| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Advanced System Protector, my Backup & Regcleaner ProWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
14.11.2013, 11:59
| #1 |
| |  Advanced System Protector, my Backup & Regcleaner Pro Hallo, es tut mir leid euch wieder mit diesem alten Thema belästigen zu müssen. Ich habe hierzu bereits einen Foreneintrag gefunden doch konnte mir dieser nicht helfen. Die im Betreff angegebenen Programme lassen sich nicht mehr entfernen. Ich habe mit dem FRST einen Scan durchgeführt und mal aufgelistet was auf dem Computer vor sich geht. Vielen Dank für eure Hilfe! FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2013
Ran by Lutz (administrator) on LUTZ-PC on 14-11-2013 11:29:19
Running from C:\Users\Lutz\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\ProgramData\IBUpdaterService\ibsvc.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AMD) C:\Windows\system32\atieclxx.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Vimicro Corporation) C:\Program Files (x86)\Sweex\WC060\VMonitor.exe
(Dropbox, Inc.) C:\Users\Lutz\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Versandhelfer\Versandhelfer.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\system32\DeviceDisplayObjectProvider.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(TeamViewer GmbH) c:\program files (x86)\teamviewer\version8\TeamViewer_Desktop.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\avgnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe
(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11774568 2011-01-13] (Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [362032 2009-11-12] (Acronis)
HKLM\...\Run: [XeroxEndeavorBackgroundTask] - rundll32.exe xrWCbgnd.dll,LaunchBgTask 1
HKCU\...\Run: [IncrediMail] - C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe [366024 2012-03-28] (IncrediMail, Ltd.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Policies\Explorer: [NoInstrumentation] 1
MountPoints2: H - H:\LaunchU3.exe -a
MountPoints2: {00fb02c6-f491-11e0-9aac-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {08f6f6a3-ef11-11e0-954f-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {3738b26e-89df-11e1-aa80-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {3fcb39fc-f0d8-11e0-b53e-8c89a5282830} - G:\Setup.exe
MountPoints2: {6fdb7f27-a592-11e2-ac95-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {7d5db93c-c405-11e1-9a26-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {994d8635-5892-11e2-ba02-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {a207cf8b-2a58-11e3-87d1-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {b53a091a-f0de-11e0-8f20-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {baee3497-03ab-11e2-a6f2-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {c51e407d-2733-11e3-af3b-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {c860ec9c-bdaa-11e0-a5db-8c89a5282830} - G:\LaunchU3.exe -a
MountPoints2: {cfbf1b2f-68e6-11e1-ae5d-8c89a5282830} - H:\DTVP_Launcher.exe
MountPoints2: {e4434c18-d618-11e1-82b7-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {ed51f9be-c367-11e2-8f8e-8c89a5282830} - H:\LaunchU3.exe -a
HKLM-x32\...\Run: [CorelDRAW Graphics Suite 11b] - D:\Corel\Corel Graphics 12\Languages\DE\Programs\registration.exe [733184 2003-11-27] (Corel Corporation)
HKLM-x32\...\Run: [Adobe_ID0EYTHM] - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-04-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5140960 2009-11-12] (Acronis)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [Tv-Plug-In] - C:\Program Files (x86)\Tv-Plug-In\Tv-Plug-In.exe [296744 2013-04-10] (Intech-Software Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-10-31] (Avira Operations GmbH & Co. KG)
IMEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\capture.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\coreldrw.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\corelpp.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\corupd.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\csbprof.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\fontnav.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\rave.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\trace.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\tv-plug-in.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
Startup: C:\Users\Lutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Lutz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Lutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk
ShortcutTarget: Game Alarm.lnk -> C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
Startup: C:\Users\Lutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Versandhelfer.lnk
ShortcutTarget: Versandhelfer.lnk -> C:\Program Files (x86)\Versandhelfer\Versandhelfer.exe ()
BootExecute: autocheck autochk * auto_reactivate \\?\Volume{cd54a046-b47a-11e0-b68c-806e6f6e6963}\bootwiz\asrm.bin
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0b6266ce-42d1-11ac-836e-8fc3faa9e18d&searchtype=ds&q={searchTerms}&installDate=11/11/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0b6266ce-42d1-11ac-836e-8fc3faa9e18d&searchtype=hp&installDate=11/11/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0b6266ce-42d1-11ac-836e-8fc3faa9e18d&searchtype=ds&q={searchTerms}&installDate=11/11/2013
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0b6266ce-42d1-11ac-836e-8fc3faa9e18d&searchtype=ds&q={searchTerms}&installDate=11/11/2013
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0b6266ce-42d1-11ac-836e-8fc3faa9e18d&searchtype=ds&q={searchTerms}&installDate=11/11/2013
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0b6266ce-42d1-11ac-836e-8fc3faa9e18d&searchtype=ds&q={searchTerms}&installDate=11/11/2013
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0b6266ce-42d1-11ac-836e-8fc3faa9e18d&searchtype=ds&q={searchTerms}&installDate=11/11/2013
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=FA258C89A5282830&affID=122289&tsp=4924
SearchScopes: HKCU - {1C53D31A-8A0C-4BD1-A8F0-59B706876999} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=fa252e120000000000008c89a5282830&r=439
SearchScopes: HKCU - {432C0C35-5DAA-4378-A194-38E21712C624} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredimail.com//?search={searchTerms}&loc=search_box&a=1ex66TGhplC
SearchScopes: HKCU - {F1A73045-2E99-48E7-A0D9-CE7F6500ABB9} URL = hxxp://isearch.avg.com/search?cid={30CB6281-AEBA-44EE-A239-E9E3587E35F4}&mid=24946bb6144e47d1b1775dc0e3ccc1c3-7ca552837ab04f8c1c792cf35e719a890cf7eed2&lang=de&ds=tt014&pr=sa&d=2011-12-09 08:03:56&v=8.0.0.34&sap=dsp&q={searchTerms}
BHO: SuperLyrics-16 - {11111111-1111-1111-1111-110411411162} - C:\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-bho64.dll (10superSoftabcd)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: SuperLyrics-16 - {11111111-1111-1111-1111-110411411162} - C:\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-bho.dll (10superSoftabcd)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} - No File
Toolbar: HKCU - No Name - {990AF1C2-5A27-4460-8149-ECC6BC122AF3} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.10
FireFox:
========
FF ProfilePath: C:\Users\Lutz\AppData\Roaming\Mozilla\Firefox\Profiles\f0zwr6ci.default
FF Homepage: N-TV.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Plus-HD-1.3 - C:\Users\Lutz\AppData\Roaming\Mozilla\Firefox\Profiles\f0zwr6ci.default\Extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
Chrome:
=======
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\25.62088_0
CHR Extension: (Snap.Do ) - C:\Users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0
CHR Extension: (SiteAdvisor) - C:\Users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0
CHR Extension: (Plus-HD-1.3) - C:\Users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.94_0
CHR Extension: () - C:\Users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.19_0
CHR Extension: (Skype Click to Call) - C:\Users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (DealPly Shopping) - C:\Users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojcgaoafcmbadjkfdippkdddgkeaipbn\3.5.0.0_0
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [mocblcnaofikinigmceddfghppkkjbog] - C:\Users\Lutz\AppData\Roaming\PlusWinks\PlusWinks.crx
CHR HKLM-x32\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\Lutz\AppData\Local\Temp\tbch.crx
CHR HKLM-x32\...\Chrome\Extension: [ojcgaoafcmbadjkfdippkdddgkeaipbn] - C:\Program Files (x86)\DealPly\DealPly.crx
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
S3 becldr3Service; C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [176128 2011-04-19] ()
R2 IBUpdaterService; C:\ProgramData\IBUpdaterService\ibsvc.exe [614720 2013-06-25] ()
S4 IISExpressSVC; C:\Program Files (x86)\Lansweeper\IISExpress\IISexpressSVC.exe [106496 2011-03-30] (Lansweeper.com)
S4 lansweeperservice; C:\Program Files (x86)\Lansweeper\Service\Lansweeperservice.exe [304640 2011-06-14] (Lansweeper)
R2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [103472 2012-12-04] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MSSQL$SQLLANSWEEPER2K8; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\sqlservr.exe [43028328 2011-09-22] (Microsoft Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-21] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWow64\snmp.exe [47616 2010-11-21] (Microsoft Corporation)
S4 SQLAgent$SQLLANSWEEPER2K8; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\SQLAGENT.EXE [370024 2011-09-22] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-09-09] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106904 2013-10-31] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-10-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
S2 Par1284; C:\Program Files (x86)\Cutting Master 2 1.93\Program\Par1284.sys [53344 2005-03-02] (Warp Nine Engineering)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2011-10-07] ()
R0 tdrpman258; C:\Windows\System32\DRIVERS\tdrpm258.sys [1477728 2011-07-25] (Acronis)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
R3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [199168 2009-07-20] (Vimicro Corporation)
R3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [303616 2008-07-01] (Vimicro Corporation)
U3 abzwpgl4; C:\Windows\System32\Drivers\abzwpgl4.sys [0 ] (Microsoft Corporation)
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\afcdp.sys 3F5FDC12FFA4794FC3A178A26D48E7CF
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 60216B0E704584DE6D5A9F59E9C34C47
C:\Windows\System32\DRIVERS\atikmpag.sys 6B4E9261B613B047A9A145F328889968
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asmthub3.sys 6FE3237C1177E66437E7AD0E8AC1A6E5
C:\Windows\system32\drivers\asmtxhci.sys C4043E39A2ABBC56581CA25DF161E9F7
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtihdW76.sys CBD14F698DEF12EE3557604B726CB8EB
C:\Windows\System32\DRIVERS\avgntflt.sys 0909E9AD4019AFF25C58E0DFFDCD744E
C:\Windows\System32\DRIVERS\avipbb.sys DBAB18B20FDA2542EEF8C588D878B7B5
C:\Windows\System32\DRIVERS\avkmgr.sys 390184FAD8FCC1B6DA25AEBAE928C3B6
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\drivers\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStor.sys D7921D5A870B11CC1ADAB198A519D50A
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys ==> MD5 is legit
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 3E49DAC8EEFA6016AA2A6331BEC866AE
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\system32\drivers\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvlddmkm.sys DD81FBC57AB9134CDDC5CE90880BFD80
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Program Files (x86)\Cutting Master 2 1.93\Program\Par1284.sys 8E55251D83763CCCA60FE26A811CFB0C
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys ED5873F7DFB2F96D37F13322211B6BDC
C:\Windows\System32\DRIVERS\RTL8192su.sys 4629C5C4772D223B0ECD1EA8BA7A2A33
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\snapman.sys 27BA49F89468FDDAE6C2B311C53BCE3A
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tdrpm258.sys BF7AC81DF6FBE09438D9DC7188178EA9
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\timntr.sys 2C1CAF5563548A15515EAB07D2A069C6
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys 45427C4B8CAC6B241478F149B935CD80
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\system32\drivers\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\VMUVC.sys 32C178C985E1FCAAD4861E57A0723101
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vvftUVC.sys 9D9FE9E24F03AD87324245F516BEDAE5
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\DRIVERS\wsvd.sys 82E8F5AA03DF7DBDB8A33F700D5D8CDA
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\Drivers\abzwpgl4.sys
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-14 10:52 - 2013-11-14 10:55 - 00040012 _____ C:\Users\Lutz\Downloads\Addition.txt
2013-11-14 10:50 - 2013-11-14 11:30 - 00043550 _____ C:\Users\Lutz\Downloads\FRST.txt
2013-11-14 10:48 - 2013-11-14 10:48 - 00000000 ____D C:\FRST
2013-11-14 10:47 - 2013-11-14 10:47 - 01957794 _____ (Farbar) C:\Users\Lutz\Downloads\FRST64.exe
2013-11-14 10:46 - 2013-11-14 10:46 - 01090529 _____ (Farbar) C:\Users\Lutz\Downloads\FRST.exe
2013-11-14 09:58 - 2013-11-14 09:58 - 00001174 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-11-14 09:58 - 2013-11-14 09:58 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-11-14 09:56 - 2013-11-14 09:58 - 05831344 _____ (TeamViewer GmbH) C:\Users\Lutz\Downloads\TeamViewer_Setup_de.exe
2013-11-14 09:01 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 09:01 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 09:01 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-14 09:01 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-14 09:01 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-14 09:01 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-14 09:01 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 09:01 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-14 09:01 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-14 09:01 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-14 07:30 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 07:30 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 07:30 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 07:30 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 07:30 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 07:30 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 07:30 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 07:30 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 07:30 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 07:30 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 07:30 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 07:30 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 07:30 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 07:30 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 07:30 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 07:30 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 07:30 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 07:30 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 07:30 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 07:30 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 07:30 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 07:30 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 07:30 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 07:30 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 07:30 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 07:30 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 07:30 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 07:30 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 07:30 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 07:30 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-14 07:21 - 2013-11-14 07:21 - 00000000 ____D C:\Users\Lutz\Desktop\5
2013-11-14 07:17 - 2013-11-14 07:17 - 00000000 ____D C:\Users\Lutz\Desktop\4
2013-11-13 14:15 - 2013-11-13 14:15 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Avira
2013-11-13 14:12 - 2013-11-13 14:12 - 00002080 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-11-13 14:12 - 2013-10-31 19:25 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-13 14:11 - 2013-11-13 14:11 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-13 14:11 - 2013-10-31 19:25 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-13 14:11 - 2013-10-31 19:25 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-11-13 14:11 - 2013-10-31 19:25 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-13 13:52 - 2013-11-13 13:54 - 126764512 _____ C:\Users\Lutz\Downloads\avira_free_antivirus_de.exe
2013-11-13 13:31 - 2013-11-13 13:31 - 00000000 ____D C:\ProgramData\Systweak
2013-11-13 13:29 - 2013-11-13 13:29 - 00269768 _____ C:\Windows\Minidump\111313-26925-01.dmp
2013-11-13 12:43 - 2013-11-13 22:14 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.3
2013-11-13 12:43 - 2013-11-13 22:14 - 00000000 ____D C:\Program Files (x86)\JFileManager
2013-11-13 12:21 - 2013-11-13 12:21 - 00000000 ____D C:\Users\Lutz\SyncFolder
2013-11-13 12:07 - 2013-11-13 12:07 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2013-11-13 11:53 - 2013-11-14 09:09 - 00003120 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-11-13 11:53 - 2013-11-13 13:37 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-11-13 11:52 - 2013-11-14 10:14 - 00000000 ____D C:\Program Files (x86)\Advanced System Protector
2013-11-13 11:52 - 2013-11-13 15:01 - 00000274 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-11-13 11:52 - 2013-11-13 13:30 - 00000282 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2013-11-13 11:52 - 2013-11-13 11:52 - 00003020 _____ C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2013-11-13 11:52 - 2013-11-13 11:52 - 00002864 _____ C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2013-11-13 11:52 - 2013-11-13 11:52 - 00001239 _____ C:\Users\Public\Desktop\Advanced System Protector.lnk
2013-11-13 11:52 - 2012-07-25 12:03 - 00016896 _____ C:\Windows\system32\sasnative64.exe
2013-11-13 11:51 - 2013-11-13 22:14 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Systweak
2013-11-13 11:51 - 2013-11-13 22:14 - 00000000 ____D C:\Program Files (x86)\RegClean Pro
2013-11-13 11:51 - 2013-11-13 11:51 - 00001064 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-11-13 11:51 - 2013-08-22 18:36 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2013-11-13 11:50 - 2013-11-13 11:50 - 00001161 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-13 11:50 - 2013-11-13 11:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-13 11:43 - 2013-11-13 11:43 - 23123208 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox_Setup_25.0(1).exe
2013-11-13 07:46 - 2013-11-13 07:47 - 23123208 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox_Setup_25.0 (2).exe
2013-11-13 07:46 - 2013-11-13 07:46 - 23123208 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox_Setup_25.0 (1).exe
2013-11-13 07:45 - 2013-11-13 07:45 - 23123208 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox_Setup_25.0.exe
2013-11-13 07:32 - 2013-11-13 12:06 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\TweakNow RegCleaner
2013-11-13 07:32 - 2013-11-13 12:06 - 00000000 ____D C:\Program Files (x86)\TweakNow RegCleaner
2013-11-13 07:31 - 2013-11-13 07:31 - 07217632 _____ (TweakNow.com ) C:\Users\Lutz\Downloads\RegCleaner730.exe
2013-11-12 14:10 - 2013-11-12 14:10 - 00000000 ____D C:\Users\Lutz\Desktop\2
2013-11-12 12:50 - 2013-11-12 12:50 - 00001349 _____ C:\Users\Lutz\Desktop\November 2013 - Verknüpfung.lnk
2013-11-12 10:13 - 2013-11-12 10:13 - 00283104 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox Setup Stub 25.0 (3).exe
2013-11-12 10:12 - 2013-11-12 10:13 - 00283104 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox Setup Stub 25.0 (2).exe
2013-11-12 10:12 - 2013-11-12 10:12 - 00283104 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox Setup Stub 25.0 (1).exe
2013-11-12 10:04 - 2013-11-12 10:04 - 00001639 _____ C:\Users\Lutz\Desktop\Kopie Kasse1 Blatt 5 - Verknüpfung.lnk
2013-11-12 10:04 - 2013-11-12 10:04 - 00001639 _____ C:\Users\Lutz\Desktop\Kopie Kasse1 Blatt 4 - Verknüpfung.lnk
2013-11-12 10:04 - 2013-11-12 10:04 - 00001614 _____ C:\Users\Lutz\Desktop\Kopie von Blatt 3 - Verknüpfung.lnk
2013-11-12 09:22 - 2013-11-12 09:22 - 00915368 _____ (Oracle Corporation) C:\Users\Lutz\Downloads\jxpiinstall(1).exe
2013-11-12 08:43 - 2013-11-12 08:43 - 00283104 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox Setup Stub 25.0.exe
2013-11-12 07:59 - 2013-11-12 07:59 - 00000000 ____D C:\ProgramData\Nico Mak Computing
2013-11-12 07:56 - 2013-11-12 07:57 - 00273224 _____ C:\Windows\Minidump\111213-21013-01.dmp
2013-11-11 10:52 - 2013-11-14 09:09 - 00003116 _____ C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2013-11-11 10:51 - 2013-11-12 16:43 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Nico Mak Computing
2013-11-11 10:51 - 2013-11-12 16:43 - 00000000 ____D C:\Program Files (x86)\WinZip Malware Protector
2013-11-11 10:51 - 2013-11-11 10:51 - 04892480 _____ (WinZip International LLC ) C:\Users\Lutz\Downloads\wzmp_8.exe
2013-11-11 10:51 - 2013-11-11 10:51 - 00001227 _____ C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2013-11-11 10:51 - 2013-03-15 17:10 - 00020480 _____ C:\Windows\system32\wsusnative64.exe
2013-11-11 10:26 - 2013-11-11 10:26 - 00269768 _____ C:\Windows\Minidump\111113-24616-01.dmp
2013-11-11 09:47 - 2013-11-11 09:47 - 00000977 _____ C:\Users\Lutz\Desktop\Kopfbogen neu - Verknüpfung.lnk
2013-11-11 09:31 - 2013-11-14 09:31 - 00001350 _____ C:\Windows\Tasks\SuperLyrics-16-updater.job
2013-11-11 09:31 - 2013-11-11 09:31 - 00004380 _____ C:\Windows\System32\Tasks\SuperLyrics-16-updater
2013-11-11 09:30 - 2013-11-14 09:31 - 00001156 _____ C:\Windows\Tasks\SuperLyrics-16-enabler.job
2013-11-11 09:30 - 2013-11-14 09:30 - 00001970 _____ C:\Windows\Tasks\SuperLyrics-16-chromeinstaller.job
2013-11-11 09:30 - 2013-11-14 09:30 - 00001894 _____ C:\Windows\Tasks\SuperLyrics-16-firefoxinstaller.job
2013-11-11 09:30 - 2013-11-14 09:30 - 00001256 _____ C:\Windows\Tasks\SuperLyrics-16-codedownloader.job
2013-11-11 09:30 - 2013-11-13 22:14 - 00000000 ____D C:\Program Files (x86)\SuperLyrics-16
2013-11-11 09:30 - 2013-11-12 16:43 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-11-11 09:30 - 2013-11-12 16:43 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-11-11 09:30 - 2013-11-12 16:42 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\DealPly
2013-11-11 09:30 - 2013-11-11 09:31 - 00004186 _____ C:\Windows\System32\Tasks\SuperLyrics-16-enabler
2013-11-11 09:30 - 2013-11-11 09:30 - 00004286 _____ C:\Windows\System32\Tasks\SuperLyrics-16-codedownloader
2013-11-11 09:30 - 2013-11-11 09:30 - 00003506 _____ C:\Windows\System32\Tasks\DealPly
2013-11-11 09:30 - 2013-11-11 09:30 - 00003364 _____ C:\Windows\System32\Tasks\DealPlyUpdate
2013-11-11 09:28 - 2013-11-11 09:28 - 00000000 ____D C:\Users\Lutz\AppData\Local\SearchProtect
2013-11-11 09:28 - 2013-11-11 09:28 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-11-11 09:28 - 2013-11-11 09:28 - 00000000 _____ C:\END
2013-11-11 09:27 - 2013-11-11 09:28 - 00555728 _____ C:\Users\Lutz\Downloads\Java7.exe
2013-11-08 11:16 - 2013-11-08 11:16 - 00000156 _____ C:\Users\Lutz\Downloads\Kontoumsaetze_703_786503300_20131108_111622.csv
2013-11-07 15:25 - 2013-11-13 07:49 - 00000866 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-11-07 15:25 - 2013-11-07 15:25 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Iminent
2013-11-07 15:24 - 2013-11-07 15:24 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\SpeedTestAnalysis
2013-11-07 15:23 - 2013-11-07 15:24 - 17533552 _____ (Microsoft Corporation) C:\Users\Lutz\Desktop\visioviewer_14.0.4750.1000.exe
2013-11-07 15:22 - 2013-11-07 15:23 - 01628904 _____ (Bandoo Media Inc) C:\Users\Lutz\Downloads\iLividSetup-r887-n-bf.exe
2013-11-07 15:22 - 2013-11-07 15:22 - 00400736 _____ (Softonic ) C:\Users\Lutz\Downloads\SoftonicDownloader_fuer_visio-viewer-2010.exe
2013-11-06 14:51 - 2013-11-06 14:51 - 00000000 ____D C:\Users\Lutz\AppData\Local\{F4E22B80-6DEE-493A-98EC-688CD0688D2A}
2013-11-06 12:10 - 2013-11-06 12:12 - 00000000 ____D C:\Program Files (x86)\Cutting Master 2 1.93
2013-11-06 12:10 - 1999-10-06 08:51 - 00471840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhupd.exe
2013-11-06 12:10 - 1999-10-06 08:51 - 00463392 _____ (Borland International) C:\Windows\SysWOW64\OWL250F.DLL
2013-11-06 12:10 - 1999-10-06 08:51 - 00073716 _____ C:\Windows\SysWOW64\SENTINEL.VXD
2013-11-06 12:10 - 1999-05-06 23:00 - 00244232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFLXGRD.OCX
2013-11-06 12:10 - 1999-04-23 21:22 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVBVM50.DLL
2013-11-06 12:10 - 1997-01-15 23:00 - 01766160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBA5.DLL
2013-11-06 12:10 - 1997-01-15 23:00 - 00279098 _____ C:\Windows\SysWOW64\VB5.OLB
2013-11-06 12:09 - 2013-11-06 12:09 - 00000000 ____D C:\Users\Lutz\Downloads\CuttingMaster2_Win_latest
2013-11-06 12:08 - 2013-11-06 12:09 - 72321351 _____ C:\Users\Lutz\Downloads\CuttingMaster2_Win_latest.zip
2013-11-06 07:25 - 2013-11-06 07:25 - 00013303 _____ C:\Users\Lutz\Downloads\Kontoumsaetze_703_786503300_20131106_072537.csv
2013-11-05 07:08 - 2013-11-05 07:08 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Apple Computer
2013-11-04 14:57 - 2013-11-04 14:57 - 00857746 _____ C:\Users\Lutz\Downloads\DvmHIPCam.exe
2013-11-04 10:33 - 2013-11-04 10:33 - 00000000 ____D C:\Users\Lutz\AppData\Local\Apple Computer
2013-11-04 10:31 - 2013-11-04 10:31 - 00001855 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-11-04 10:31 - 2013-11-04 10:31 - 00000000 ____D C:\ProgramData\Apple Computer
2013-11-04 10:30 - 2013-11-04 10:30 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-11-04 10:30 - 2013-11-04 10:30 - 00000000 ____D C:\Users\Lutz\AppData\Local\Apple
2013-11-04 10:30 - 2013-11-04 10:30 - 00000000 ____D C:\ProgramData\Apple
2013-11-04 10:30 - 2013-11-04 10:30 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-11-04 10:29 - 2013-11-04 10:30 - 41404760 _____ (Apple Inc.) C:\Users\Lutz\Downloads\QuickTimeInstaller.exe
2013-11-04 10:17 - 2013-11-04 14:56 - 00000000 ____D C:\DvmHIPCam
2013-10-31 09:02 - 2013-11-13 11:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-29 11:38 - 2013-10-29 11:38 - 00002954 _____ C:\Windows\System32\Tasks\{E9D54111-3134-4267-8F10-65C8B737B2BA}
2013-10-29 11:38 - 2013-10-29 11:38 - 00002954 _____ C:\Windows\System32\Tasks\{227BCBC7-FD75-40A4-8368-AEBDFDA4BCE3}
2013-10-29 11:32 - 2013-10-29 11:34 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\WordToPDF
2013-10-29 11:31 - 2013-10-29 11:31 - 01594813 _____ (Mario Noack ) C:\Users\Lutz\Downloads\SetupWordToPDF_237_v2.9.exe
2013-10-29 10:51 - 2013-11-01 10:17 - 00000000 ____D C:\Users\Lutz\Documents\Pdf2Word
2013-10-29 10:49 - 2013-10-29 10:49 - 00001126 _____ C:\Users\Public\Desktop\PDF2Word Konverter (7-PDF).lnk
2013-10-29 10:49 - 2013-10-29 10:49 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Pdf2Word
2013-10-29 10:49 - 2013-10-29 10:49 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\OpenCandy
2013-10-29 10:49 - 2013-10-29 10:49 - 00000000 ____D C:\Program Files (x86)\BCL Technologies
2013-10-17 13:22 - 2013-10-17 13:22 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-17 08:26 - 2013-10-17 08:26 - 00000000 ____D C:\Users\Lutz\AppData\Local\Avg2014
2013-10-17 07:15 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-17 07:15 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-17 07:15 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-17 07:15 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-17 07:15 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-17 07:15 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-17 07:15 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-17 07:15 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-17 07:15 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-17 07:15 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-17 07:15 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-17 07:15 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-17 07:15 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-17 07:15 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-17 07:15 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-17 07:15 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-17 07:15 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-17 07:15 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-17 07:15 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-17 07:15 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-17 07:14 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-17 07:14 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-17 07:14 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-17 07:14 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-17 07:14 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-17 07:14 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-17 07:14 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-17 07:14 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-17 07:14 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-17 07:14 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-17 07:14 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-17 07:14 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-17 07:14 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-17 07:14 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-17 07:14 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-17 07:14 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-17 07:14 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-17 07:14 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-17 07:04 - 2013-10-17 07:04 - 00269768 _____ C:\Windows\Minidump\101713-19032-01.dmp
==================== One Month Modified Files and Folders =======
2013-11-14 11:30 - 2013-11-14 10:50 - 00043550 _____ C:\Users\Lutz\Downloads\FRST.txt
2013-11-14 11:30 - 2011-07-22 13:44 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Skype
2013-11-14 11:11 - 2011-07-22 07:57 - 01117790 _____ C:\Windows\WindowsUpdate.log
2013-11-14 10:57 - 2012-01-18 09:36 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-14 10:57 - 2011-07-22 08:00 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-14 10:55 - 2013-11-14 10:52 - 00040012 _____ C:\Users\Lutz\Downloads\Addition.txt
2013-11-14 10:48 - 2013-11-14 10:48 - 00000000 ____D C:\FRST
2013-11-14 10:47 - 2013-11-14 10:47 - 01957794 _____ (Farbar) C:\Users\Lutz\Downloads\FRST64.exe
2013-11-14 10:46 - 2013-11-14 10:46 - 01090529 _____ (Farbar) C:\Users\Lutz\Downloads\FRST.exe
2013-11-14 10:33 - 2012-03-08 14:33 - 00000000 ____D C:\Program Files\Java
2013-11-14 10:14 - 2013-11-13 11:52 - 00000000 ____D C:\Program Files (x86)\Advanced System Protector
2013-11-14 09:58 - 2013-11-14 09:58 - 00001174 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-11-14 09:58 - 2013-11-14 09:58 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-11-14 09:58 - 2013-11-14 09:56 - 05831344 _____ (TeamViewer GmbH) C:\Users\Lutz\Downloads\TeamViewer_Setup_de.exe
2013-11-14 09:47 - 2011-07-22 08:25 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Dropbox
2013-11-14 09:33 - 2009-07-14 05:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-14 09:33 - 2009-07-14 05:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-14 09:31 - 2013-11-11 09:31 - 00001350 _____ C:\Windows\Tasks\SuperLyrics-16-updater.job
2013-11-14 09:31 - 2013-11-11 09:30 - 00001156 _____ C:\Windows\Tasks\SuperLyrics-16-enabler.job
2013-11-14 09:30 - 2013-11-11 09:30 - 00001970 _____ C:\Windows\Tasks\SuperLyrics-16-chromeinstaller.job
2013-11-14 09:30 - 2013-11-11 09:30 - 00001894 _____ C:\Windows\Tasks\SuperLyrics-16-firefoxinstaller.job
2013-11-14 09:30 - 2013-11-11 09:30 - 00001256 _____ C:\Windows\Tasks\SuperLyrics-16-codedownloader.job
2013-11-14 09:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-11-14 09:09 - 2013-11-13 11:53 - 00003120 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-11-14 09:09 - 2013-11-11 10:52 - 00003116 _____ C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2013-11-14 09:08 - 2011-07-22 08:27 - 00000000 ___RD C:\Users\Lutz\Dropbox
2013-11-14 09:07 - 2011-07-22 08:00 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-14 09:05 - 2013-10-07 07:20 - 00025754 _____ C:\Windows\setupact.log
2013-11-14 09:05 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-14 08:59 - 2013-07-29 06:42 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 08:56 - 2011-02-10 21:56 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-14 08:47 - 2013-07-09 07:31 - 00000000 ____D C:\Users\Lutz\AppData\Local\MigsUpdater
2013-11-14 07:21 - 2013-11-14 07:21 - 00000000 ____D C:\Users\Lutz\Desktop\5
2013-11-14 07:17 - 2013-11-14 07:17 - 00000000 ____D C:\Users\Lutz\Desktop\4
2013-11-14 07:12 - 2013-10-08 06:15 - 00203336 _____ C:\Windows\PFRO.log
2013-11-13 22:14 - 2013-11-13 12:43 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.3
2013-11-13 22:14 - 2013-11-13 12:43 - 00000000 ____D C:\Program Files (x86)\JFileManager
2013-11-13 22:14 - 2013-11-13 11:51 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Systweak
2013-11-13 22:14 - 2013-11-13 11:51 - 00000000 ____D C:\Program Files (x86)\RegClean Pro
2013-11-13 22:14 - 2013-11-11 09:30 - 00000000 ____D C:\Program Files (x86)\SuperLyrics-16
2013-11-13 22:14 - 2012-08-22 13:22 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-11-13 22:14 - 2011-09-27 10:50 - 00000000 ____D C:\Windows\VMUVC
2013-11-13 22:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-11-13 15:01 - 2013-11-13 11:52 - 00000274 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-11-13 14:58 - 2013-05-14 14:02 - 00000000 ____D C:\Users\Lutz\Desktop\Rechnungen
2013-11-13 14:20 - 2011-02-10 20:25 - 00763004 _____ C:\Windows\system32\perfh007.dat
2013-11-13 14:20 - 2011-02-10 20:25 - 00173870 _____ C:\Windows\system32\perfc007.dat
2013-11-13 14:20 - 2009-07-14 06:13 - 01801050 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-13 14:15 - 2013-11-13 14:15 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Avira
2013-11-13 14:12 - 2013-11-13 14:12 - 00002080 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-11-13 14:11 - 2013-11-13 14:11 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-13 14:11 - 2013-07-05 07:35 - 00000000 ____D C:\ProgramData\Avira
2013-11-13 13:54 - 2013-11-13 13:52 - 126764512 _____ C:\Users\Lutz\Downloads\avira_free_antivirus_de.exe
2013-11-13 13:37 - 2013-11-13 11:53 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-11-13 13:37 - 2011-07-22 08:03 - 00000000 ___RD C:\Users\Lutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-13 13:31 - 2013-11-13 13:31 - 00000000 ____D C:\ProgramData\Systweak
2013-11-13 13:30 - 2013-11-13 11:52 - 00000282 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2013-11-13 13:30 - 2011-07-22 08:03 - 00000000 ____D C:\Users\Lutz
2013-11-13 13:29 - 2013-11-13 13:29 - 00269768 _____ C:\Windows\Minidump\111313-26925-01.dmp
2013-11-13 13:29 - 2013-10-14 06:50 - 260611534 _____ C:\Windows\MEMORY.DMP
2013-11-13 13:29 - 2011-07-25 13:40 - 00000000 ____D C:\Windows\Minidump
2013-11-13 12:21 - 2013-11-13 12:21 - 00000000 ____D C:\Users\Lutz\SyncFolder
2013-11-13 12:14 - 2009-07-14 03:34 - 99614720 _____ C:\Windows\system32\config\software.bak
2013-11-13 12:14 - 2009-07-14 03:34 - 65011712 _____ C:\Windows\system32\config\system.bak
2013-11-13 12:14 - 2009-07-14 03:34 - 00024576 _____ C:\Windows\system32\config\security.bak
2013-11-13 12:09 - 2009-07-14 03:34 - 00028672 _____ C:\Windows\system32\config\sam.bak
2013-11-13 12:07 - 2013-11-13 12:07 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2013-11-13 12:06 - 2013-11-13 07:32 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\TweakNow RegCleaner
2013-11-13 12:06 - 2013-11-13 07:32 - 00000000 ____D C:\Program Files (x86)\TweakNow RegCleaner
2013-11-13 11:52 - 2013-11-13 11:52 - 00003020 _____ C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2013-11-13 11:52 - 2013-11-13 11:52 - 00002864 _____ C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2013-11-13 11:52 - 2013-11-13 11:52 - 00001239 _____ C:\Users\Public\Desktop\Advanced System Protector.lnk
2013-11-13 11:51 - 2013-11-13 11:51 - 00001064 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-11-13 11:50 - 2013-11-13 11:50 - 00001161 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-13 11:50 - 2013-11-13 11:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-13 11:50 - 2013-10-31 09:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-13 11:43 - 2013-11-13 11:43 - 23123208 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox_Setup_25.0(1).exe
2013-11-13 08:07 - 2011-07-22 09:44 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Mozilla
2013-11-13 07:49 - 2013-11-07 15:25 - 00000866 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-11-13 07:48 - 2011-07-22 08:00 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-13 07:47 - 2013-11-13 07:46 - 23123208 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox_Setup_25.0 (2).exe
2013-11-13 07:46 - 2013-11-13 07:46 - 23123208 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox_Setup_25.0 (1).exe
2013-11-13 07:45 - 2013-11-13 07:45 - 23123208 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox_Setup_25.0.exe
2013-11-13 07:31 - 2013-11-13 07:31 - 07217632 _____ (TweakNow.com ) C:\Users\Lutz\Downloads\RegCleaner730.exe
2013-11-12 16:43 - 2013-11-11 10:51 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Nico Mak Computing
2013-11-12 16:43 - 2013-11-11 10:51 - 00000000 ____D C:\Program Files (x86)\WinZip Malware Protector
2013-11-12 16:43 - 2013-11-11 09:30 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-11-12 16:43 - 2013-11-11 09:30 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-11-12 16:43 - 2011-07-22 09:37 - 00000000 ____D C:\ProgramData\FLEXnet
2013-11-12 16:43 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2013-11-12 16:42 - 2013-11-11 09:30 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\DealPly
2013-11-12 15:41 - 2013-01-02 12:17 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Aquamarin Haushaltsbuch
2013-11-12 14:10 - 2013-11-12 14:10 - 00000000 ____D C:\Users\Lutz\Desktop\2
2013-11-12 12:50 - 2013-11-12 12:50 - 00001349 _____ C:\Users\Lutz\Desktop\November 2013 - Verknüpfung.lnk
2013-11-12 10:13 - 2013-11-12 10:13 - 00283104 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox Setup Stub 25.0 (3).exe
2013-11-12 10:13 - 2013-11-12 10:12 - 00283104 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox Setup Stub 25.0 (2).exe
2013-11-12 10:12 - 2013-11-12 10:12 - 00283104 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox Setup Stub 25.0 (1).exe
2013-11-12 10:09 - 2012-10-17 12:04 - 00000000 ____D C:\Program Files (x86)\PC Tools Registry Mechanic
2013-11-12 10:04 - 2013-11-12 10:04 - 00001639 _____ C:\Users\Lutz\Desktop\Kopie Kasse1 Blatt 5 - Verknüpfung.lnk
2013-11-12 10:04 - 2013-11-12 10:04 - 00001639 _____ C:\Users\Lutz\Desktop\Kopie Kasse1 Blatt 4 - Verknüpfung.lnk
2013-11-12 10:04 - 2013-11-12 10:04 - 00001614 _____ C:\Users\Lutz\Desktop\Kopie von Blatt 3 - Verknüpfung.lnk
2013-11-12 09:22 - 2013-11-12 09:22 - 00915368 _____ (Oracle Corporation) C:\Users\Lutz\Downloads\jxpiinstall(1).exe
2013-11-12 08:48 - 2012-01-18 09:36 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-12 08:48 - 2012-01-18 09:36 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-12 08:48 - 2011-07-22 09:47 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-12 08:48 - 2011-07-22 08:08 - 00000000 ____D C:\Users\Lutz\AppData\Local\Adobe
2013-11-12 08:43 - 2013-11-12 08:43 - 00283104 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox Setup Stub 25.0.exe
2013-11-12 07:59 - 2013-11-12 07:59 - 00000000 ____D C:\ProgramData\Nico Mak Computing
2013-11-12 07:57 - 2013-11-12 07:56 - 00273224 _____ C:\Windows\Minidump\111213-21013-01.dmp
2013-11-11 10:51 - 2013-11-11 10:51 - 04892480 _____ (WinZip International LLC ) C:\Users\Lutz\Downloads\wzmp_8.exe
2013-11-11 10:51 - 2013-11-11 10:51 - 00001227 _____ C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2013-11-11 10:26 - 2013-11-11 10:26 - 00269768 _____ C:\Windows\Minidump\111113-24616-01.dmp
2013-11-11 09:47 - 2013-11-11 09:47 - 00000977 _____ C:\Users\Lutz\Desktop\Kopfbogen neu - Verknüpfung.lnk
2013-11-11 09:31 - 2013-11-11 09:31 - 00004380 _____ C:\Windows\System32\Tasks\SuperLyrics-16-updater
2013-11-11 09:31 - 2013-11-11 09:30 - 00004186 _____ C:\Windows\System32\Tasks\SuperLyrics-16-enabler
2013-11-11 09:30 - 2013-11-11 09:30 - 00004286 _____ C:\Windows\System32\Tasks\SuperLyrics-16-codedownloader
2013-11-11 09:30 - 2013-11-11 09:30 - 00003506 _____ C:\Windows\System32\Tasks\DealPly
2013-11-11 09:30 - 2013-11-11 09:30 - 00003364 _____ C:\Windows\System32\Tasks\DealPlyUpdate
2013-11-11 09:28 - 2013-11-11 09:28 - 00000000 ____D C:\Users\Lutz\AppData\Local\SearchProtect
2013-11-11 09:28 - 2013-11-11 09:28 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-11-11 09:28 - 2013-11-11 09:28 - 00000000 _____ C:\END
2013-11-11 09:28 - 2013-11-11 09:27 - 00555728 _____ C:\Users\Lutz\Downloads\Java7.exe
2013-11-11 09:24 - 2011-08-26 07:44 - 00002984 _____ C:\Windows\System32\Tasks\{077FCDA6-0958-4AA2-AE01-9A9553B99B75}
2013-11-08 11:16 - 2013-11-08 11:16 - 00000156 _____ C:\Users\Lutz\Downloads\Kontoumsaetze_703_786503300_20131108_111622.csv
2013-11-07 15:25 - 2013-11-07 15:25 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Iminent
2013-11-07 15:24 - 2013-11-07 15:24 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\SpeedTestAnalysis
2013-11-07 15:24 - 2013-11-07 15:23 - 17533552 _____ (Microsoft Corporation) C:\Users\Lutz\Desktop\visioviewer_14.0.4750.1000.exe
2013-11-07 15:24 - 2011-08-03 11:42 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-11-07 15:23 - 2013-11-07 15:22 - 01628904 _____ (Bandoo Media Inc) C:\Users\Lutz\Downloads\iLividSetup-r887-n-bf.exe
2013-11-07 15:22 - 2013-11-07 15:22 - 00400736 _____ (Softonic ) C:\Users\Lutz\Downloads\SoftonicDownloader_fuer_visio-viewer-2010.exe
2013-11-07 13:35 - 2013-08-13 06:33 - 00000000 ____D C:\Users\Lutz\Documents\Bowling
2013-11-06 14:51 - 2013-11-06 14:51 - 00000000 ____D C:\Users\Lutz\AppData\Local\{F4E22B80-6DEE-493A-98EC-688CD0688D2A}
2013-11-06 12:12 - 2013-11-06 12:10 - 00000000 ____D C:\Program Files (x86)\Cutting Master 2 1.93
2013-11-06 12:10 - 2011-03-14 23:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-06 12:09 - 2013-11-06 12:09 - 00000000 ____D C:\Users\Lutz\Downloads\CuttingMaster2_Win_latest
2013-11-06 12:09 - 2013-11-06 12:08 - 72321351 _____ C:\Users\Lutz\Downloads\CuttingMaster2_Win_latest.zip
2013-11-06 07:25 - 2013-11-06 07:25 - 00013303 _____ C:\Users\Lutz\Downloads\Kontoumsaetze_703_786503300_20131106_072537.csv
2013-11-05 07:08 - 2013-11-05 07:08 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Apple Computer
2013-11-04 14:57 - 2013-11-04 14:57 - 00857746 _____ C:\Users\Lutz\Downloads\DvmHIPCam.exe
2013-11-04 14:56 - 2013-11-04 10:17 - 00000000 ____D C:\DvmHIPCam
2013-11-04 10:33 - 2013-11-04 10:33 - 00000000 ____D C:\Users\Lutz\AppData\Local\Apple Computer
2013-11-04 10:32 - 2011-07-22 09:30 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-11-04 10:31 - 2013-11-04 10:31 - 00001855 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-11-04 10:31 - 2013-11-04 10:31 - 00000000 ____D C:\ProgramData\Apple Computer
2013-11-04 10:30 - 2013-11-04 10:30 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-11-04 10:30 - 2013-11-04 10:30 - 00000000 ____D C:\Users\Lutz\AppData\Local\Apple
2013-11-04 10:30 - 2013-11-04 10:30 - 00000000 ____D C:\ProgramData\Apple
2013-11-04 10:30 - 2013-11-04 10:30 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-11-04 10:30 - 2013-11-04 10:29 - 41404760 _____ (Apple Inc.) C:\Users\Lutz\Downloads\QuickTimeInstaller.exe
2013-11-01 10:17 - 2013-10-29 10:51 - 00000000 ____D C:\Users\Lutz\Documents\Pdf2Word
2013-11-01 07:22 - 2011-07-22 13:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-01 07:22 - 2011-07-22 13:25 - 00000000 ____D C:\ProgramData\Skype
2013-10-31 19:25 - 2013-11-13 14:12 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-10-31 19:25 - 2013-11-13 14:11 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-31 19:25 - 2013-11-13 14:11 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-31 19:25 - 2013-11-13 14:11 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-10-31 08:12 - 2012-02-08 10:12 - 00000000 ____D C:\Program Files (x86)\Ask.com
2013-10-29 11:38 - 2013-10-29 11:38 - 00002954 _____ C:\Windows\System32\Tasks\{E9D54111-3134-4267-8F10-65C8B737B2BA}
2013-10-29 11:38 - 2013-10-29 11:38 - 00002954 _____ C:\Windows\System32\Tasks\{227BCBC7-FD75-40A4-8368-AEBDFDA4BCE3}
2013-10-29 11:34 - 2013-10-29 11:32 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\WordToPDF
2013-10-29 11:31 - 2013-10-29 11:31 - 01594813 _____ (Mario Noack ) C:\Users\Lutz\Downloads\SetupWordToPDF_237_v2.9.exe
2013-10-29 10:49 - 2013-10-29 10:49 - 00001126 _____ C:\Users\Public\Desktop\PDF2Word Konverter (7-PDF).lnk
2013-10-29 10:49 - 2013-10-29 10:49 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Pdf2Word
2013-10-29 10:49 - 2013-10-29 10:49 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\OpenCandy
2013-10-29 10:49 - 2013-10-29 10:49 - 00000000 ____D C:\Program Files (x86)\BCL Technologies
2013-10-29 10:49 - 2011-08-09 14:25 - 00000000 ____D C:\Program Files (x86)\7-PDF
2013-10-21 12:58 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-10-21 06:20 - 2013-10-08 06:15 - 02514776 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-17 16:50 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-17 14:48 - 2012-01-17 09:10 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-17 14:48 - 2012-01-17 09:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-17 14:48 - 2011-08-17 08:10 - 01778008 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-17 13:22 - 2013-10-17 13:22 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-17 13:22 - 2012-08-22 13:22 - 00001941 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-17 08:26 - 2013-10-17 08:26 - 00000000 ____D C:\Users\Lutz\AppData\Local\Avg2014
2013-10-17 08:15 - 2013-10-02 06:28 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2013-10-17 07:04 - 2013-10-17 07:04 - 00269768 _____ C:\Windows\Minidump\101713-19032-01.dmp
Some content of TEMP:
====================
C:\Users\Lutz\AppData\Local\Temp\avgnt.exe
C:\Users\Lutz\AppData\Local\Temp\BackupSetup.exe
C:\Users\Lutz\AppData\Local\Temp\IminentSetup-1-.exe
C:\Users\Lutz\AppData\Local\Temp\install_helper.exe
C:\Users\Lutz\AppData\Local\Temp\SpeedTestSetup.exe
C:\Users\Lutz\AppData\Local\Temp\vcredist_x64.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== BCD ================================
Windows-Start-Manager
---------------------
Bezeichner {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale de-DE
inherit {globalsettings}
default {current}
resumeobject {b0236af3-b437-11e0-b3a2-ef1988222f3f}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Windows-Startladeprogramm
-------------------------
Bezeichner {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale de-DE
inherit {bootloadersettings}
recoverysequence {b0236af5-b437-11e0-b3a2-ef1988222f3f}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {b0236af3-b437-11e0-b3a2-ef1988222f3f}
nx OptIn
Windows-Startladeprogramm
-------------------------
Bezeichner {b0236af5-b437-11e0-b3a2-ef1988222f3f}
device ramdisk=[C:]\Recovery\b0236af5-b437-11e0-b3a2-ef1988222f3f\Winre.wim,{b0236af6-b437-11e0-b3a2-ef1988222f3f}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\b0236af5-b437-11e0-b3a2-ef1988222f3f\Winre.wim,{b0236af6-b437-11e0-b3a2-ef1988222f3f}
systemroot \windows
nx OptIn
winpe Yes
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {b0236af3-b437-11e0-b3a2-ef1988222f3f}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Windows-Speichertestprogramm
----------------------------
Bezeichner {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Windows Memory Diagnostic
locale de-DE
inherit {globalsettings}
badmemoryaccess Yes
EMS-Einstellungen
-----------------
Bezeichner {emssettings}
bootems Yes
Debuggereinstellungen
---------------------
Bezeichner {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM-Defekte
-----------
Bezeichner {badmemory}
Globale Einstellungen
---------------------
Bezeichner {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Startladeprogramm-Einstellungen
-------------------------------
Bezeichner {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisoreinstellungen
-------------------
Bezeichner {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner {resumeloadersettings}
inherit {globalsettings}
Ger„teoptionen
--------------
Bezeichner {b0236af6-b437-11e0-b3a2-ef1988222f3f}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\b0236af5-b437-11e0-b3a2-ef1988222f3f\boot.sdi
LastRegBack: 2013-11-11 08:25
==================== End Of Log ============================
|
| Themen zu Advanced System Protector, my Backup & Regcleaner Pro |
| administrator, advanced, alten, avira searchfree toolbar, backup, bandoo, bereits, betreff, bootmgr, chromium, computer, durchgeführt, eintrag, entferne, explorer, farbar, farbar recovery scan tool, hdaudio.sys, home, konnte, minidump, nicht mehr, norma, programme, recovery, regclean, regcleaner, scan, service, system, systweak, thema, tool, usbvideo.sys, users, vcredist, version, winzip malware protector |
Baum-Darstellung