:
ATTFilter Results of screen317's Security Check version 0.99.77
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
Norton 360 Online
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 11.9.900.170
Adobe Reader XI
Mozilla Firefox (26.0)
Mozilla Thunderbird (24.2.0)
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-12-2013 01
Ran by Dietrich (administrator) on HEINRICH on 01-01-2014 13:49:05
Running from C:\Users\Dietrich\AppData\Local\Microsoft\Windows\INetCache\IE\M5RZD21O
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccsvchst.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccsvchst.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\Beats64.exe [37888 2012-09-19] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-19] (IDT, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-05-15] (Advanced Micro Devices, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)
MountPoints2: {a31795c3-c52f-11e2-be6d-806e6f6e6963} - "E:\AOESETUP.EXE" /autorun
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {C9EA9183-FABE-4FCC-94FD-54C65FC3D345} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {C9EA9183-FABE-4FCC-94FD-54C65FC3D345} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Doowwnloaade keepuer - {012793D7-2BF6-A05E-D321-75B61502E04C} - C:\Program Files (x86)\Doowwnloaade keepuer\E8X4e.x64.dll No File
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Dietrich\AppData\Roaming\Mozilla\Firefox\Profiles\wr77sg2k.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Doowwnloaade keepuer - C:\Users\Dietrich\AppData\Roaming\Mozilla\Firefox\Profiles\wr77sg2k.default\Extensions\vncoi@ouoe-.co.uk
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Doowwnloaade keepuer) - C:\Users\Dietrich\AppData\Local\Google\Chrome\User Data\default\extensions\obpdjcddbcfnlhjgmfncephimikkmplb\1.6
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\Exts\Chrome.crx
==================== Services (Whitelisted) =================
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-11-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2013-11-04] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-11-04] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [1526488 2013-12-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20131231.001\IDSvia64.sys [521944 2013-12-15] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131231.023\ENG64.SYS [126040 2013-12-31] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131231.023\EX64.SYS [2099288 2013-12-31] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-08-02] (Symantec Corporation)
S1 SymIM; C:\Windows\system32\DRIVERS\SymIMv.sys [43680 2013-03-05] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 tilfilter; C:\Windows\System32\drivers\TIxHCIlfilter.sys [17528 2012-11-20] (Texas Instruments, Inc.)
R3 tiufilter; C:\Windows\System32\drivers\TIxHCIufilter.sys [23184 2012-11-20] (Texas Instruments, Inc.)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-01 13:42 - 2014-01-01 13:42 - 00891200 _____ C:\Users\Dietrich\Desktop\SecurityCheck.exe
2014-01-01 12:33 - 2014-01-01 12:33 - 00000000 ____D C:\Users\Dietrich\Downloads\Reinigen!
2013-12-25 12:51 - 2013-12-25 12:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-19 17:27 - 2013-12-19 17:27 - 00002169 _____ C:\Users\Public\Desktop\Age of Empires Expansion.lnk
2013-12-19 17:27 - 2013-12-19 17:27 - 00002162 _____ C:\Users\Public\Desktop\Age of Empires.lnk
2013-12-19 17:25 - 2013-12-19 17:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2013-12-15 17:33 - 2013-12-15 17:33 - 00002234 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-14 00:36 - 2013-11-12 00:41 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-14 00:36 - 2013-11-12 00:40 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-14 00:36 - 2013-11-12 00:27 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-14 00:36 - 2013-11-12 00:24 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-14 00:36 - 2013-11-11 03:48 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-14 00:36 - 2013-11-09 12:55 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-14 00:36 - 2013-11-09 07:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-14 00:36 - 2013-11-09 06:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-14 00:36 - 2013-11-08 11:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-14 00:36 - 2013-11-08 05:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-14 00:36 - 2013-11-08 05:28 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-14 00:36 - 2013-11-08 05:26 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-14 00:36 - 2013-11-08 05:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-14 00:36 - 2013-11-08 05:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-14 00:36 - 2013-11-08 05:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-14 00:36 - 2013-11-08 04:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-14 00:36 - 2013-11-08 04:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-14 00:36 - 2013-11-05 15:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-14 00:36 - 2013-11-05 15:03 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-14 00:36 - 2013-11-05 14:57 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-14 00:36 - 2013-11-05 14:33 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-14 00:36 - 2013-11-05 14:32 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-14 00:36 - 2013-11-04 18:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-14 00:36 - 2013-11-04 18:13 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-14 00:36 - 2013-11-04 14:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-14 00:36 - 2013-11-04 12:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-14 00:36 - 2013-11-04 11:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-14 00:36 - 2013-11-04 03:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-14 00:36 - 2013-11-04 02:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-14 00:36 - 2013-11-01 12:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-14 00:36 - 2013-11-01 07:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-14 00:36 - 2013-11-01 06:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-14 00:36 - 2013-10-31 01:58 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-14 00:36 - 2013-10-31 01:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-14 00:36 - 2013-10-31 01:33 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-14 00:36 - 2013-10-31 01:33 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-14 00:36 - 2013-10-31 01:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-14 00:36 - 2013-10-31 01:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-14 00:36 - 2013-10-26 02:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-14 00:36 - 2013-10-24 10:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-14 00:36 - 2013-10-24 10:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-14 00:36 - 2013-10-17 12:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-14 00:36 - 2013-10-17 11:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-14 00:36 - 2013-10-05 15:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-14 00:36 - 2013-10-05 15:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-14 00:36 - 2013-10-05 13:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-14 00:36 - 2013-10-05 13:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-12 04:19 - 2013-12-12 04:19 - 00000000 ____D C:\WINDOWS\PCHEALTH
2013-12-12 03:50 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-12 03:50 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-12 03:50 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-12 03:50 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-12 03:50 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-12 03:50 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-12 03:50 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-12 03:50 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-12 03:50 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-12 03:50 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-12 03:50 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-12 03:50 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-12 03:50 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-12 03:50 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-12 03:50 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-12 03:50 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-12 03:50 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-12 03:50 - 2013-11-23 05:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-12 03:50 - 2013-11-23 05:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-12 03:50 - 2013-11-23 04:32 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-12 03:50 - 2013-11-23 04:10 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-12 03:50 - 2013-10-19 09:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-12 03:50 - 2013-10-19 08:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-12 03:50 - 2013-10-15 09:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-12 03:50 - 2013-10-15 09:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-12 03:49 - 2013-11-09 07:34 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-12 03:49 - 2013-11-09 07:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-12 03:49 - 2013-11-09 06:52 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-12 03:49 - 2013-11-08 08:21 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-11 20:17 - 2013-12-15 13:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
==================== One Month Modified Files and Folders =======
2014-01-01 13:45 - 2013-11-04 14:44 - 01763492 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-01 13:42 - 2014-01-01 13:42 - 00891200 _____ C:\Users\Dietrich\Desktop\SecurityCheck.exe
2014-01-01 13:32 - 2013-05-25 14:28 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-01 13:19 - 2013-05-26 20:56 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-01 13:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-01 12:33 - 2014-01-01 12:33 - 00000000 ____D C:\Users\Dietrich\Downloads\Reinigen!
2013-12-31 18:32 - 2013-05-25 14:28 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-30 07:07 - 2013-05-26 12:13 - 00003182 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDietrich
2013-12-30 07:07 - 2013-05-26 12:13 - 00000362 _____ C:\WINDOWS\Tasks\HPCeeScheduleForDietrich.job
2013-12-29 07:30 - 2013-05-26 12:13 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2013-12-29 07:29 - 2013-05-26 12:13 - 00000000 _____ C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-12-28 01:24 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-27 11:55 - 2013-05-25 12:55 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-889190479-538996979-3614851630-1001
2013-12-25 12:51 - 2013-12-25 12:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-19 17:27 - 2013-12-19 17:27 - 00002169 _____ C:\Users\Public\Desktop\Age of Empires Expansion.lnk
2013-12-19 17:27 - 2013-12-19 17:27 - 00002162 _____ C:\Users\Public\Desktop\Age of Empires.lnk
2013-12-19 17:25 - 2013-12-19 17:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2013-12-17 18:14 - 2013-09-30 05:14 - 01980934 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-17 18:14 - 2013-09-30 04:56 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat
2013-12-17 18:14 - 2013-09-30 04:56 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat
2013-12-15 17:33 - 2013-12-15 17:33 - 00002234 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-15 17:33 - 2013-05-25 14:28 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-15 13:10 - 2013-12-11 20:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-12-15 13:10 - 2013-05-25 13:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-15 13:09 - 2013-11-04 15:03 - 00000000 __RDO C:\Users\Dietrich\SkyDrive
2013-12-15 12:16 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-15 11:15 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2013-12-15 11:13 - 2013-09-29 20:04 - 00017448 _____ C:\WINDOWS\PFRO.log
2013-12-15 11:13 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-15 11:13 - 2013-08-22 15:44 - 00492520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-15 11:13 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-12-15 11:12 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-12-15 11:12 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-12-15 11:12 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2013-12-15 11:12 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\FileManager
2013-12-15 11:12 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2013-12-14 12:28 - 2013-08-22 15:46 - 00296194 _____ C:\WINDOWS\setupact.log
2013-12-14 01:09 - 2013-08-04 20:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-14 01:09 - 2013-05-26 13:43 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-12 04:19 - 2013-12-12 04:19 - 00000000 ____D C:\WINDOWS\PCHEALTH
2013-12-12 04:19 - 2013-05-25 14:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-10 19:19 - 2013-05-26 20:56 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-12-06 18:27 - 2013-05-25 14:28 - 00004104 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-06 18:27 - 2013-05-25 14:28 - 00003868 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-04 10:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-12-04 01:05 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:05 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-03 17:57 - 2013-06-04 16:36 - 00128704 _____ C:\Users\Dietrich\AppData\Local\GDIPFONTCACHEV1.DAT
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-29 05:44
==================== End Of Log ============================
--- --- --- |
|
02.01.2014, 08:59
| #8 |
| /// the machine /// TB-Ausbilder | Seit Update auf Windows 8.1 überall Werbung auf dem Desktop, Reste von Imminent? Firefox deinstallieren, keine Daten behalten, neu installieren. Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop. Schließe nun alle offenen Programme und trenne Dich von dem Internet. Doppelklick auf die TFC.exe und drücke auf Start. Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen. Fertig Falls Du Lob oder Kritik loswerden möchtest kannst Du das hier tun Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.02.2014, 11:26
| #9 |
| |  Seit Update auf Windows 8.1 überall Werbung auf dem Desktop, Reste von Imminent? Problem gelöst! Herzlichen Dank für die ausführliche und gut verständliche Hilfe. Ich habe alles wie empfohlen ausgeführt, und alles klappt wie gewünscht! Vielen Dank! Helgamarie |
|
08.02.2014, 11:15
| #10 |
| /// the machine /// TB-Ausbilder | Seit Update auf Windows 8.1 überall Werbung auf dem Desktop, Reste von Imminent? Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Seit Update auf Windows 8.1 überall Werbung auf dem Desktop, Reste von Imminent? |
| bild, bli, browser, desktop, explorer, festgestellt, installiert, internet, internet explorer, neue, neuen, neues, norton, norton 360, notebook, popupblocker, probleme, rechner, spiele, spielen, update, version, welchem, werbung, windows, windows 8.1, öffnet |
Linear-Darstellung
