| |
| |||||||
Log-Analyse und Auswertung: Diverse Palgegeister auf meinen neuen Laptop (4 tage alt )Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.12.2013, 11:55
| #1 |
 |  Diverse Palgegeister auf meinen neuen Laptop (4 tage alt ) Hallo zusammen, auch ich habe leider Probleme mit div. Plagegeistern wzb. SpeedupMyPC Pc Speed Maximizer Rec Clean Pro MY PC Backup Mobogenie Fever 1.5 anbei die beiden Dateien Ich hoffe Ihr könnt mir helfen. LG pv54466 |
|
16.12.2013, 12:14
| #2 |
| | Diverse Palgegeister auf meinen neuen Laptop (4 tage alt ) Hallo zusammen,
__________________ich hab´s nicht anders hinbekommen. Ich hab die Datei FRST 3x gesplittet und die datei Addition als Anhänge raufgeladen. Ich hoffe es geht auch so. LG pv54466 |
|
24.12.2013, 12:03
| #3 |
| /// the machine /// TB-Ausbilder    | Diverse Palgegeister auf meinen neuen Laptop (4 tage alt ) Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
24.12.2013, 12:08
| #4 |
| | Diverse Palgegeister auf meinen neuen Laptop (4 tage alt ) OK Danke erst einmal. Ich versuche es erneut wenn ich zu hause bin. Ich darf noch bis 14:00 arbeiten. Liebe Grüsse und frohes Fest pv54466 |
|
24.12.2013, 16:20
| #5 |
| /// the machine /// TB-Ausbilder | Diverse Palgegeister auf meinen neuen Laptop (4 tage alt ) ok 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.12.2013, 18:23
| #6 |
| | Diverse Palgegeister auf meinen neuen Laptop (4 tage alt ) Hallo Schauber, ich versuchs jetzt noch einmal. Code:
ATTFilter Anhang 63279 Ich hoffe so ist es jetzt richtig. Gruss pv54466 |
|
28.12.2013, 18:00
| #7 |
| /// the machine /// TB-Ausbilder | Diverse Palgegeister auf meinen neuen Laptop (4 tage alt ) Du postest sie immer noch als Anhang. Was ist an meinem Text oben nicht verständlich? Die Logs müssen Zeile für Zeile in den Thread, zur Not mehrere Antoworten nutzen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.12.2013, 19:58
| #8 |
| | Diverse Palgegeister auf meinen neuen Laptop (4 tage alt )Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-12-2013 02
Ran by Bernd at 2013-12-16 11:39:23
Running from C:\Users\Bernd\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security CBE (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security CBE (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security CBE (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Advanced System Protector (x32 Version: 2.1.1000.12150)
AntiBrowserSpy (x32 Version: 139)
Ashampoo AppLauncher (Medion) v.1.0.0 (x32 Version: 1.0.0)
Bonjour (Version: 3.0.0.10)
BrowserSafeguard (x32) <==== ATTENTION
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
COMPUTERBILD-Abzockschutz (x32 Version: 1.0.51)
CyberLink Home Cinema 10 (x32 Version: 10.0)
CyberLink Home Cinema 10 (x32 Version: 10.3025)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.0.5415)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3807_46074)
CyberLink PhotoDirector 3 (x32 Version: 3.0.1.4017)
CyberLink Power2Go 8 (x32 Version: 8.0.0.3202)
CyberLink PowerDirector 11 (Version: 11.0.0.3215)
CyberLink PowerDVD 10 (x32 Version: 10.0.5426.02)
CyberLink PowerDVD Copy 1.5 (x32 Version: 1.5.0.3725a)
CyberLink PowerRecover (Version: 5.7.0.2103)
CyberLink PowerRecover (x32 Version: 5.7.0.2103)
CyberLink YouCam 5 (x32 Version: 5.0.3318.0)
D3DX10 (x32 Version: 15.4.2368.0902)
DMUninstaller (x32)
Dolby Digital Plus Advanced Audio (Version: 7.3.2.2)
Dropbox (HKCU Version: 2.4.7)
Feven 1.5 (x32 Version: 1.31.153.1)
FlvPlayer (x32 Version: ${VERSION})
Fotogalerie (x32 Version: 16.4.3508.0205)
Fotogalerija (x32 Version: 16.4.3508.0205)
Fotótár (x32 Version: 16.4.3508.0205)
Foxtab (x32) <==== ATTENTION
Galerie de photos (x32 Version: 16.4.3508.0205)
HP ePrint (x32 Version: 10.0.13228.1563)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (Version: 28.0.1315.0)
HP Officejet 6500 E710n-z Hilfe (x32 Version: 140.0.2.2)
HP Postscript Converter (Version: 4.5.12202)
HP Unified IO (Version: 2.0.0.479)
HP Unified IO (x32 Version: 2.0.0.479)
HP Update (x32 Version: 5.003.003.001)
I.R.I.S. OCR (x32 Version: 12.3.4.0)
Iminent (x32 Version: 6.46.1.0) <==== ATTENTION
Intel(R) Processor Graphics (x32 Version: 10.18.10.3309)
Intel(R) Trusted Execution Engine (Version: 1.0.0.1050)
Intel(R) Trusted Execution Engine (Version: 1.1.1.1)
Intel(R) Trusted Execution Engine Driver (Version: 1.0.0.1050)
Lollipop (HKCU) <==== ATTENTION
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (x32 Version: 15.0.4454.1510)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Mobogenie (x32)
Movie Maker (x32 Version: 16.4.3508.0205)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0)
Mozilla Maintenance Service (x32 Version: 26.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MyPC Backup (Version: ) <==== ATTENTION
Norton Internet Security CBE (x32 Version: 21.0.0.100)
Open It! (x32 Version: 1.1.1)
OpenOffice 4.0.1 (x32 Version: 4.01.9714)
Optimizer Pro v3.2 (x32) <==== ATTENTION
PC Speed Maximizer v3.2 (x32 Version: 3.2)
PHotkey (x32 Version: 1.00.0092)
Photo Common (x32 Version: 16.4.3508.0205)
Photo Gallery (x32 Version: 16.4.3508.0205)
Plus-HD-2.5 (x32 Version: 1.31.153.0) <==== ATTENTION
PricePeep (x32 Version: 2.2.0.6) <==== ATTENTION
Raccolta foto (x32 Version: 16.4.3508.0205)
REALTEK Bluetooth Driver (x32 Version: 3.769.769.093013)
Realtek Card Reader (x32 Version: 6.2.9200.39052)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.7040)
REALTEK Wireless LAN Driver (x32 Version: 1.00.0227)
RegClean Pro (x32 Version: 6.21) <==== ATTENTION
Search Protect (x32 Version: 2.9.0.355) <==== ATTENTION
Snap.Do (x32 Version: 10.235.1.13231)
SpeedUpMyPC (x32 Version: 5.3.12.0)
Spring Smart 2013.11.07.204203 (Version: 2013.11.07.204203)
Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (Version: 28.0.1315.0)
Synaptics Pointing Device Driver (Version: 17.0.9.1)
ViewPassword (x32)
VisualBee for Microsoft PowerPoint (HKCU Version: V4.1)
VLC media player 2.1.0 (x32 Version: 2.1.0)
Wajam (x32 Version: 2.05) <==== ATTENTION
WEB.DE Desktop Icons (x32 Version: 3.0.3.0)
WEB.DE MailCheck für Internet Explorer (x32 Version: 2.4.0.0)
WEB.DE Softwareaktualisierung (x32 Version: 3.0.0.55)
Win8Starter (Version: 1.0.13.703)
Windows Live (x32 Version: 16.4.3508.0205)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205)
Windows Live Essentials (x32 Version: 16.4.3508.0205)
Windows Live Installer (x32 Version: 16.4.3508.0205)
Windows Live Photo Common (x32 Version: 16.4.3508.0205)
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205)
Windows Live SOXE (x32 Version: 16.4.3508.0205)
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205)
Windows Live UX Platform (x32 Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205)
Windows Utils (x32)
WPM17.8.0.3159 (x32 Version: 17.8.0.3159) <==== ATTENTION
Zip Opener Packages (HKCU) <==== ATTENTION
==================== Restore Points =========================
12-12-2013 14:36:45 Windows Modules Installer
14-12-2013 16:49:57 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
==================== Hosts content: ==========================
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {01CAE3AE-0D33-481D-8A63-5FFCF9C4BEFD} - System32\Tasks\Plus-HD-2.5-updater => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-updater.exe [2013-12-12] (Plus HD) <==== ATTENTION
Task: {035792A1-D4EF-4A78-BF9A-AA9628C281A3} - System32\Tasks\Microsoft\Windows\Setup\SetupCleanupTask
Task: {03E39955-5B4C-45CE-8037-8F0898963493} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => Rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
Task: {044C0ECB-D77C-4D85-A7C5-01275585901D} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => Rundll32.exe /d acproxy.dll,PerformAutochkOperations
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0946CDEF-2F3A-41FE-9497-5EB8833C55AB} - System32\Tasks\Plus-HD-2.5-chromeinstaller => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-chromeinstaller.exe [2013-12-12] (Plus HD) <==== ATTENTION
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0CDA7F67-716F-4559-B04D-B637BE0C0E28} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe aepdu.dll,AePduRunUpdate
Task: {0E1CAA61-648B-49D8-8F26-63D9A4CDA4CD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\System32\MRT.exe [2013-12-01] (Microsoft Corporation)
Task: {1BBBD1BA-7769-444A-9BC9-E62E2183CEA0} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-07-11] (Systweak Inc) <==== ATTENTION
Task: {1C1FC675-D2B7-4437-8BDE-A82CF1F1A698} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.0.0.100\symerr.exe [2013-08-01] (Symantec Corporation)
Task: {2034C507-B618-4370-9884-88053BC4C1AB} - System32\Tasks\WPD\SqmUpload_S-1-5-21-3793513485-3065062101-2964870661-1002 => Rundll32.exe portabledeviceapi.dll,#1
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {275F39A9-504B-4FE0-88FE-81BD45189A0A} - System32\Tasks\Feven 1.5-chromeinstaller => C:\Program Files (x86)\Feven 1.5\Feven 1.5-chromeinstaller.exe [2013-12-14] (Feven)
Task: {28AF72FB-8C7E-49FD-BBA3-BA6912034A5D} - System32\Tasks\WPD\SqmUpload_S-1-5-21-3793513485-3065062101-2964870661-1001 => Rundll32.exe portabledeviceapi.dll,#1
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3A896E58-0850-4D00-A5E3-0F8D251AD26A} - System32\Tasks\FoxTab => C:\Users\Bernd\AppData\Roaming\FoxTab\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {3AEB4B96-AC19-48A4-A072-50DB5720C1C9} - System32\Tasks\AntiBrowserSpy - SocialBlock - IE => C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe [2013-08-22] ()
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {44EB74C5-C8F4-475D-B756-B45F1455C62A} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2013-10-04] (Systweak)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4FF926B9-ECA3-409A-8612-CF209AF9A529} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.0.0.100\symerr.exe [2013-08-01] (Symantec Corporation)
Task: {550189C7-9975-44DD-8183-BBA32EB0E5BC} - System32\Tasks\Feven 1.5-enabler => C:\Program Files (x86)\Feven 1.5\Feven 1.5-enabler.exe [2013-12-14] (Feven)
Task: {5E175E23-0991-4D17-95C7-73E140AC6F3B} - System32\Tasks\SpeedUpMyPC => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe [2013-11-04] (SpeedUpMyPC)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6D8A788D-2E81-41C8-A863-E99612CF90EA} - System32\Tasks\Feven 1.5-firefoxinstaller => C:\Program Files (x86)\Feven 1.5\Feven 1.5-firefoxinstaller.exe [2013-12-14] (Feven)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7D7265A2-0DE0-4561-A5D3-1CF4AB101455} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2013-06-18] (1&1 Mail & Media GmbH)
Task: {81FC3112-C266-4346-BE76-5902C20E20B9} - System32\Tasks\spmonitor => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2013-11-04] (SpeedUpMyPC)
Task: {825EC7F0-7A6B-49FD-9593-8F04FE7CEE17} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {85F15CEC-1048-4BF0-BB1B-394ABE02D381} - System32\Tasks\Feven 1.5-updater => C:\Program Files (x86)\Feven 1.5\Feven 1.5-updater.exe [2013-12-14] (Feven)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {912DF34C-8E0D-4009-BBA0-24ECC7BA2A80} - System32\Tasks\AntiBrowserSpy - SocialBlock - IEProxyCheck => C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe [2013-08-22] ()
Task: {94ED991C-5A7C-4F43-9079-9082F9CA7361} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-13] (Adobe Systems Incorporated)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A693A6E9-FB8C-46CA-932B-88DC7684BE1C} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => Rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
Task: {B60B27A7-1F14-496F-9175-0B90F070C995} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-07-11] (Systweak Inc) <==== ATTENTION
Task: {CBCBF930-C573-4F0B-894E-2B7C1307152A} - System32\Tasks\Plus-HD-2.5-codedownloader => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-codedownloader.exe [2013-12-12] (Plus HD) <==== ATTENTION
Task: {CC6D4E10-9000-4FD1-8888-6EA3ABB2C466} - System32\Tasks\ViewPassword Update => C:\Program Files (x86)\ViewPassword\ViewPassword.exe [2013-12-12] ()
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D15AC075-B797-4B99-889F-3ADF2445BA40} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-07-11] (Systweak Inc) <==== ATTENTION
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E203C98C-6294-4879-809F-2FF5AAB87394} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-14] (Synaptics Incorporated)
Task: {E642647C-C051-44D8-8C8A-84C01F096F59} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.0.0.100\WSCStub.exe [2013-08-16] (Symantec Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E74FC7AC-BF0B-4E5D-BD97-C0046720EEE1} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.browsersafeguard.exe [2013-12-12] () <==== ATTENTION
Task: {EE31E623-9DAB-42A2-82C0-F74C248B9FAD} - System32\Tasks\Feven 1.5-codedownloader => C:\Program Files (x86)\Feven 1.5\Feven 1.5-codedownloader.exe [2013-12-14] (Feven)
Task: {FF4A0760-7771-4956-AA58-23FC1E29FEDC} - System32\Tasks\Plus-HD-2.5-enabler => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-enabler.exe [2013-12-12] (Plus HD) <==== ATTENTION
Task: {FF6B227B-3D3A-4BEB-A425-B5D3F8EDB02F} - System32\Tasks\Dolby Selector => C:\Program Files\Dolby Digital Plus\ddp.exe [2013-08-08] (Dolby Laboratories Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Feven 1.5-chromeinstaller.job => C:\Program Files (x86)\Feven 1.5\Feven 1.5-chromeinstaller.exe
Task: C:\Windows\Tasks\Feven 1.5-codedownloader.job => C:\Program Files (x86)\Feven 1.5\Feven 1.5-codedownloader.exe
Task: C:\Windows\Tasks\Feven 1.5-enabler.job => C:\Program Files (x86)\Feven 1.5\Feven 1.5-enabler.exe
Task: C:\Windows\Tasks\Feven 1.5-firefoxinstaller.job => C:\Program Files (x86)\Feven 1.5\Feven 1.5-firefoxinstaller.exe
Task: C:\Windows\Tasks\Feven 1.5-updater.job => C:\Program Files (x86)\Feven 1.5\Feven 1.5-updater.exe
Task: C:\Windows\Tasks\FoxTab.job => C:\Users\Bernd\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.5-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.5-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.5-enabler.job => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.5-updater.job => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe
Task: C:\Windows\Tasks\spmonitor.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
Task: C:\Windows\Tasks\ViewPassword Update.job => C:\Program Files (x86)\ViewPassword\ViewPassword.exe
==================== Loaded Modules (whitelisted) =============
2013-08-08 16:53 - 2013-08-08 16:53 - 00050904 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2012-12-05 10:35 - 2012-12-05 10:35 - 00454144 _____ () C:\Windows\system32\EMRegSys.dll
2013-09-19 23:37 - 2013-09-19 23:37 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2013-09-19 23:32 - 2013-09-19 23:32 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2013-12-13 22:59 - 2013-10-29 14:08 - 02869720 _____ () C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll
2013-12-13 21:49 - 2012-07-25 12:03 - 00886272 _____ () C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll
2013-12-13 21:49 - 2013-10-04 18:20 - 01730928 _____ () C:\Program Files (x86)\Advanced System Protector\aspsys.dll
2013-12-13 21:49 - 2012-07-25 12:03 - 00168448 _____ () C:\Program Files (x86)\Advanced System Protector\UNRAR.DLL
2013-12-13 22:06 - 2013-12-13 22:06 - 00337920 _____ () C:\Program Files (x86)\Spring Smart\bin\sqlite3.DLL
2013-10-08 12:22 - 2009-12-18 15:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2013-10-08 12:22 - 2009-12-18 15:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00034848 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00056864 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\srau.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00150560 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00112672 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 01981472 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00055840 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\spbl.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00013344 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\siem.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00049184 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\sppsm.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00728096 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00082464 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00014368 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00017440 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00031264 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\srut.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00020512 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\srsbs.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00057888 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00014368 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\sgml.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00053280 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00014880 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\srpdm.dll
2013-10-31 15:29 - 2013-10-31 15:29 - 00048160 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2013-10-31 15:29 - 2013-10-31 15:29 - 00026144 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00025632 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2013-10-31 15:17 - 2013-10-31 15:17 - 00193056 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\sgmu.dll
2013-10-31 15:16 - 2013-10-31 15:16 - 00068640 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00248864 _____ () C:\Users\Bernd\AppData\Local\Smartbar\Application\srns.dll
2013-10-07 08:28 - 2013-08-05 08:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 15:48 - 2013-08-05 15:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Bernd\AppData\Roaming\Dropbox\bin\libcef.dll
2013-12-13 21:54 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\Users\Bernd\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\privat\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/16/2013 11:22:47 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Das erforderliche "name"-Attribut fehlt im assemblyIdentity-Element.
Error: (12/16/2013 11:22:47 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Das erforderliche "name"-Attribut fehlt im assemblyIdentity-Element.
Error: (12/16/2013 11:02:38 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (12/16/2013 10:52:06 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1453
Error: (12/16/2013 10:52:06 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1453
Error: (12/16/2013 10:52:06 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/14/2013 08:08:44 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PHotkey.exe, Version: 1.0.0.90, Zeitstempel: 0x522fe671
Name des fehlerhaften Moduls: PHotkey.exe, Version: 1.0.0.90, Zeitstempel: 0x522fe671
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00011841
ID des fehlerhaften Prozesses: 0x2a54
Startzeit der fehlerhaften Anwendung: 0xPHotkey.exe0
Pfad der fehlerhaften Anwendung: PHotkey.exe1
Pfad des fehlerhaften Moduls: PHotkey.exe2
Berichtskennung: PHotkey.exe3
Vollständiger Name des fehlerhaften Pakets: PHotkey.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PHotkey.exe5
Error: (12/14/2013 08:08:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1018078
Error: (12/14/2013 08:08:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1018078
Error: (12/14/2013 08:08:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (12/16/2013 10:09:28 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/16/2013 10:09:28 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.
Error: (12/14/2013 08:44:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062
Error: (12/14/2013 08:17:43 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (12/14/2013 08:17:43 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (12/14/2013 06:37:09 PM) (Source: DCOM) (User: DAMPFMASCHINN)
Description: {0E9A7BB5-F699-4D66-8A47-B919F5B6A1DB}
Error: (12/13/2013 11:55:16 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 43. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (12/13/2013 09:54:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SProtection" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (12/13/2013 09:36:10 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/13/2013 09:36:10 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.
Microsoft Office Sessions:
=========================
Error: (12/16/2013 11:22:47 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitynameC:\Users\Bernd\AppData\Local\Temp\455.7824454212927_Update.exeC:\Users\Bernd\AppData\Local\Temp\455.7824454212927_Update.exe3
Error: (12/16/2013 11:22:47 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitynameC:\Users\Bernd\AppData\Local\Temp\455.7824454212927_Update.exeC:\Users\Bernd\AppData\Local\Temp\455.7824454212927_Update.exe3
Error: (12/16/2013 11:02:38 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (12/16/2013 10:52:06 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1453
Error: (12/16/2013 10:52:06 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1453
Error: (12/16/2013 10:52:06 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/14/2013 08:08:44 PM) (Source: Application Error)(User: )
Description: PHotkey.exe1.0.0.90522fe671PHotkey.exe1.0.0.90522fe671c0000005000118412a5401cef8dc0545622cC:\Program Files (x86)\PHotkey\PHotkey.exeC:\Program Files (x86)\PHotkey\PHotkey.exe26954e48-64f3-11e3-827f-240a64fdc898
Error: (12/14/2013 08:08:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1018078
Error: (12/14/2013 08:08:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1018078
Error: (12/14/2013 08:08:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
==================== Memory info ===========================
Percentage of memory in use: 64%
Total physical RAM: 3976.19 MB
Available physical RAM: 1422.82 MB
Total Pagefile: 5384.19 MB
Available Pagefile: 2353.91 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:404.05 GB) (Free:368.29 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:45.64 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 00000000)
Partition: GPT Partition Type
==================== End Of Log ============================
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-12-2013 02
Ran by Bernd (administrator) on DAMPFMASCHINN on 16-12-2013 11:36:28
Running from C:\Users\Bernd\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
() C:\Program Files (x86)\Optimizer Pro\OptProCrash.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
() C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
(SpeedUpMyPC) C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.0.0.100\NIS.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.0.0.100\NIS.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe
() C:\Program Files (x86)\Spring Smart\updateSpringSmart.exe
() C:\Program Files (x86)\Spring Smart\bin\utilSpringSmart.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe
(Conduit) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Conduit) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Conduit) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Smartbar) C:\Users\Bernd\AppData\Local\Smartbar\Application\SnapDo.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(BrowserSafeguard) C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
(PC Utilities Pro) C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
(Engelmann Media) C:\Program Files (x86)\Engelmann Media\Win8Starter\Win8Starter.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Dropbox, Inc.) C:\Users\Bernd\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(1und1 Mail und Media GmbH) C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(Iminent) C:\Program Files (x86)\Iminent\Iminent.exe
(Iminent) C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Smart PC Solutions) C:\Program Files (x86)\PC Speed Maximizer\SPMSmartScan.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] - C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe [280576 2013-09-29] (Realtek Semiconductor Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2777840 2013-08-14] (Synaptics Incorporated)
HKLM\...\Winlogon: [Shell] explorer.exe /select,explorer.exe [2328872 2013-10-22] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKCU\...\Run: [Browser Infrastructure Helper] - C:\Users\Bernd\AppData\Local\Smartbar\Application\SnapDo.exe [21536 2013-10-31] (Smartbar)
HKCU\...\Run: [BrowserSafeguard] - C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe [569856 2013-11-20] (BrowserSafeguard)
HKCU\...\Run: [Optimizer Pro] - C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [134648 2013-10-28] ()
HKCU\...\Run: [HP Officejet 6500 E710n-z (NET)] - C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Run: [PC Speed Maximizer] - C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe [134456 2013-03-09] (Smart PC Solutions)
HKCU\...\Policies\Explorer: [DisallowRun] 1
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-09-23] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-18] (CyberLink Corp.)
HKLM-x32\...\Run: [MailCheck IE Broker] - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [1766464 2013-10-16] (1und1 Mail und Media GmbH)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [761024 2013-12-13] ()
HKLM-x32\...\Run: [Iminent] - C:\Program Files (x86)\Iminent\Iminent.exe [1074736 2013-12-02] (Iminent)
HKLM-x32\...\Run: [IminentMessenger] - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784 2013-12-02] (Iminent)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
AppInit_DLLs: C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1317152 2013-12-04] (Conduit)
AppInit_DLLs-x32: c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll c:\progra~2\optimi~1\optpro~1.dll [2869720 2013-10-29] ()
Startup: C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Bernd\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\Bernd\AppData\Roaming\Windows Net Data\net.exe (No File)
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49315;https=127.0.0.1:49315;ftp=localhost:8088;socks=localhost:8088
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=e651dfc3-f202-59a8-e65c-34e1684666d7&searchtype=ds&q={searchTerms}&installDate=12/12/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=ct3320133&octid=eb_original_ctid&searchsource=55&cui=&um=2&up=spdb4611b7-5693-464c-b5c5-232a696f137b&sspv=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://aartemis.com/?type=hp&ts=1386968811&from=obw&uid=ST500LM000-1EJ162_W370P4PVXXXXW370P4PV
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=e651dfc3-f202-59a8-e65c-34e1684666d7&searchtype=ds&q={searchTerms}&installDate=12/12/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1386968811&from=obw&uid=ST500LM000-1EJ162_W370P4PVXXXXW370P4PV&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://aartemis.com/?type=hp&ts=1386968811&from=obw&uid=ST500LM000-1EJ162_W370P4PVXXXXW370P4PV
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://aartemis.com/?type=hp&ts=1386968811&from=obw&uid=ST500LM000-1EJ162_W370P4PVXXXXW370P4PV
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.aartemis.com/web/?type=ds&ts=1386968811&from=obw&uid=ST500LM000-1EJ162_W370P4PVXXXXW370P4PV&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1386968811&from=obw&uid=ST500LM000-1EJ162_W370P4PVXXXXW370P4PV&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://aartemis.com/?type=hp&ts=1386968811&from=obw&uid=ST500LM000-1EJ162_W370P4PVXXXXW370P4PV
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://aartemis.com/?type=hp&ts=1386968811&from=obw&uid=ST500LM000-1EJ162_W370P4PVXXXXW370P4PV
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.aartemis.com/web/?type=ds&ts=1386968811&from=obw&uid=ST500LM000-1EJ162_W370P4PVXXXXW370P4PV&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://aartemis.com/?type=sc&ts=1386968811&from=obw&uid=ST500LM000-1EJ162_W370P4PVXXXXW370P4PV
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1386968811&from=obw&uid=ST500LM000-1EJ162_W370P4PVXXXXW370P4PV&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1386968811&from=obw&uid=ST500LM000-1EJ162_W370P4PVXXXXW370P4PV&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1386968811&from=obw&uid=ST500LM000-1EJ162_W370P4PVXXXXW370P4PV&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=e651dfc3-f202-59a8-e65c-34e1684666d7&searchtype=ds&q={searchTerms}&installDate=12/12/2013
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1386968811&from=obw&uid=ST500LM000-1EJ162_W370P4PVXXXXW370P4PV&q={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3320133&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPDB4611B7-5693-464C-B5C5-232A696F137B&q={searchTerms}&SSPV=
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=e651dfc3-f202-59a8-e65c-34e1684666d7&searchtype=ds&q={searchTerms}&installDate=12/12/2013
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3320133&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPDB4611B7-5693-464C-B5C5-232A696F137B&q={searchTerms}&SSPV=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=21&locale=de_DE&gct=kwd&qsrc=2869
BHO: Plus-HD-2.5 - {11111111-1111-1111-1111-110311341138} - C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-bho64.dll (Plus HD)
BHO: Feven 1.5 - {11111111-1111-1111-1111-110311851132} - C:\Program Files (x86)\Feven 1.5\Feven 1.5-bho64.dll (Feven)
BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: WEB.DE MailCheck BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
BHO-x32: Plus-HD-2.5 - {11111111-1111-1111-1111-110311341138} - C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-bho.dll (Plus HD)
BHO-x32: Feven 1.5 - {11111111-1111-1111-1111-110311851132} - C:\Program Files (x86)\Feven 1.5\Feven 1.5-bho.dll (Feven)
BHO-x32: CBAbzockschutz.InitToolbarBHO - {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.0.0.100\CoIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.0.0.100\IPS\IPSBHO.dll (Symantec Corporation)
BHO-x32: Spring Smart - {7f232128-6f42-4f37-8efe-2e6020b2d478} - C:\Program Files (x86)\Spring Smart\SpringSmartBHO.dll (Spring Smart)
BHO-x32: ViewPassword - {9d1aff7a-ac27-4db3-b1b2-edeb7a26d900} - C:\Program Files (x86)\ViewPassword\136.dll ()
BHO-x32: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (SIEN)
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
BHO-x32: WEB.DE MailCheck BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
BHO-x32: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll (PricePeep)
Toolbar: HKLM - WEB.DE MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - WEB.DE MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.0.0.100\CoIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - WEB.DE MailCheck - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Handler-x32: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default
FF user.js: detected! => C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\user.js
FF SelectedSearchEngine: aartemis
FF Homepage: hxxp://googel.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\aartemis.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Feven 1.5 - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com
FF Extension: Amazon-Icon - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\amazon-icon@giga.de
FF Extension: pricealarm - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
FF Extension: Spartipps von SparPilot.com - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\sparpilot@sparpilot.com
FF Extension: No Name - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\staged
FF Extension: Foxtab Speed Dial - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}
FF Extension: COMPUTERBILD-Abzockschutz - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}
FF Extension: firefox - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\firefox@springsmart.net.xpi
FF Extension: toolbar - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\toolbar@web.de.xpi
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [jid0-1wPBLrijxGVkIUhu0kFYq6ZaWzA@jetpack] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox
FF Extension: AntiBrowserSpy - SocialBlock - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox
FF HKCU\...\Firefox\Extensions: [{4455abfa-f1e4-4eec-8a10-7ca8d3308073}] - C:\Program Files (x86)\ViewPassword\136.xpi
FF Extension: No Name - C:\Program Files (x86)\ViewPassword\136.xpi
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Feven 1.5) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\baodmgdpdoelldjmkhknbolcldnfjegg\1.25.62_0
CHR Extension: (Price Alarm) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab
CHR Extension: (Plus-HD-2.5) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.93_0
CHR HKLM-x32\...\Chrome\Extension: [jmojojliiicbbihpjmiepllaiflnjobc] - C:\Program Files (x86)\ViewPassword\136.crx
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Bernd\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.0.0.100\Exts\Chrome.crx
==================== Services (Whitelisted) =================
R2 70e6ca8c; C:\Program Files (x86)\Optimizer Pro\OptProCrash.exe [143488 2013-12-13] ()
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [38440 2013-09-19] (Just Develop It)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [61440 2013-09-26] ()
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2251552 2013-12-04] (Conduit)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [160768 2013-06-27] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.0.0.100\NIS.exe [143856 2013-08-09] (Symantec Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2905408 2013-12-02] (Iminent)
R2 Update Spring Smart; C:\Program Files (x86)\Spring Smart\updateSpringSmart.exe [66344 2013-11-07] ()
R2 Util Spring Smart; C:\Program Files (x86)\Spring Smart\bin\utilSpringSmart.exe [66344 2013-12-13] ()
R2 WajamUpdaterV3; C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe [114176 2013-11-11] (Wajam)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [499856 2013-12-13] (Cherished Technololgy LIMITED)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\BASHDefs\20130814.001\BHDrvx64.sys [1525336 2013-08-13] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1500000.064\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-14] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-14] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\IPSDefs\20130805.011\IDSVia64.sys [520280 2013-08-06] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20131213.018\ENG64.SYS [126040 2013-12-14] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20131213.018\EX64.SYS [2099288 2013-12-14] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 PegaRadioSwitch; C:\Windows\System32\drivers\PegaRadioSwitch.sys [23552 2013-08-22] (Windows (R) Win 7 DDK provider)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2013-10-22] ()
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2945240 2013-09-12] (Realtek Semiconductor Corporation )
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-08-14] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1500000.064\SRTSP64.SYS [854616 2013-07-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1500000.064\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1500000.064\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1500000.064\SYMEFA64.SYS [1147480 2013-08-05] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1500000.064\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-14] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1500000.064\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1500000.064\SYMNETS.SYS [590424 2013-07-31] (Symantec Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
========================== Drivers MD5 =======================
C:\Windows\System32\drivers\1394ohci.sys E1832BD9FD7E0FC2DC9FA5935DE3E8C1
C:\Windows\System32\drivers\3ware.sys AD508A1A46EC21B740AB31C28EFDFDB1
C:\Windows\System32\drivers\ACPI.sys 3D30878A269D934100FA5F972E53AF39
C:\Windows\System32\Drivers\acpiex.sys AC8279D229398BCF05C3154ADCA86813
C:\Windows\System32\drivers\acpipagr.sys A8970D9BF23CD309E0403978A1B58F3F
C:\Windows\System32\drivers\acpipmi.sys 111A89C99C5B4F1A7BCE5F643DD86F65
C:\Windows\System32\drivers\acpitime.sys 5758387D68A20AE7D3245011B07E36E7
C:\Windows\System32\drivers\ADP80XX.SYS 7C1FDF1B48298CBA7CE4BDD4978951AD
C:\Windows\system32\drivers\afd.sys 239268BAB58EAE9A3FF4E08334C00451
C:\Windows\System32\drivers\agp440.sys 7DFAEBA9AD62D20102B576D5CAC45EC8
C:\Windows\System32\DRIVERS\ahcache.sys 8E8E34B7BA059050EED827410D0697A2
C:\Windows\System32\drivers\amdk8.sys 7589DE749DB6F71A68489DCE04158729
C:\Windows\System32\drivers\amdppm.sys B46D2D89AFF8A9490FA8C98C7A5616E3
C:\Windows\System32\drivers\amdsata.sys D2BF2F94A47D332814910FD47C6BBCD2
C:\Windows\System32\drivers\amdsbs.sys A8E04943C7BBA7219AA50400272C3C6E
C:\Windows\System32\drivers\amdxata.sys CEA5F4F27CFC08E3A44D576811B35F50
C:\Windows\system32\drivers\appid.sys 04951A9A937CBE28A2D3FEEA360B6D1F
C:\Windows\System32\drivers\arcsas.sys 65045784366F7EC5FB4E71BCF923187B
C:\Windows\System32\drivers\atapi.sys 74B14192CF79A72F7536B27CB8814FBD
C:\Windows\System32\drivers\bxvbda.sys A4A73F631FE2AA2826FBE4A399B04DEF
C:\Windows\System32\drivers\BasicDisplay.sys 8CC7F7E4AFCBA605921B137ED7992C68
C:\Windows\System32\drivers\BasicRender.sys 2748E116F8621A4DB0D39FCDD7318C01
C:\Windows\System32\drivers\bcmfn2.sys C1ABB0F7E3BEA48A0417BDF6FF14AB21
C:\Windows\System32\Drivers\Beep.sys EC19013E4CF87609534165DF897274D6
C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\BASHDefs\20130814.001\BHDrvx64.sys 0A3BDD9D32EF687D8D9F37500B1CFD80
C:\Windows\System32\DRIVERS\bowser.sys 6B4FFFDDC618FCF64473CAA86E305697
C:\Windows\System32\drivers\BthAvrcpTg.sys A8F23D453A424FF4DE04989C4727ECC7
C:\Windows\System32\drivers\BthEnum.sys 131F1C8573E7BFB41C54FBF5309CCD94
C:\Windows\System32\drivers\bthhfenum.sys 746B9F94214915AECDE4B7FEA5FF9664
C:\Windows\System32\drivers\BthHFHid.sys 71FE2A48E4C93DDB9798C024880B6C07
C:\Windows\system32\DRIVERS\BthLEEnum.sys FCD8BD17B7193CFFF18C332D1A381D7F
C:\Windows\System32\drivers\bthmodem.sys 07E33226AD218A2A162662A05CAFB52F
C:\Windows\system32\DRIVERS\bthpan.sys 3AFE71D80EDF5D4DE0C5731352905669
C:\Windows\System32\Drivers\BTHport.sys 10EDF9E0838BA4578FFFFF274632D454
C:\Windows\System32\Drivers\BTHUSB.sys 0E7FA34B975764C33B5DBC6F8C401627
C:\Windows\system32\drivers\NISx64\1500000.064\ccSetx64.sys A5C16A0BE89EE409732178BEB62F7EA7
C:\Windows\System32\DRIVERS\cdfs.sys 2FA6510E33F7DEFEC03658B74101A9B9
C:\Windows\System32\drivers\cdrom.sys C6796EA22B513E3457514D92DCDB1A3D
C:\Windows\System32\drivers\circlass.sys BE9936EDD3267FAAFF94A7835867F00B
C:\Windows\System32\drivers\CLFS.sys 7F006813C2AFE622C13D7AF94F56CD07
C:\Windows\system32\DRIVERS\CLVirtualDrive.sys 3E76A1547F2448BCEE3D2F4AE3931AB5
C:\Windows\system32\DRIVERS\clwvd.sys 39F71BF21E7F8EBE9B4810BC95EE26D6
C:\Windows\System32\drivers\CmBatt.sys EF6EF85DADC3184A10D8F2F7159973CB
C:\Windows\System32\Drivers\cng.sys 825BE21E6395E00698D8A23955A87972
C:\Windows\System32\drivers\CompositeBus.sys 03AAED827C36F35D70900558B8274905
C:\Windows\System32\drivers\condrv.sys A1FF7DFBFBE164CF92603C651D304DD2
C:\Windows\System32\drivers\dam.sys 315BA4BC19316D72B2E037534E048B93
C:\Windows\System32\Drivers\dfsc.sys 5DB26D7E0216D0BF364A81D3829AD7B9
C:\Windows\System32\drivers\disk.sys 4D40C9B33F738797CF50E77CB7C53E85
C:\Windows\System32\drivers\dmvsc.sys EB70A894708D1BC176AFD690FF06085F
C:\Windows\system32\drivers\drmkaud.sys DDC11A202207C0400CBE07315B8FDE5E
C:\Windows\System32\drivers\dxgkrnl.sys A3D1CB64DF885ACE126543E6D7067348
C:\Windows\System32\drivers\evbda.sys 114BCFDF367FF37C3F1B0A96AF542E4D
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 1B7AA375F711F66D5FF2B855F9EC987F
C:\Windows\System32\drivers\EhStorClass.sys 43531A5993380CC5113242C29D265FD9
C:\Windows\System32\drivers\EhStorTcgDrv.sys 6F8E738A9505A388B1157FDDE7B3101B
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 7230C8B80DDE1F0524C353240B78CC0E
C:\Windows\System32\drivers\errdev.sys DFFFAE1442BA4076E18EED5E406FA0D3
C:\Windows\System32\Drivers\exfat.sys 7729D294A555C7AEB281ED8E4D0E01E4
C:\Windows\System32\Drivers\fastfat.sys 7C4E0D5900B2A1D11EDD626D6DDB937B
C:\Windows\System32\drivers\fdc.sys 5D8402613E778B3BD45E687A8372710B
C:\Windows\System32\drivers\fileinfo.sys 957A7A8F5ACCAF23DD9DFF6DAA393CE5
C:\Windows\System32\drivers\filetrace.sys A1A66C4FDAFD6B0289523232AFB7D8AF
C:\Windows\System32\drivers\flpydisk.sys BE743083CF7063C486A4398E3AEFE59A
C:\Windows\System32\drivers\fltmgr.sys 60D5067FCE6D9433D35E04C01D8538B3
C:\Windows\System32\drivers\FsDepends.sys 35005534E600E993A90B036E4E599F2B
C:\Windows\System32\Drivers\Fs_Rec.sys 09F460AFEDCA03F3BF6E07D1CCC9AC42
C:\Windows\System32\DRIVERS\fvevol.sys 83E1F0983B02A6F8EC764D18E24ECF10
C:\Windows\System32\drivers\fxppm.sys 9591D0B9351ED489EAFD9D1CE52A8015
C:\Windows\System32\drivers\gagp30kx.sys FC3EF65EE20D39F8749C2218DBA681CA
C:\Windows\System32\drivers\vmgencounter.sys 0BF5CAD281E25F1418E5B8875DC5ADD1
C:\Windows\System32\Drivers\msgpioclx.sys FDA72810CA2F8409D9B31E833C448E34
C:\Windows\system32\drivers\HdAudio.sys 56F69F7C25FB67C970997D7066DBC593
C:\Windows\System32\drivers\HDAudBus.sys 03909BDBFF0DCACCABF2B2D4ADEE44DC
C:\Windows\System32\drivers\HidBatt.sys 10A70BC1871CD955D85CD88372724906
C:\Windows\System32\drivers\hidbth.sys 1EA1B4FABB8CC348E73CA90DBA22E104
C:\Windows\System32\drivers\hidi2c.sys C241A8BAFBBFC90176EA0F5240EACC17
C:\Windows\System32\drivers\hidir.sys 9BDDEE26255421017E161CCB9D5EDA95
C:\Windows\System32\drivers\hidusb.sys F31397220D9687E11EB448649AA6E038
C:\Windows\System32\drivers\HpSAMD.sys A6AACEA4C785789BDA5912AD1FEDA80D
C:\Windows\System32\drivers\HTTP.sys 3502776E366C913D49C0DA928AE3E6CB
C:\Windows\System32\drivers\hwpolicy.sys 90656C0B3864804B090434EFC582404F
C:\Windows\System32\drivers\hyperkbd.sys 6D6F9E3BF0484967E52F7E846BFF1CA1
C:\Windows\system32\DRIVERS\HyperVideo.sys 907C870F8C31F8DDD6F090857B46AB25
C:\Windows\System32\drivers\i8042prt.sys 84CFC5EFA97D0C965EDE1D56F116A541
C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 5D90E32E36CE5D4C535D17CE08AEAF05
C:\Windows\System32\drivers\iaLPSSi_I2C.sys DD05E7E80F52ADE9AEB292819920F32C
C:\Windows\System32\drivers\iaStorAV.sys 08BFE413B0B4AA8DFA4B5684CE06D3DC
C:\Windows\System32\drivers\iaStorV.sys A2200C3033FA4EF249FC096A7A7D02A2
C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\IPSDefs\20130805.011\IDSVia64.sys A1258065E8B16E23E2AFDE72FB5559BC
C:\Windows\system32\DRIVERS\igdkmd64.sys DA1F4665FE06FB8E971C978675A68FF9
C:\Windows\system32\drivers\intelaud.sys DB65573521AB51941F4FA799D0968136
C:\Windows\system32\drivers\RTKVHD64.sys 0CDE7928C4B99C25AAED3B4E84E78168
C:\Windows\system32\DRIVERS\IntcDAud.sys 0FADFEC887EE44265B4C287F9AF36FE5
C:\Windows\System32\drivers\intelide.sys 4E448FCFFD00E8D657CD9E48D3E47157
C:\Windows\System32\drivers\intelpep.sys 139CFCDCD36B1B1782FD8C0014AC9B0E
C:\Windows\System32\drivers\intelppm.sys 47E74A8E53C7C24DCE38311E1451C1D9
C:\Windows\System32\DRIVERS\ipfltdrv.sys 9DB76D7F9E4E53EFE5DD8C53DE837514
C:\Windows\System32\drivers\IPMIDrv.sys 9949A3C7590B8C536C05312205079A82
C:\Windows\System32\drivers\ipnat.sys E23D32BAF152FBE35F18C6A2AB8EF271
C:\Windows\System32\drivers\irenum.sys AE44C526AB5F8A487D941CEB57B10C97
C:\Windows\System32\drivers\isapnp.sys 8AFEEA3955AA43616A60F133B1D25F21
C:\Windows\System32\drivers\msiscsi.sys 034D4BD9DC67C64F3A4C8A049B5173BF
C:\Windows\System32\drivers\iwdbus.sys 2C04ACF9070282AC9AA837C52CA3C128
C:\Windows\System32\drivers\kbdclass.sys 8BE92376799B6B44D543E8D07CDCF885
C:\Windows\System32\drivers\kbdhid.sys FB6E47E569D4872ABEB506BE03A45FBA
C:\Windows\system32\DRIVERS\kdnic.sys 813871C7D402A05F2E3A7075F9584A05
C:\Windows\System32\Drivers\ksecdd.sys ADDECBCC777665BD113BED437E602AB0
C:\Windows\System32\Drivers\ksecpkg.sys 7296EA420134EAC390798B3232D066A4
C:\Windows\system32\drivers\ksthunk.sys 11AFB527AA370B1DAFD5C36F35F6D45F
C:\Windows\system32\DRIVERS\lltdio.sys C09010B3680860131631F53E8FE7BAD8
C:\Windows\System32\drivers\lsi_sas.sys C755AE4635457AA2A11F79C0DF857ABC
C:\Windows\System32\drivers\lsi_sas2.sys ADAC09CBE7A2040B7F68B5E5C9A75141
C:\Windows\System32\drivers\lsi_sas3.sys 04D1274BB9BBCCF12BD12374002AA191
C:\Windows\System32\drivers\lsi_sss.sys 327469EEF3833D0C584B7E88A76AEC0C
C:\Windows\system32\drivers\luafv.sys 5EF604B0698F4FA962778285E8C5F1F2
C:\Windows\System32\drivers\megasas.sys EB5C03A070F30D64A6DF80E53B22F53F
C:\Windows\System32\drivers\megasr.sys F6F13533196DE7A582D422B0241E4363
C:\Windows\System32\drivers\modem.sys 8B38C44F69259987C95135C9627E2378
C:\Windows\System32\drivers\monitor.sys 601589000CC90F0DF8DA2CC254A3CCC9
C:\Windows\System32\drivers\mouclass.sys CEAC6D40FE887CE8406C2393CF97DE06
C:\Windows\System32\drivers\mouhid.sys 02D98BF804084E9A0D69D1C69B02CCA9
C:\Windows\System32\drivers\mountmgr.sys 515549560D481138E6E21AF7C6998E56
C:\Windows\System32\drivers\mpsdrv.sys F170510BE94CF45E3C6274578F6204B2
C:\Windows\system32\drivers\mrxdav.sys 59DCEC7499095DE5AED741358037AE2D
C:\Windows\System32\DRIVERS\mrxsmb.sys 6129EDB793A4255B1E2FB41773AC9D9A
C:\Windows\System32\DRIVERS\mrxsmb10.sys 295771B092D4F7FCF2B62F80CCD14320
C:\Windows\System32\DRIVERS\mrxsmb20.sys AAF56E4E84D35411B4E446C445732DFE
C:\Windows\system32\DRIVERS\bridge.sys 4E888019078AC363076A5433E89AA4F8
C:\Windows\System32\Drivers\Msfs.sys D13329FBF8345B28AB30F44CC247DC08
C:\Windows\System32\drivers\msgpiowin32.sys C6B474E46F9E543B875981ED3FFE6ADD
C:\Windows\System32\drivers\mshidkmdf.sys 65C92EB9D08DB5C69F28C7FFD4E84E31
C:\Windows\System32\drivers\mshidumdf.sys 52299F086AC2DAFD100DD5DC4A8614BA
C:\Windows\System32\drivers\msisadrv.sys 36D92AF3343C3A3E57FEF11C449AEA4C
C:\Windows\system32\drivers\MSKSSRV.sys A9BBBD2BAE6142253B9195E949AC2E8D
C:\Windows\system32\DRIVERS\mslldp.sys 375E44168F2DFB91A68B8A3F619C5A7C
C:\Windows\system32\drivers\MSPCLOCK.sys 7B2128EB875DCBC006E6A913211006D6
C:\Windows\system32\drivers\MSPQM.sys 1E88171579B218115C7A772F8DE04BD8
C:\Windows\System32\Drivers\MsRPC.sys BBE2A455053E63BECBF42C2F9B21FAE0
C:\Windows\System32\drivers\mssmbios.sys 8D6B7D515C5CBCDB75B928A0B73C3C5E
C:\Windows\system32\drivers\MSTEE.sys 115019AE01E0EB9C048530D2928AB4A2
C:\Windows\System32\drivers\MTConfig.sys 96D604A35070360F0DD4A7A8AF410B5E
C:\Windows\System32\Drivers\mup.sys 619CA29326B82372621DB2C0964D8365
C:\Windows\System32\drivers\mvumis.sys B8C35C94DCB2DFEAF03BB42131F2F77F
C:\Windows\system32\DRIVERS\nwifi.sys CF8B989D89D6807B887690F2CF24EFD9
C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20131213.018\ENG64.SYS 702E07EC32F96ACDB873E9A5465D4401
C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20131213.018\EX64.SYS 302EA314A1AF0D7CEF0A3D0195F79561
C:\Windows\System32\drivers\ndis.sys AD9086052A5E5153AF43FE74138A4B27
C:\Windows\system32\DRIVERS\ndiscap.sys C6BB12BC35D1637CA17AE16D3A4725EB
C:\Windows\system32\DRIVERS\NdisImPlatform.sys 9F1DA20E943BE7AA4ED5F3E1EBA78B37
C:\Windows\system32\DRIVERS\ndistapi.sys 9423421E735BD5394351E0C47C76BB92
C:\Windows\system32\DRIVERS\ndisuio.sys B832B35055BA2B7B4181861FF94D8E59
C:\Windows\System32\drivers\NdisVirtualBus.sys 1F58E48EF75F34C35D8E93A0DC535CFE
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\System32\Drivers\NDProxy.sys A5BD69A8812FA79D1A487691DD3FB244
C:\Windows\System32\drivers\Ndu.sys 5A072F0B90C29C5233D78BE33EF5ED78
C:\Windows\System32\DRIVERS\netbios.sys A83D67D347A684F10B7D3019C8A6380C
C:\Windows\System32\DRIVERS\netbt.sys 0217532E19A748F0E5D569307363D5FD
C:\Windows\system32\DRIVERS\netvsc63.sys 70414DB660BFBB7BD58FCE8EA4364E1B
C:\Windows\system32\DRIVERS\NETwew02.sys B636B4A8E59A73033B766EA7FD7C3B81
C:\Windows\System32\Drivers\Npfs.sys 8F44A2F57C9F1A19AC9C6288C10FB351
C:\Windows\System32\drivers\npsvctrig.sys CBDB4F0871C88DF930FC0E8588CA67FC
C:\Windows\System32\drivers\nsiproxy.sys E490B459978CB87779E84C761D22B827
C:\Windows\System32\Drivers\Ntfs.sys 4412D565C0278C401575E11072C7DCE3
C:\Windows\System32\Drivers\Null.sys EF1B290FC9F0E47CC0B537292BEE5904
C:\Windows\System32\drivers\nvraid.sys BC6B5942AFF25EBAF62DE43C3807EDF8
C:\Windows\System32\drivers\nvstor.sys 1F43ABFFAC3D6CA356851D517392966E
C:\Windows\System32\drivers\nv_agp.sys 6934A936A7369DFE37B7DBA93F5E5E49
C:\Windows\System32\drivers\parport.sys 764B1121867B2D9B31C491668AC72B2B
C:\Windows\System32\drivers\partmgr.sys EF0C1749C9A8CEE9A457473D433CC00F
C:\Windows\System32\drivers\pci.sys C0D3F3BC1C84B4BA746D9847314C1164
C:\Windows\System32\drivers\pciide.sys 346E38FCC6859A727DD28AFAD1F0AFF4
C:\Windows\System32\drivers\pcmcia.sys 4D3BDCC1C7B40C9D7B6AD990E6DEC397
C:\Windows\System32\drivers\pcw.sys BF28771D1436C88BE1D297D3098B0F7D
C:\Windows\System32\drivers\pdc.sys B9D968D8E2B0F9C6301CEB39CFC9B9E4
C:\Windows\System32\drivers\peauth.sys BA50CC0BD19004AAB88BE37338B6FA0D
C:\Program Files (x86)\PHotkey\PEGAGFN.sys EE926C59CBD4DC4DC9FBB85014A2F1A5
C:\Windows\System32\drivers\PegaRadioSwitch.sys 7BB4BD4E20221B6BFC0038851CF3A4F0
C:\Windows\system32\drivers\pmxdrv.sys 0BEE791C7C7ACE453C134E73633C497D
C:\Windows\System32\drivers\processr.sys ECD373F9571C745894367CC2635EA44F
C:\Windows\system32\DRIVERS\pacer.sys 8528BB05E4D4E25945F78B00B2555FB7
C:\Windows\system32\drivers\qwavedrv.sys 3FB466684609A4329858CF2EBD62E0FD
C:\Windows\System32\DRIVERS\rasacd.sys 2C56F0EE27E4EF70CA4B4983D3638905
C:\Windows\system32\DRIVERS\raspppoe.sys 5247F308C4103CDC4FE12AE1D235800A
C:\Windows\System32\DRIVERS\rdbss.sys B939A2A0F9D6C6C186721E268EB6FA93
C:\Windows\System32\drivers\rdpbus.sys 6B21EBF892CD8CACB71669B35AB5DE32
C:\Windows\System32\drivers\rdpdr.sys 680C1DAE268B6FB67FA21B389A8B79EF
C:\Windows\System32\drivers\rdpvideominiport.sys 858776908AF838E3790F3261B799CDA6
C:\Windows\System32\drivers\rdyboost.sys 847C6A08912C3515807049C93E526D65
C:\Windows\System32\Drivers\ReFS.sys 036746D54347FD2D0385668E2A4064E4
C:\Windows\System32\drivers\rfcomm.sys 02307C86CB24769306B0DFA0C751952E
C:\Windows\system32\DRIVERS\rspndr.sys 2D05A5508F4685412F2B89E8C2189ABC
C:\Windows\System32\Drivers\RtsUVStor.sys 28B356BAB74470786867BF4DC261E17C
C:\Windows\system32\DRIVERS\RtkBtfilter.sys 078212D920664313F2224C4F1202FAAE
C:\Windows\system32\DRIVERS\Rt630x64.sys 19764658C1468C2C0CEF133D28414A6B
C:\Windows\system32\DRIVERS\rtwlane.sys 79F9D44C9022BE848C8862518B9E7866
C:\Windows\System32\drivers\vms3cap.sys 1A063730F221B2746FF00457AE17E4F0
C:\Windows\System32\drivers\sbp2port.sys C624A1B32211C3166EDB3F4AB02A30B7
C:\Windows\System32\DRIVERS\scfilter.sys ABD0237B15DBD2B4695F4B7D734A58F7
C:\Windows\System32\drivers\sdbus.sys 2F9A3380B8C0380E5608E29C7AA66899
C:\Windows\System32\drivers\sdstor.sys 4EAF4DCF9DBD9A56952A58F56D61C005
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\SerCx.sys DB2FF24CE0BDD15FE75870AFE312BA89
C:\Windows\System32\drivers\SerCx2.sys 0044B31F93946D5D41982314381FE431
C:\Windows\System32\drivers\serenum.sys 3CD600C089C1251BEEB4CD4CD5164F9E
C:\Windows\System32\drivers\serial.sys D864381BC9C725FAB01D94C060660166
C:\Windows\System32\drivers\sermouse.sys 0BD2B65DCE756FDE95A2E5CCCBF7705D
C:\Windows\System32\drivers\sfloppy.sys 472B7A5AC181C050888DB454663DD764
C:\Windows\System32\drivers\SiSRaid2.sys 2F518D13DD6F3053837FE606F1A2EA1F
C:\Windows\System32\drivers\sisraid4.sys 1AC9A200A9C49C4508F04AAFFCA34A3F
C:\Windows\System32\drivers\Smb_driver_AMDASF.sys 629F6CDD71F284EB2A519B2C95CCCD78
C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys 2458D9FA17F51A458463CF0A4D3FC238
C:\Windows\System32\drivers\spaceport.sys F6EBE514D13ECE7EDC23440039CDF9AB
C:\Windows\System32\drivers\SpbCx.sys F337BE11071818FC3F5DC2940B6BDE34
C:\Windows\system32\drivers\NISx64\1500000.064\SRTSP64.SYS 5BFBC7278A8CD8F4E0A28D5C862197E1
C:\Windows\system32\drivers\NISx64\1500000.064\SRTSPX64.SYS B18CE01B9C09C59422BA7C7064248B35
C:\Windows\System32\DRIVERS\srv.sys 2B78788A1485F9B99A578A299DF42C02
C:\Windows\System32\DRIVERS\srv2.sys C1AE59C0B0817236EC083A91C396005A
C:\Windows\System32\DRIVERS\srvnet.sys 77195C32175FC63D6054EBA5A066D727
C:\Windows\System32\drivers\stexstor.sys 366DEA74BBA65B362BCCFC6FC2ADFD8B
C:\Windows\system32\DRIVERS\serscan.sys 2A997C64F9B2584D81FA6749FE36A887
C:\Windows\System32\drivers\storahci.sys 0ED2E318ABB68C1A35A8B8038BDB4C90
C:\Windows\System32\DRIVERS\vmstorfl.sys 7A08CEE1535F5A448215634C5EA74E50
C:\Windows\System32\drivers\stornvme.sys 6B06E2D11E604BE2B1A406C4CB3B90DE
C:\Windows\System32\drivers\storvsc.sys 548759755BC73DAD663250239D7E0B9F
C:\Windows\System32\drivers\swenum.sys 84E0F5D41C138C5CC975137A2A98F6D3
C:\Windows\System32\drivers\NISx64\1500000.064\SYMDS64.SYS 5C9EE2303CA7F267665D75237862B39C
C:\Windows\System32\drivers\NISx64\1500000.064\SYMEFA64.SYS B12034EFC73DE70042A110B314802740
C:\Windows\System32\drivers\NISx64\1500000.064\SymELAM.sys 20F758E6339A16F97DD83389D582E09A
C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 97E11C50CE52277B377396EA8838E539
C:\Windows\system32\drivers\NISx64\1500000.064\Ironx64.SYS 48C2934683CBD06F662B088EEF49EF6A
C:\Windows\system32\drivers\NISx64\1500000.064\SYMNETS.SYS FF06138CA54AA969F886D5590F4ECD6D
C:\Windows\system32\DRIVERS\SynTP.sys ECC3E50A419EABCE700D3E956495E08C
C:\Windows\System32\drivers\tcpip.sys 6617F44D2432C529B2249A0498B6B40A
C:\Windows\system32\DRIVERS\tcpip.sys 6617F44D2432C529B2249A0498B6B40A
C:\Windows\System32\drivers\tcpipreg.sys 33A7D83EEB15431773A6E186CFAABA21
C:\Windows\system32\DRIVERS\tdx.sys FFF28F9F6823EB1756C60F1649560BBF
C:\Windows\System32\drivers\terminpt.sys 232D185D2337F141311D0CF1983E1431
C:\Windows\system32\drivers\tpm.sys 82F909359600D3603FE852DB7F135626
C:\Windows\System32\drivers\tsusbflt.sys BF8F54CA37E9C9D6582C31C5761F8C93
C:\Windows\System32\drivers\TsUsbGD.sys E0088068DCE2EE82897027DDB8E05254
C:\Windows\system32\DRIVERS\tunnel.sys C8E0E78B5D284C2FF59BDFFDAF997242
C:\Windows\System32\drivers\TXEIx64.sys 72E24CD1662577B38779B5E768C48FEE
C:\Windows\System32\drivers\uagp35.sys F6EEAD052943B5A3104C1405BB856C54
C:\Windows\System32\drivers\uaspstor.sys FE6067B1FD4E63650C667B33D080565B
C:\Windows\System32\drivers\ucx01000.sys 5D1B430EA11064C56E7C8F84B90DEB6A
C:\Windows\System32\DRIVERS\udfs.sys 1EC649F112896FAE33250F0B97AC5D0B
C:\Windows\System32\drivers\UEFI.sys 9578691F297E1B1F519970FE6D47CB21
C:\Windows\System32\drivers\uliagpkx.sys 5EAB5117DDB24FC4D39E6FFFCF1837B9
C:\Windows\System32\drivers\umbus.sys DA34C39A18E60E7C3FA0630566408034
C:\Windows\System32\drivers\umpass.sys AE8294875E5446E359B1E8035D40C05E
C:\Windows\System32\drivers\usbccgp.sys 433ECDE01A52691FA7ACA51C10C09B70
C:\Windows\System32\drivers\usbcir.sys B3D6457D841A0CAEF4C52D88621715F2
C:\Windows\System32\drivers\usbehci.sys 5477D6E27C7D266EF8C152B9A25ADE5E
C:\Windows\System32\drivers\usbhub.sys DF56C2C04EFA328D7A66B69007130266
C:\Windows\System32\drivers\UsbHub3.sys C0E33820326199CE3CFD3B9F27F81D99
C:\Windows\System32\drivers\usbohci.sys 3019097FB6C985EF24C058090FF3BDBD
C:\Windows\System32\drivers\usbprint.sys 4D655E3B684BE9B0F7FFD8A2935C348C
C:\Windows\System32\drivers\USBSTOR.SYS B1230E9813B5C7E762DF27756AA23917
C:\Windows\System32\drivers\usbuhci.sys BA4FA655E0FC577DB7436FC963932CE4
C:\Windows\System32\Drivers\usbvideo.sys 18F744E8CCEB2670040EBAF7AD77B8C6
C:\Windows\System32\drivers\USBXHCI.SYS 3B44CB989757428208CCFCC028C13110
C:\Windows\System32\drivers\vdrvroot.sys FEB26E3B8345A7E8D62F945C4AE86562
C:\Windows\System32\drivers\VerifierExt.sys A026EDEAA5EECAE0B08E2748B616D4BD
C:\Windows\System32\drivers\vhdmp.sys 041D3EF364E624DBB2703A64A5AADF89
C:\Windows\System32\drivers\viaide.sys 06D38968028E9AB19DE9B618C7B6D199
C:\Windows\System32\drivers\vmbus.sys C6305BDFC4F7CE51F72BB072C03D4ACE
C:\Windows\System32\drivers\VMBusHID.sys DA40BEA0A863CE768C940CA9723BF81F
C:\Windows\System32\drivers\volmgr.sys 55D7D963DE85162F1C49721E502F9744
C:\Windows\System32\drivers\volmgrx.sys CCB9E901F7254BF96D28EB1B0E5329B7
C:\Windows\System32\drivers\volsnap.sys 9F9CE33B50611A1C61A46B8911E0B30B
C:\Windows\System32\drivers\vpci.sys 01355C98B5C3ED1EC446743CDA848FCE
C:\Windows\System32\drivers\vsmraid.sys 4539F45F9F4C9757A86A56C949421E07
C:\Windows\System32\drivers\vstxraid.sys 0849B7260F26FE05EA56DED0672E2F4B
C:\Windows\System32\drivers\vwifibus.sys BE970C369E43B509C1EDA2B8FA7CECB0
C:\Windows\system32\DRIVERS\vwififlt.sys 6B26AD573CCDD5209DF4397438B76354
C:\Windows\system32\DRIVERS\vwifimp.sys 0B48E0DFB44EE475F4FD8A8EE599AF30
C:\Windows\System32\drivers\wacompen.sys 0910AB9ED404C1434E2D0376C2AD5D8B
C:\Windows\system32\drivers\WdBoot.sys 694B28DE12AD47031FFB4B052662131A
C:\Windows\System32\drivers\Wdf01000.sys CB6C63FF8342B467E2EF76E98D5B934D
C:\Windows\system32\drivers\WdFilter.sys 0B99529A3BECC3528D865DDECB62503B
C:\Windows\System32\Drivers\WdNisDrv.sys 282E7D46310338FF4A6B7680440EB0DA
C:\Windows\System32\DRIVERS\wfplwfs.sys 2E3E82D7B1076B90F4E228A8EF17B261
C:\Windows\System32\drivers\wimmount.sys 867BCC69ED9C31C501465EB0E8BA9DFA
C:\Windows\System32\drivers\wmiacpi.sys 2834D9D3B4F554A39C72F00EA3F0E128
C:\Windows\System32\DRIVERS\wpcfltr.sys E746BCDBA2E02CF6B8D6B26FB167FBE0
C:\Windows\system32\drivers\ws2ifsl.sys AE072B0339D0A18E455DC21666CAD572
C:\Windows\System32\drivers\WSDPrint.sys F586F3F1BF962FE9AE4316E0D896B22F
C:\Windows\System32\drivers\WudfPf.sys 2FEAE33E9B2B56104596E1BA444405A9
C:\Windows\System32\drivers\WUDFRd.sys 19240C13F526125554B5370566F21A0A
C:\Windows\system32\DRIVERS\WUDFRd.sys 19240C13F526125554B5370566F21A0A
C:\Windows\system32\DRIVERS\WUDFRd.sys 19240C13F526125554B5370566F21A0A
|
|
28.12.2013, 20:05
| #9 |
| | Diverse Palgegeister auf meinen neuen Laptop (4 tage alt )Code:
ATTFilter ==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-16 11:36 - 2013-12-16 11:37 - 00050476 _____ C:\Users\Bernd\Downloads\FRST.txt
2013-12-16 11:36 - 2013-12-16 11:36 - 00000000 ____D C:\FRST
2013-12-16 11:32 - 2013-12-16 11:32 - 01927940 _____ (Farbar) C:\Users\Bernd\Downloads\FRST64.exe
2013-12-16 11:31 - 2013-12-16 11:31 - 00000761 _____ C:\Users\Public\Desktop\FuzeZip.lnk
2013-12-16 11:30 - 2013-12-16 11:30 - 01327776 _____ (Koyote-Lab Inc.) C:\Users\Bernd\Downloads\FuzeZipSetup-r152-w-bf.exe
2013-12-16 11:28 - 2013-12-16 11:28 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\PC Speed Maximizer
2013-12-16 11:26 - 2013-12-16 11:26 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\COMPUTERBILD-Abzockschutz
2013-12-16 11:24 - 2013-12-16 11:24 - 00001138 _____ C:\Users\Bernd\Desktop\Continue Zip Opener Installation.lnk
2013-12-16 11:23 - 2013-12-16 11:23 - 00001137 _____ C:\Users\Bernd\Desktop\PC Speed Maximizer.lnk
2013-12-16 11:23 - 2013-12-16 11:23 - 00001134 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-12-16 11:23 - 2013-12-16 11:23 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-12-16 11:23 - 2013-12-16 11:23 - 00000000 ____D C:\Program Files (x86)\PC Speed Maximizer
2013-12-16 11:23 - 2013-12-16 11:23 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-12-16 11:21 - 2013-12-16 11:22 - 00673024 _____ ( ) C:\Users\Bernd\Downloads\ZipOpenerSetup.exe
2013-12-14 20:28 - 2013-12-14 20:28 - 00003294 _____ C:\Windows\System32\Tasks\AntiBrowserSpy - SocialBlock - IEProxyCheck
2013-12-14 20:28 - 2013-12-14 20:28 - 00003162 _____ C:\Windows\System32\Tasks\AntiBrowserSpy - SocialBlock - IE
2013-12-14 20:23 - 2013-12-14 20:24 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\vlc
2013-12-14 20:23 - 2013-12-14 20:23 - 00001090 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-14 20:22 - 2013-12-14 20:22 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-12-14 20:19 - 2013-12-14 20:19 - 00001099 _____ C:\Users\Public\Desktop\AntiBrowserSpy.lnk
2013-12-14 20:19 - 2013-12-14 20:19 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Abelssoft
2013-12-14 20:19 - 2013-12-14 20:19 - 00000000 ____D C:\Users\Bernd\AppData\Local\Abelssoft
2013-12-14 20:19 - 2013-12-14 20:19 - 00000000 ____D C:\ProgramData\XDMessagingv4
2013-12-14 20:19 - 2013-12-14 20:19 - 00000000 ____D C:\Program Files (x86)\COMPUTERBILD-Abzockschutz
2013-12-14 20:18 - 2013-12-14 20:28 - 00000000 ____D C:\Program Files (x86)\AntiBrowserSpy
2013-12-14 18:58 - 2013-12-14 18:58 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\OpenOffice
2013-12-14 18:23 - 2013-12-14 18:23 - 00000000 ____D C:\Users\Bernd\Documents\Symantec
2013-12-14 18:18 - 2013-12-14 18:18 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security CBE
2013-12-14 18:16 - 2013-12-14 18:16 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2013-12-14 18:16 - 2013-12-14 18:16 - 00008222 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2013-12-14 18:16 - 2013-12-14 18:16 - 00003244 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-12-14 18:16 - 2013-12-14 18:16 - 00002656 _____ C:\Users\Public\Desktop\Norton Internet Security CBE.lnk
2013-12-14 18:16 - 2013-12-14 18:16 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-12-14 18:15 - 2013-12-14 18:17 - 00000000 ____D C:\ProgramData\Norton
2013-12-14 18:15 - 2013-12-14 18:15 - 00000000 ____D C:\Windows\system32\Drivers\NISx64
2013-12-14 18:15 - 2013-12-14 18:15 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security CBE
2013-12-14 18:05 - 2013-12-16 10:12 - 00000286 _____ C:\Windows\Tasks\SpeedUpMyPC.job
2013-12-14 18:05 - 2013-12-16 10:09 - 00001312 _____ C:\Windows\Tasks\Feven 1.5-updater.job
2013-12-14 18:05 - 2013-12-16 10:09 - 00001214 _____ C:\Windows\Tasks\Feven 1.5-codedownloader.job
2013-12-14 18:05 - 2013-12-16 10:09 - 00001114 _____ C:\Windows\Tasks\Feven 1.5-enabler.job
2013-12-14 18:05 - 2013-12-16 10:09 - 00000364 _____ C:\Windows\Tasks\spmonitor.job
2013-12-14 18:05 - 2013-12-14 18:05 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00377856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2013-12-14 18:05 - 2013-12-14 18:05 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2013-12-14 18:05 - 2013-12-14 18:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2013-12-14 18:05 - 2013-12-14 18:05 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00004316 _____ C:\Windows\System32\Tasks\Feven 1.5-updater
2013-12-14 18:05 - 2013-12-14 18:05 - 00004218 _____ C:\Windows\System32\Tasks\Feven 1.5-codedownloader
2013-12-14 18:05 - 2013-12-14 18:05 - 00004118 _____ C:\Windows\System32\Tasks\Feven 1.5-enabler
2013-12-14 18:05 - 2013-12-14 18:05 - 00002518 _____ C:\Windows\System32\Tasks\spmonitor
2013-12-14 18:05 - 2013-12-14 18:05 - 00002508 _____ C:\Windows\System32\Tasks\SpeedUpMyPC
2013-12-14 18:05 - 2013-12-14 18:05 - 00001150 _____ C:\Users\Public\Desktop\SpeedUpMyPC.lnk
2013-12-14 18:05 - 2013-12-14 18:05 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Uniblue
2013-12-14 18:05 - 2013-12-14 18:05 - 00000000 ____D C:\Program Files (x86)\Uniblue
2013-12-14 18:04 - 2013-12-16 10:09 - 00002026 _____ C:\Windows\Tasks\Feven 1.5-firefoxinstaller.job
2013-12-14 18:04 - 2013-12-16 10:09 - 00001954 _____ C:\Windows\Tasks\Feven 1.5-chromeinstaller.job
2013-12-14 18:04 - 2013-12-14 18:05 - 00000000 ____D C:\Program Files (x86)\Feven 1.5
2013-12-14 18:03 - 2013-12-14 18:03 - 00519600 _____ C:\Users\Bernd\Downloads\PluginV2(1).exe
2013-12-14 17:56 - 2013-12-14 17:56 - 04344096 _____ (Engelmann Media) C:\Users\Bernd\Downloads\win8starter.exe
2013-12-14 17:56 - 2013-12-14 17:56 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Engelmann Media
2013-12-14 17:56 - 2013-12-14 17:56 - 00000000 ____D C:\Program Files (x86)\Engelmann Media
2013-12-14 17:54 - 2013-12-14 17:54 - 00001132 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2013-12-14 17:53 - 2013-12-14 17:53 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-12-14 17:49 - 2013-12-14 17:49 - 00000000 ____D C:\Users\Bernd\Desktop\OpenOffice 4.0.1 (de) Installation Files
2013-12-14 17:40 - 2013-12-14 17:48 - 163606685 _____ C:\Users\Bernd\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2013-12-14 14:53 - 2013-12-14 20:44 - 00001094 _____ C:\Users\privat\daemonprocess.txt
2013-12-14 14:53 - 2013-12-14 14:53 - 00000000 ____D C:\Users\privat\AppData\Roaming\Iminent
2013-12-13 23:52 - 2013-12-13 23:52 - 00003628 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z
2013-12-13 23:51 - 2013-12-13 23:51 - 00002272 _____ C:\Users\Public\Desktop\HP Officejet 6500 E710n-z.lnk
2013-12-13 23:51 - 2013-12-13 23:51 - 00001204 _____ C:\Users\Public\Desktop\Shop für Zubehör - HP Officejet 6500 E710n-z.lnk
2013-12-13 23:51 - 2013-12-13 23:51 - 00000057 _____ C:\ProgramData\Ament.ini
2013-12-13 23:51 - 2013-12-13 23:51 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\HpUpdate
2013-12-13 23:51 - 2013-12-13 23:51 - 00000000 ____D C:\Program Files\HP
2013-12-13 23:51 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM5412.dll
2013-12-13 23:50 - 2013-12-13 23:54 - 00000000 ____D C:\Users\Bernd\AppData\Local\HP
2013-12-13 23:04 - 2013-12-13 23:04 - 00000000 ____D C:\Users\Bernd\Documents\Optimizer Pro
2013-12-13 23:04 - 2013-12-13 23:04 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Optimizer Pro
2013-12-13 23:02 - 2013-12-13 23:52 - 00000000 ____D C:\Program Files (x86)\HP
2013-12-13 23:02 - 2013-12-13 23:02 - 00000000 ____D C:\Users\Bernd\Desktop\HP
2013-12-13 23:02 - 2013-12-13 23:02 - 00000000 ____D C:\ProgramData\Apple
2013-12-13 23:02 - 2013-12-13 23:02 - 00000000 ____D C:\Program Files\Bonjour
2013-12-13 23:02 - 2013-12-13 23:02 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-12-13 23:02 - 2013-08-09 16:44 - 00226816 _____ (Hewlett-Packard) C:\Windows\system32\hpbprtmonui.dll
2013-12-13 23:02 - 2013-08-09 16:43 - 00424960 _____ (Hewlett-Packard) C:\Windows\system32\hpbrprtmon.dll
2013-12-13 23:02 - 2013-08-09 16:42 - 00404992 _____ (Hewlett-Packard) C:\Windows\system32\hpbprtmon.dll
2013-12-13 23:01 - 2013-12-13 23:51 - 00000000 ____D C:\ProgramData\HP
2013-12-13 22:59 - 2013-12-13 23:00 - 00000000 ____D C:\HP_ePrint
2013-12-13 22:59 - 2013-12-13 22:59 - 00001082 _____ C:\Users\Bernd\Desktop\Optimizer Pro.lnk
2013-12-13 22:58 - 2013-12-14 18:58 - 00000316 _____ C:\Windows\Tasks\FoxTab.job
2013-12-13 22:58 - 2013-12-13 22:59 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-12-13 22:58 - 2013-12-13 22:58 - 00002654 _____ C:\Windows\System32\Tasks\FoxTab
2013-12-13 22:58 - 2013-12-13 22:58 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\FoxTab
2013-12-13 22:58 - 2013-12-13 22:58 - 00000000 ____D C:\Users\Bernd\AppData\Local\Macromedia
2013-12-13 22:57 - 2013-12-16 11:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-13 22:57 - 2013-12-13 22:58 - 00000000 ____D C:\Program Files (x86)\Foxtab
2013-12-13 22:57 - 2013-12-13 22:57 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-13 22:57 - 2013-12-13 22:57 - 00001054 _____ C:\Users\Public\Desktop\FlvPlayer.lnk
2013-12-13 22:57 - 2013-12-13 22:57 - 00000000 ____D C:\Program Files (x86)\FlvPlayer
2013-12-13 22:55 - 2013-12-13 22:55 - 01135368 _____ C:\Users\Bernd\Downloads\FlvPlayerSetup.exe
2013-12-13 22:54 - 2013-12-13 23:03 - 00000000 ____D C:\Users\Bernd\AppData\Local\Adobe
2013-12-13 22:49 - 2013-12-13 23:38 - 122662720 _____ C:\Users\Bernd\Downloads\OJ6500_E710n-z_1315.exe
2013-12-13 22:49 - 2013-12-13 22:56 - 58738880 _____ C:\Users\Bernd\Downloads\HP-ePrint-win-4.5.52.12202.exe
2013-12-13 22:26 - 2013-12-13 22:26 - 01070944 _____ (Solid State Networks) C:\Users\Bernd\Downloads\install_flashplayer11x32_mssa_aaa_aih.exe
2013-12-13 22:19 - 2013-12-13 22:19 - 00000000 ____D C:\Users\Bernd\AppData\Local\Google
2013-12-13 22:18 - 2013-12-14 18:57 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Windows Net Data
2013-12-13 22:18 - 2013-12-13 22:18 - 00000187 _____ C:\Users\Bernd\Desktop\Amazon.de.url
2013-12-13 22:18 - 2013-12-13 22:18 - 00000000 ____D C:\Users\Bernd\ChromeExtensions
2013-12-13 22:18 - 2013-12-13 22:18 - 00000000 ____D C:\Users\Bernd\AppData\Local\Tempdc71c953596ad56fbce35f696e89e674
2013-12-13 22:18 - 2013-12-13 22:18 - 00000000 ____D C:\Users\Bernd\AppData\Local\Tempb2801231ea6512ca85d005e5f1de0ecf
2013-12-13 22:18 - 2013-12-13 22:18 - 00000000 ____D C:\Users\Bernd\AppData\Local\Temp3598df397e6cc537d15e0423fa2e4b7b
2013-12-13 22:16 - 2013-12-13 22:16 - 00943872 _____ C:\Users\Bernd\Downloads\Mozilla-Firefox--Setup.exe
2013-12-13 22:08 - 2013-12-13 22:08 - 00519600 _____ C:\Users\Bernd\Downloads\PluginV2.exe
2013-12-13 22:07 - 2013-12-13 22:07 - 00000000 ____D C:\ProgramData\WPM
2013-12-13 22:04 - 2013-12-13 22:05 - 00960096 _____ (Firefox) C:\Users\Bernd\Downloads\FirefoxSetup(1).exe
2013-12-13 21:58 - 2013-12-13 21:58 - 00001607 _____ C:\Users\Bernd\Desktop\Continue Firefox.lnk
2013-12-13 21:54 - 2013-12-16 10:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-13 21:54 - 2013-12-13 22:20 - 00001167 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-13 21:54 - 2013-12-13 22:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-13 21:54 - 2013-12-13 21:57 - 00000000 ____D C:\Users\Bernd\AppData\Local\Mozilla
2013-12-13 21:54 - 2013-12-13 21:55 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Mozilla
2013-12-13 21:54 - 2013-12-13 21:54 - 00000635 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-12-13 21:54 - 2013-12-13 21:54 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Iminent
2013-12-13 21:54 - 2013-12-13 21:54 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-13 21:54 - 2013-12-13 21:54 - 00000000 ____D C:\ProgramData\Iminent
2013-12-13 21:54 - 2013-12-13 21:54 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-12-13 21:50 - 2013-12-13 21:50 - 00000000 ____D C:\Users\Bernd\Qtrax
2013-12-13 21:49 - 2013-12-16 11:02 - 00000752 _____ C:\Users\Bernd\daemonprocess.txt
2013-12-13 21:49 - 2013-12-16 10:11 - 00003120 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-12-13 21:49 - 2013-12-14 19:27 - 00000000 ____D C:\Program Files (x86)\Advanced System Protector
2013-12-13 21:49 - 2013-12-14 17:46 - 00000000 ____D C:\Users\Bernd\AppData\Local\Mobogenie
2013-12-13 21:49 - 2013-12-13 22:06 - 00000000 ____D C:\Users\Bernd\AppData\Local\cache
2013-12-13 21:49 - 2013-12-13 21:49 - 00960096 _____ (Firefox) C:\Users\Bernd\Downloads\FirefoxSetup.exe
2013-12-13 21:49 - 2013-12-13 21:49 - 00001221 _____ C:\Users\Public\Desktop\Advanced System Protector.lnk
2013-12-13 21:49 - 2013-12-13 21:49 - 00001039 _____ C:\Users\Bernd\Desktop\Mobogenie.lnk
2013-12-13 21:49 - 2013-12-13 21:49 - 00000000 ____D C:\Users\Bernd\Documents\Mobogenie
2013-12-13 21:49 - 2013-12-13 21:49 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2013-12-13 21:49 - 2013-12-13 21:49 - 00000000 ____D C:\ProgramData\Systweak
2013-12-13 21:49 - 2012-07-25 12:03 - 00016896 _____ C:\Windows\system32\sasnative64.exe
2013-12-13 21:48 - 2013-12-13 22:06 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2013-12-13 21:47 - 2013-12-16 10:08 - 00000312 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2013-12-13 21:47 - 2013-12-14 18:52 - 00003108 _____ C:\Windows\System32\Tasks\RegClean Pro
2013-12-13 21:47 - 2013-12-14 15:01 - 00000304 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-12-13 21:47 - 2013-12-13 21:49 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Systweak
2013-12-13 21:47 - 2013-12-13 21:47 - 00003044 _____ C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2013-12-13 21:47 - 2013-12-13 21:47 - 00002888 _____ C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2013-12-13 21:47 - 2013-12-13 21:47 - 00001070 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-12-13 21:47 - 2013-12-13 21:47 - 00000000 ____D C:\Program Files (x86)\PricePeep
2013-12-13 21:47 - 2013-07-11 13:49 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2013-12-13 21:46 - 2013-12-14 18:53 - 00000000 ____D C:\Program Files (x86)\RegClean Pro
2013-12-13 21:37 - 2013-12-13 21:37 - 00003560 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-12-13 21:33 - 2013-12-13 21:37 - 00000000 ___RD C:\Windows\BrowserChoice
2013-12-13 20:59 - 2013-12-13 21:16 - 00000000 ____D C:\Windows\system32\MRT
2013-12-13 20:45 - 2013-10-22 09:18 - 01287064 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-12-13 20:45 - 2013-10-22 08:55 - 02328872 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-12-13 20:45 - 2013-10-22 07:03 - 02065448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-12-13 20:45 - 2013-10-22 03:07 - 02617344 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-13 20:45 - 2013-10-22 02:53 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2013-12-13 20:45 - 2013-10-19 09:51 - 00481392 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2013-12-13 20:45 - 2013-10-17 16:42 - 01399176 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2013-12-13 20:45 - 2013-10-17 16:42 - 01373872 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2013-12-13 20:45 - 2013-10-13 03:43 - 00708616 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2013-12-13 20:45 - 2013-10-10 17:23 - 03395920 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2013-12-13 20:45 - 2013-10-08 11:13 - 02551640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-12-13 20:45 - 2013-10-08 06:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2013-12-13 20:45 - 2013-10-07 03:13 - 03532288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-12-13 20:45 - 2013-10-05 10:18 - 01011712 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2013-12-13 20:45 - 2013-10-05 08:39 - 06639616 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-12-13 20:45 - 2013-10-05 08:32 - 05769728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-12-13 20:45 - 2013-09-17 10:06 - 01067080 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-12-13 20:45 - 2013-09-17 07:31 - 00883184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-12-13 20:45 - 2013-09-14 15:07 - 02134120 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2013-12-13 20:45 - 2013-09-14 13:39 - 01799944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2013-12-13 20:45 - 2013-09-10 06:26 - 04599808 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-12-13 20:44 - 2013-11-08 05:28 - 13177344 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-12-13 20:44 - 2013-10-23 12:29 - 00044936 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2013-12-13 20:44 - 2013-10-23 12:21 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-13 20:44 - 2013-10-23 12:13 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_8086.dll
2013-12-13 20:44 - 2013-10-22 06:15 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2013-12-13 20:44 - 2013-10-22 05:04 - 00618496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2013-12-13 20:44 - 2013-10-22 05:02 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-12-13 20:44 - 2013-10-22 04:56 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2013-12-13 20:44 - 2013-10-22 04:44 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2013-12-13 20:44 - 2013-10-22 03:38 - 01362944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2013-12-13 20:44 - 2013-10-22 03:22 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-12-13 20:44 - 2013-10-22 03:13 - 01704448 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-12-13 20:44 - 2013-10-22 02:47 - 02295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-12-13 20:44 - 2013-10-19 08:12 - 00380656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2013-12-13 20:44 - 2013-10-19 06:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-13 20:44 - 2013-10-19 05:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2013-12-13 20:44 - 2013-10-19 05:03 - 00531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2013-12-13 20:44 - 2013-10-19 04:26 - 01231360 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2013-12-13 20:44 - 2013-10-19 04:14 - 00888832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2013-12-13 20:44 - 2013-10-17 15:04 - 01204968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2013-12-13 20:44 - 2013-10-16 10:34 - 00518656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2013-12-13 20:44 - 2013-10-16 10:33 - 00631296 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2013-12-13 20:44 - 2013-10-13 04:06 - 00258904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2013-12-13 20:44 - 2013-10-11 14:24 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2013-12-13 20:44 - 2013-10-11 14:03 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2013-12-13 20:44 - 2013-10-10 17:44 - 00031064 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2013-12-13 20:44 - 2013-10-10 17:26 - 00317616 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-12-13 20:44 - 2013-10-10 17:26 - 00104320 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2013-12-13 20:44 - 2013-10-10 15:53 - 00235960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-12-13 20:44 - 2013-10-10 15:53 - 00088272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2013-12-13 20:44 - 2013-10-10 12:53 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2013-12-13 20:44 - 2013-10-10 12:38 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2013-12-13 20:44 - 2013-10-10 12:21 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2013-12-13 20:44 - 2013-10-09 06:40 - 00385528 _____ C:\Windows\system32\ApnDatabase.xml
2013-12-13 20:44 - 2013-10-08 11:28 - 00523096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2013-12-13 20:44 - 2013-10-08 07:46 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2013-12-13 20:44 - 2013-10-08 06:58 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2013-12-13 20:44 - 2013-10-08 06:50 - 00656384 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2013-12-13 20:44 - 2013-10-08 06:48 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2013-12-13 20:44 - 2013-10-08 06:15 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2013-12-13 20:44 - 2013-10-08 05:50 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-12-13 20:44 - 2013-10-08 05:50 - 00762368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2013-12-13 20:44 - 2013-10-07 08:21 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-12-13 20:44 - 2013-10-05 16:25 - 00057176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2013-12-13 20:44 - 2013-10-05 15:21 - 00699840 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-12-13 20:44 - 2013-10-05 13:05 - 00578952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-12-13 20:44 - 2013-10-05 12:01 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2013-12-13 20:44 - 2013-10-05 12:01 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2013-12-13 20:44 - 2013-10-05 12:00 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2013-12-13 20:44 - 2013-10-05 10:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-12-13 20:44 - 2013-10-05 10:07 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-12-13 20:44 - 2013-10-05 09:56 - 01147904 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2013-12-13 20:44 - 2013-10-05 09:55 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\miutils.dll
2013-12-13 20:44 - 2013-10-05 09:40 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2013-12-13 20:44 - 2013-10-05 09:24 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miutils.dll
2013-12-13 20:44 - 2013-10-05 09:21 - 00920064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2013-12-13 20:44 - 2013-10-05 09:15 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2013-12-13 20:44 - 2013-10-05 08:43 - 00578560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-12-13 20:44 - 2013-10-05 08:35 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-12-13 20:44 - 2013-10-04 09:10 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2013-12-13 20:44 - 2013-09-19 06:04 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2013-12-13 20:44 - 2013-09-17 10:06 - 00465960 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2013-12-13 20:44 - 2013-09-17 07:31 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2013-12-13 20:44 - 2013-09-17 05:37 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2013-12-13 20:44 - 2013-09-14 15:00 - 00391512 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2013-12-13 20:44 - 2013-09-14 13:33 - 00345552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2013-12-13 20:44 - 2013-09-14 11:05 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2013-12-13 20:44 - 2013-09-14 10:11 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2013-12-13 20:44 - 2013-09-13 09:22 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2013-12-13 20:44 - 2013-09-13 08:47 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2013-12-13 20:44 - 2013-09-12 09:45 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2013-12-13 20:44 - 2013-09-12 09:08 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2013-12-13 20:44 - 2013-09-12 09:08 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2013-12-13 20:44 - 2013-09-12 09:02 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2013-12-13 20:44 - 2013-09-12 08:44 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2013-12-13 20:44 - 2013-09-12 08:37 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2013-12-13 20:44 - 2013-09-12 08:37 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2013-12-13 20:44 - 2013-09-12 08:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2013-12-13 20:44 - 2013-09-12 08:16 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2013-12-13 20:44 - 2013-09-12 08:01 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2013-12-13 20:44 - 2013-09-10 05:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\msched.dll
2013-12-13 20:44 - 2013-09-10 05:34 - 03934208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-12-13 20:43 - 2013-11-12 00:41 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-13 20:43 - 2013-11-12 00:40 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-13 20:43 - 2013-11-12 00:27 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-12-13 20:43 - 2013-11-12 00:24 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-12-13 20:43 - 2013-11-11 03:48 - 00039768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2013-12-13 20:43 - 2013-11-09 12:55 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-12-13 20:43 - 2013-11-09 07:37 - 01756160 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2013-12-13 20:43 - 2013-11-09 06:56 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2013-12-13 20:43 - 2013-11-08 11:26 - 00358896 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2013-12-13 20:43 - 2013-11-08 05:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2013-12-13 20:43 - 2013-11-08 05:26 - 11674624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-12-13 20:43 - 2013-11-08 05:16 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2013-12-13 20:43 - 2013-11-08 05:15 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2013-12-13 20:43 - 2013-11-08 05:07 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2013-12-13 20:43 - 2013-11-08 04:41 - 01302528 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2013-12-13 20:43 - 2013-11-08 04:14 - 00922624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2013-12-13 20:43 - 2013-11-05 21:21 - 21196664 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-12-13 20:43 - 2013-11-05 17:11 - 18577408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-12-13 20:43 - 2013-11-05 15:19 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2013-12-13 20:43 - 2013-11-05 15:03 - 00637952 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2013-12-13 20:43 - 2013-11-05 14:57 - 00479744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2013-12-13 20:43 - 2013-11-05 14:33 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2013-12-13 20:43 - 2013-11-05 14:32 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2013-12-13 20:43 - 2013-11-04 18:13 - 01530200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-12-13 20:43 - 2013-11-04 18:13 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-12-13 20:43 - 2013-11-04 14:07 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2013-12-13 20:43 - 2013-11-04 12:50 - 02143744 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-12-13 20:43 - 2013-11-04 11:32 - 02570240 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2013-12-13 20:43 - 2013-11-04 03:28 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2013-12-13 20:43 - 2013-11-04 02:30 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-12-13 20:43 - 2013-11-01 12:39 - 00086872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2013-12-13 20:43 - 2013-11-01 07:08 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2013-12-13 20:43 - 2013-11-01 06:57 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2013-12-13 20:43 - 2013-10-31 01:58 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-12-13 20:43 - 2013-10-31 01:42 - 07399256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-12-13 20:43 - 2013-10-31 01:33 - 01642016 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-12-13 20:43 - 2013-10-31 01:33 - 01506680 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-12-13 20:43 - 2013-10-31 01:33 - 01476184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-12-13 20:43 - 2013-10-31 01:33 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-12-13 20:43 - 2013-10-26 02:54 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SerCx2.sys
2013-12-13 20:43 - 2013-10-24 10:31 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2013-12-13 20:43 - 2013-10-24 10:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2013-12-13 20:43 - 2013-10-17 12:21 - 02896896 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-12-13 20:43 - 2013-10-17 11:36 - 02266624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-12-13 20:43 - 2013-10-10 12:26 - 02801664 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2013-12-13 20:43 - 2013-10-10 12:05 - 01019392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2013-12-13 20:43 - 2013-10-10 11:34 - 01085952 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2013-12-13 20:43 - 2013-10-10 11:27 - 00869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2013-12-13 20:43 - 2013-10-05 15:21 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-12-13 20:43 - 2013-10-05 15:21 - 00516496 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-12-13 20:43 - 2013-10-05 13:05 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-12-13 20:43 - 2013-10-05 13:05 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-12-13 20:42 - 2013-11-05 19:51 - 18642504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-12-13 20:42 - 2013-11-05 17:20 - 13925888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-12-12 21:54 - 2013-10-03 10:16 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2013-12-12 21:54 - 2013-10-03 10:02 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2013-12-12 21:54 - 2013-10-02 12:00 - 01286552 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2013-12-12 21:54 - 2013-10-02 10:47 - 01018960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-12-12 21:54 - 2013-10-01 04:42 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2013-12-12 21:54 - 2013-10-01 04:36 - 00977408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2013-12-12 21:53 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 21:53 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 21:53 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 21:53 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 21:53 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 21:53 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 21:53 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 21:53 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 21:53 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 21:53 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 21:53 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 21:53 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 21:53 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 21:53 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 21:53 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 21:53 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 21:53 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 21:53 - 2013-11-23 05:34 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 21:53 - 2013-11-23 05:13 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 21:53 - 2013-11-23 04:32 - 04105728 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2013-12-12 21:53 - 2013-11-23 04:10 - 00568832 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2013-12-12 21:53 - 2013-10-23 12:01 - 00872840 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2013-12-12 21:53 - 2013-10-23 09:59 - 00698232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2013-12-12 21:53 - 2013-10-19 09:53 - 00075360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 21:53 - 2013-10-19 08:14 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 21:53 - 2013-10-15 09:54 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 21:53 - 2013-10-15 09:03 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 21:53 - 2013-10-13 03:48 - 00136536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-12-12 21:53 - 2013-10-12 22:48 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-12-12 21:53 - 2013-10-12 22:34 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-12-12 21:53 - 2013-10-05 15:21 - 01341288 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-12-12 21:53 - 2013-10-05 09:39 - 01067008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-12-12 21:52 - 2013-11-09 07:34 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2013-12-12 21:52 - 2013-11-09 07:34 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2013-12-12 21:52 - 2013-11-09 06:52 - 00240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2013-12-12 21:52 - 2013-11-08 08:21 - 04191744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 21:52 - 2013-10-16 16:58 - 01943536 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-12-12 21:52 - 2013-10-16 14:54 - 01581968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-12-12 20:45 - 2013-12-12 20:45 - 00000000 ____D C:\Users\privat\AppData\Local\SearchProtect
2013-12-12 20:39 - 2013-12-16 10:11 - 00000000 ___RD C:\Users\Bernd\Dropbox
2013-12-12 20:39 - 2013-12-12 20:39 - 00001055 _____ C:\Users\Bernd\Desktop\Dropbox.lnk
2013-12-12 20:34 - 2013-12-12 20:34 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-12-12 20:33 - 2013-12-16 10:11 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Dropbox
2013-12-12 20:23 - 2013-12-12 20:24 - 00000000 ____D C:\Users\Bernd\AppData\Local\SearchProtect
2013-12-12 20:23 - 2013-12-12 20:24 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-12-12 20:23 - 2013-12-12 20:23 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
2013-12-12 20:23 - 2013-12-12 20:23 - 00000000 ____D C:\Program Files (x86)\Wajam
2013-12-12 20:22 - 2013-12-16 10:12 - 00000426 _____ C:\Windows\Tasks\ViewPassword Update.job
2013-12-12 20:22 - 2013-12-14 18:32 - 00000000 ____D C:\Users\Bernd\AppData\Local\Lollipop
2013-12-12 20:22 - 2013-12-12 20:22 - 00003066 _____ C:\Windows\System32\Tasks\ViewPassword Update
2013-12-12 20:22 - 2013-12-12 20:22 - 00000000 ____D C:\Program Files (x86)\ViewPassword
2013-12-12 20:21 - 2013-12-14 19:27 - 00000000 ____D C:\Program Files (x86)\Browsersafeguard
2013-12-12 20:21 - 2013-12-12 20:21 - 00003868 _____ C:\Windows\System32\Tasks\BrowserSafeguard Update Task
2013-12-12 20:20 - 2013-12-16 10:09 - 00001324 _____ C:\Windows\Tasks\Plus-HD-2.5-updater.job
2013-12-12 20:20 - 2013-12-12 20:20 - 00004328 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-updater
2013-12-12 20:20 - 2013-12-12 20:20 - 00000000 ____D C:\Users\Bernd\AppData\Local\VisualBeeClient
2013-12-12 20:19 - 2013-12-16 10:09 - 00001934 _____ C:\Windows\Tasks\Plus-HD-2.5-chromeinstaller.job
2013-12-12 20:19 - 2013-12-16 10:09 - 00001226 _____ C:\Windows\Tasks\Plus-HD-2.5-codedownloader.job
2013-12-12 20:19 - 2013-12-16 10:09 - 00001126 _____ C:\Windows\Tasks\Plus-HD-2.5-enabler.job
2013-12-12 20:19 - 2013-12-12 20:20 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.5
2013-12-12 20:19 - 2013-12-12 20:19 - 00004230 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-codedownloader
2013-12-12 20:19 - 2013-12-12 20:19 - 00004130 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-enabler
2013-12-12 20:19 - 2013-12-12 20:19 - 00000000 ____D C:\Users\Bernd\AppData\Local\VisualBeeExe
2013-12-12 20:18 - 2013-12-12 20:19 - 00000000 ____D C:\ProgramData\VisualBee
2013-12-12 20:18 - 2013-12-12 20:18 - 00001224 _____ C:\Users\Bernd\Desktop\Create Amazing Presentations.lnk
2013-12-12 20:18 - 2013-12-12 20:18 - 00001224 _____ C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
2013-12-12 20:18 - 2013-12-12 20:18 - 00000000 ____D C:\Users\Bernd\AppData\Local\emaze
2013-12-12 20:17 - 2013-12-13 21:49 - 00001107 _____ C:\Users\Bernd\Desktop\MyPC Backup.lnk
2013-12-12 20:17 - 2013-12-13 21:49 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-12-12 20:17 - 2013-12-12 20:17 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-12-12 20:16 - 2013-12-14 19:27 - 00000000 ____D C:\Program Files (x86)\Spring Smart
2013-12-12 20:16 - 2013-12-13 22:06 - 00002365 _____ C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-12-12 20:16 - 2013-12-13 22:06 - 00002267 _____ C:\Users\Bernd\Desktop\Search.lnk
2013-12-12 20:15 - 2013-12-12 20:16 - 00000000 ____D C:\Users\Bernd\AppData\Local\Smartbar
2013-12-12 20:13 - 2013-12-12 20:13 - 02412840 _____ (Premium Installer ) C:\Users\Bernd\Downloads\Setup.exe
2013-12-12 20:12 - 2013-12-12 20:12 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Macromedia
2013-12-12 19:24 - 2013-12-14 19:28 - 00000000 ____D C:\Program Files (x86)\1und1Softwareaktualisierung
2013-12-12 19:24 - 2013-12-12 19:24 - 00003882 _____ C:\Windows\System32\Tasks\Registration 1und1 Task
2013-12-12 19:24 - 2013-12-12 19:24 - 00000000 ____D C:\ProgramData\UUdb
2013-12-12 19:24 - 2013-12-12 19:24 - 00000000 ____D C:\ProgramData\1&1 Mail & Media GmbH
2013-12-12 19:24 - 2013-12-12 19:24 - 00000000 ____D C:\Program Files\WEB.DE MailCheck
2013-12-12 19:24 - 2013-12-12 19:24 - 00000000 ____D C:\Program Files (x86)\WEB.DE MailCheck
2013-12-12 18:35 - 2013-12-13 22:06 - 00002136 _____ C:\Users\Bernd\Desktop\Amazon.lnk
2013-12-12 18:35 - 2013-12-13 22:06 - 00002134 _____ C:\Users\Bernd\Desktop\WEB.DE.lnk
2013-12-12 18:35 - 2013-12-13 22:06 - 00002132 _____ C:\Users\Bernd\Desktop\eBay.lnk
2013-12-12 18:35 - 2013-12-12 18:35 - 00000000 ____D C:\ProgramData\DesktopIcons
2013-12-12 18:03 - 2013-12-14 15:52 - 00000000 __RDO C:\Users\privat\SkyDrive
2013-12-12 17:36 - 2013-12-12 17:36 - 00000000 ____D C:\Users\privat\AppData\Roaming\Macromedia
2013-12-12 17:25 - 2013-12-14 14:55 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B35484AC-E1DA-40F6-BF84-2BF4FDB0D66E}
2013-12-12 16:36 - 2013-12-14 20:24 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3793513485-3065062101-2964870661-1002
2013-12-12 16:32 - 2013-12-14 15:52 - 00000000 ____D C:\Users\privat\Documents\Youcam
2013-12-12 16:32 - 2013-12-12 16:32 - 00000000 ____D C:\Users\privat\AppData\Local\CyberLink
2013-12-12 16:31 - 2013-12-14 14:53 - 00000000 ___RD C:\Users\privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-12 16:31 - 2013-12-14 14:53 - 00000000 ___RD C:\Users\privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-12 16:31 - 2013-12-12 16:31 - 00000000 ____D C:\Users\privat\AppData\Local\Power2Go8
2013-12-12 16:30 - 2013-12-14 20:44 - 00015217 _____ C:\Users\privat\AppData\Local\BTServer.log
2013-12-12 16:30 - 2013-12-14 14:53 - 00000000 ____D C:\Users\privat\AppData\Local\Packages
2013-12-12 16:30 - 2013-12-14 14:53 - 00000000 ____D C:\Users\privat
2013-12-12 16:30 - 2013-12-12 16:30 - 00001458 _____ C:\Users\privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-12 16:30 - 2013-12-12 16:30 - 00000020 ___SH C:\Users\privat\ntuser.ini
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\Vorlagen
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\Startmenü
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\Netzwerkumgebung
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\Lokale Einstellungen
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\Eigene Dateien
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\Druckumgebung
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\Documents\Eigene Musik
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\Documents\Eigene Bilder
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\AppData\Local\Verlauf
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\AppData\Local\Anwendungsdaten
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\Anwendungsdaten
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 ____D C:\Users\privat\Documents\My Bluetooth
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 ____D C:\Users\privat\AppData\Roaming\Adobe
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 ____D C:\Users\privat\AppData\Local\VirtualStore
2013-12-12 16:30 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-12 16:30 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-12 16:30 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-12 16:30 - 2013-08-22 16:36 - 00000000 ____D C:\Users\privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-12 16:30 - 2012-08-11 05:25 - 00001193 _____ C:\Users\privat\Desktop\ALDI Foto.lnk
2013-12-12 16:30 - 2012-08-11 05:20 - 00001251 _____ C:\Users\privat\Desktop\Medion Services.lnk
2013-12-12 16:30 - 2012-08-05 13:08 - 00001809 _____ C:\Users\privat\Desktop\ALDI Talk.lnk
2013-12-12 16:30 - 2012-08-05 13:08 - 00001093 _____ C:\Users\privat\Desktop\ALDI Nord Reisen.lnk
2013-12-12 16:30 - 2012-08-05 13:08 - 00001037 _____ C:\Users\privat\Desktop\ALDI Nord Startseite.lnk
2013-12-12 16:30 - 2012-08-05 12:39 - 00001893 _____ C:\Users\privat\Desktop\ALDI Nord Blumen Service.lnk
2013-12-12 16:19 - 2013-12-12 16:19 - 00000000 ____D C:\Users\Bernd\Documents\CyberLink
2013-12-12 16:19 - 2013-12-12 16:19 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\CyberLink
2013-12-12 15:53 - 2013-12-16 11:03 - 00003950 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{72052607-CF90-47BF-B528-3B605F4E2372}
2013-12-12 15:51 - 2013-12-16 11:28 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3793513485-3065062101-2964870661-1001
2013-12-12 15:49 - 2013-12-16 10:11 - 00000000 __RDO C:\Users\Bernd\SkyDrive
2013-12-12 15:47 - 2013-12-16 10:11 - 00000000 ____D C:\Users\Bernd\Documents\Youcam
2013-12-12 15:47 - 2013-12-12 15:47 - 00000000 ____D C:\Users\Bernd\AppData\Local\Power2Go8
2013-12-12 15:47 - 2013-12-12 15:47 - 00000000 ____D C:\Users\Bernd\AppData\Local\CyberLink
2013-12-12 15:46 - 2013-12-16 11:02 - 00036896 _____ C:\Users\Bernd\AppData\Local\BTServer.log
2013-12-12 15:46 - 2013-12-13 23:02 - 00000000 ___RD C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-12 15:46 - 2013-12-13 22:06 - 00002135 _____ C:\Users\Bernd\Desktop\ALDI Nord Blumen Service.lnk
2013-12-12 15:46 - 2013-12-13 22:06 - 00002065 _____ C:\Users\Bernd\Desktop\ALDI Talk.lnk
2013-12-12 15:46 - 2013-12-13 22:06 - 00002057 _____ C:\Users\Public\Desktop\eBay.lnk
2013-12-12 15:46 - 2013-12-13 22:06 - 00001660 _____ C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-12 15:46 - 2013-12-13 22:06 - 00001329 _____ C:\Users\Bernd\Desktop\ALDI Nord Reisen.lnk
2013-12-12 15:46 - 2013-12-13 22:06 - 00001297 _____ C:\Users\Bernd\Desktop\ALDI Nord Startseite.lnk
2013-12-12 15:46 - 2013-12-13 21:37 - 00000000 ___RD C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-12 15:46 - 2013-12-13 21:37 - 00000000 ____D C:\Users\Bernd\AppData\Local\Packages
2013-12-12 15:46 - 2013-12-12 16:31 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-12 15:46 - 2013-12-12 15:46 - 00000000 ____D C:\Users\Bernd\Documents\My Bluetooth
2013-12-12 15:46 - 2013-12-12 15:46 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Adobe
2013-12-12 15:46 - 2013-12-12 15:46 - 00000000 ____D C:\Users\Bernd\AppData\Local\VirtualStore
2013-12-12 15:46 - 2013-10-22 11:55 - 00000000 _____ C:\Windows\SysWOW64\Drivers\MEDION_NB_E6240T_20056274.mrk
2013-12-12 15:46 - 2012-08-11 05:25 - 00001193 _____ C:\Users\Default\Desktop\ALDI Foto.lnk
2013-12-12 15:46 - 2012-08-11 05:25 - 00001193 _____ C:\Users\Default User\Desktop\ALDI Foto.lnk
2013-12-12 15:46 - 2012-08-11 05:25 - 00001193 _____ C:\Users\Bernd\Desktop\ALDI Foto.lnk
2013-12-12 15:46 - 2012-08-11 05:20 - 00001251 _____ C:\Users\Default\Desktop\Medion Services.lnk
2013-12-12 15:46 - 2012-08-11 05:20 - 00001251 _____ C:\Users\Default User\Desktop\Medion Services.lnk
2013-12-12 15:46 - 2012-08-11 05:20 - 00001251 _____ C:\Users\Bernd\Desktop\Medion Services.lnk
2013-12-12 15:46 - 2012-08-05 13:08 - 00001809 _____ C:\Users\Default\Desktop\ALDI Talk.lnk
2013-12-12 15:46 - 2012-08-05 13:08 - 00001809 _____ C:\Users\Default User\Desktop\ALDI Talk.lnk
2013-12-12 15:46 - 2012-08-05 13:08 - 00001093 _____ C:\Users\Default\Desktop\ALDI Nord Reisen.lnk
2013-12-12 15:46 - 2012-08-05 13:08 - 00001093 _____ C:\Users\Default User\Desktop\ALDI Nord Reisen.lnk
2013-12-12 15:46 - 2012-08-05 13:08 - 00001037 _____ C:\Users\Default\Desktop\ALDI Nord Startseite.lnk
2013-12-12 15:46 - 2012-08-05 13:08 - 00001037 _____ C:\Users\Default User\Desktop\ALDI Nord Startseite.lnk
2013-12-12 15:46 - 2012-08-05 12:39 - 00001893 _____ C:\Users\Default\Desktop\ALDI Nord Blumen Service.lnk
2013-12-12 15:46 - 2012-08-05 12:39 - 00001893 _____ C:\Users\Default User\Desktop\ALDI Nord Blumen Service.lnk
2013-12-12 15:44 - 2013-12-13 22:18 - 00000000 ____D C:\Users\Bernd
2013-12-12 15:44 - 2013-12-12 15:44 - 00000020 ___SH C:\Users\Bernd\ntuser.ini
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\Vorlagen
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\Startmenü
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\Netzwerkumgebung
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\Lokale Einstellungen
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\Eigene Dateien
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\Druckumgebung
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\Documents\Eigene Musik
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\Documents\Eigene Bilder
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\AppData\Local\Verlauf
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\AppData\Local\Anwendungsdaten
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\Anwendungsdaten
2013-12-12 15:44 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-12 15:44 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-12 15:44 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-12 15:44 - 2013-08-22 16:36 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-12 15:35 - 2013-12-16 10:24 - 01715484 _____ C:\Windows\WindowsUpdate.log
2013-11-21 07:23 - 2013-11-21 07:23 - 00002324 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3793513485-3065062101-2964870661-500
==================== One Month Modified Files and Folders =======
2013-12-16 11:37 - 2013-12-16 11:36 - 00050476 _____ C:\Users\Bernd\Downloads\FRST.txt
2013-12-16 11:36 - 2013-12-16 11:36 - 00000000 ____D C:\FRST
2013-12-16 11:32 - 2013-12-16 11:32 - 01927940 _____ (Farbar) C:\Users\Bernd\Downloads\FRST64.exe
2013-12-16 11:31 - 2013-12-16 11:31 - 00000761 _____ C:\Users\Public\Desktop\FuzeZip.lnk
2013-12-16 11:30 - 2013-12-16 11:30 - 01327776 _____ (Koyote-Lab Inc.) C:\Users\Bernd\Downloads\FuzeZipSetup-r152-w-bf.exe
2013-12-16 11:28 - 2013-12-16 11:28 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\PC Speed Maximizer
2013-12-16 11:28 - 2013-12-12 15:51 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3793513485-3065062101-2964870661-1001
2013-12-16 11:26 - 2013-12-16 11:26 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\COMPUTERBILD-Abzockschutz
2013-12-16 11:24 - 2013-12-16 11:24 - 00001138 _____ C:\Users\Bernd\Desktop\Continue Zip Opener Installation.lnk
2013-12-16 11:23 - 2013-12-16 11:23 - 00001137 _____ C:\Users\Bernd\Desktop\PC Speed Maximizer.lnk
2013-12-16 11:23 - 2013-12-16 11:23 - 00001134 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-12-16 11:23 - 2013-12-16 11:23 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-12-16 11:23 - 2013-12-16 11:23 - 00000000 ____D C:\Program Files (x86)\PC Speed Maximizer
2013-12-16 11:23 - 2013-12-16 11:23 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-12-16 11:22 - 2013-12-16 11:21 - 00673024 _____ ( ) C:\Users\Bernd\Downloads\ZipOpenerSetup.exe
2013-12-16 11:14 - 2013-12-13 22:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-16 11:03 - 2013-12-12 15:53 - 00003950 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{72052607-CF90-47BF-B528-3B605F4E2372}
2013-12-16 11:02 - 2013-12-13 21:49 - 00000752 _____ C:\Users\Bernd\daemonprocess.txt
2013-12-16 11:02 - 2013-12-12 15:46 - 00036896 _____ C:\Users\Bernd\AppData\Local\BTServer.log
2013-12-16 11:02 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru
2013-12-16 10:24 - 2013-12-12 15:35 - 01715484 _____ C:\Windows\WindowsUpdate.log
2013-12-16 10:17 - 2013-10-07 06:42 - 00797412 _____ C:\Windows\system32\perfh013.dat
2013-12-16 10:17 - 2013-10-07 06:42 - 00161992 _____ C:\Windows\system32\perfc013.dat
2013-12-16 10:17 - 2013-10-07 06:40 - 00793160 _____ C:\Windows\system32\perfh010.dat
2013-12-16 10:17 - 2013-10-07 06:40 - 00156082 _____ C:\Windows\system32\perfc010.dat
2013-12-16 10:17 - 2013-10-07 06:37 - 00742562 _____ C:\Windows\system32\perfh00E.dat
2013-12-16 10:17 - 2013-10-07 06:37 - 00177650 _____ C:\Windows\system32\perfc00E.dat
2013-12-16 10:17 - 2013-10-07 06:35 - 00801394 _____ C:\Windows\system32\perfh00C.dat
2013-12-16 10:17 - 2013-10-07 06:35 - 00158846 _____ C:\Windows\system32\perfc00C.dat
2013-12-16 10:17 - 2013-10-07 06:32 - 00765582 _____ C:\Windows\system32\perfh007.dat
2013-12-16 10:17 - 2013-10-07 06:32 - 00159366 _____ C:\Windows\system32\perfc007.dat
2013-12-16 10:17 - 2013-10-07 06:30 - 00455668 _____ C:\Windows\system32\perfh006.dat
2013-12-16 10:17 - 2013-10-07 06:30 - 00079422 _____ C:\Windows\system32\perfc006.dat
2013-12-16 10:17 - 2013-10-07 06:11 - 06098376 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-16 10:12 - 2013-12-14 18:05 - 00000286 _____ C:\Windows\Tasks\SpeedUpMyPC.job
2013-12-16 10:12 - 2013-12-12 20:22 - 00000426 _____ C:\Windows\Tasks\ViewPassword Update.job
2013-12-16 10:11 - 2013-12-13 21:49 - 00003120 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-12-16 10:11 - 2013-12-12 20:39 - 00000000 ___RD C:\Users\Bernd\Dropbox
2013-12-16 10:11 - 2013-12-12 20:33 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Dropbox
2013-12-16 10:11 - 2013-12-12 15:49 - 00000000 __RDO C:\Users\Bernd\SkyDrive
2013-12-16 10:11 - 2013-12-12 15:47 - 00000000 ____D C:\Users\Bernd\Documents\Youcam
2013-12-16 10:09 - 2013-12-14 18:05 - 00001312 _____ C:\Windows\Tasks\Feven 1.5-updater.job
2013-12-16 10:09 - 2013-12-14 18:05 - 00001214 _____ C:\Windows\Tasks\Feven 1.5-codedownloader.job
2013-12-16 10:09 - 2013-12-14 18:05 - 00001114 _____ C:\Windows\Tasks\Feven 1.5-enabler.job
2013-12-16 10:09 - 2013-12-14 18:05 - 00000364 _____ C:\Windows\Tasks\spmonitor.job
2013-12-16 10:09 - 2013-12-14 18:04 - 00002026 _____ C:\Windows\Tasks\Feven 1.5-firefoxinstaller.job
2013-12-16 10:09 - 2013-12-14 18:04 - 00001954 _____ C:\Windows\Tasks\Feven 1.5-chromeinstaller.job
2013-12-16 10:09 - 2013-12-12 20:20 - 00001324 _____ C:\Windows\Tasks\Plus-HD-2.5-updater.job
2013-12-16 10:09 - 2013-12-12 20:19 - 00001934 _____ C:\Windows\Tasks\Plus-HD-2.5-chromeinstaller.job
2013-12-16 10:09 - 2013-12-12 20:19 - 00001226 _____ C:\Windows\Tasks\Plus-HD-2.5-codedownloader.job
2013-12-16 10:09 - 2013-12-12 20:19 - 00001126 _____ C:\Windows\Tasks\Plus-HD-2.5-enabler.job
2013-12-16 10:08 - 2013-12-13 21:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-16 10:08 - 2013-12-13 21:47 - 00000312 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2013-12-16 10:08 - 2013-10-07 06:06 - 00004080 _____ C:\Windows\PFRO.log
2013-12-16 10:08 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-16 10:08 - 2013-08-22 15:44 - 00389328 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-14 20:44 - 2013-12-14 14:53 - 00001094 _____ C:\Users\privat\daemonprocess.txt
2013-12-14 20:44 - 2013-12-12 16:30 - 00015217 _____ C:\Users\privat\AppData\Local\BTServer.log
2013-12-14 20:44 - 2013-08-22 14:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2013-12-14 20:28 - 2013-12-14 20:28 - 00003294 _____ C:\Windows\System32\Tasks\AntiBrowserSpy - SocialBlock - IEProxyCheck
2013-12-14 20:28 - 2013-12-14 20:28 - 00003162 _____ C:\Windows\System32\Tasks\AntiBrowserSpy - SocialBlock - IE
2013-12-14 20:28 - 2013-12-14 20:18 - 00000000 ____D C:\Program Files (x86)\AntiBrowserSpy
2013-12-14 20:24 - 2013-12-14 20:23 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\vlc
2013-12-14 20:24 - 2013-12-12 16:36 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3793513485-3065062101-2964870661-1002
2013-12-14 20:23 - 2013-12-14 20:23 - 00001090 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-14 20:22 - 2013-12-14 20:22 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-12-14 20:20 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2013-12-14 20:19 - 2013-12-14 20:19 - 00001099 _____ C:\Users\Public\Desktop\AntiBrowserSpy.lnk
2013-12-14 20:19 - 2013-12-14 20:19 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Abelssoft
2013-12-14 20:19 - 2013-12-14 20:19 - 00000000 ____D C:\Users\Bernd\AppData\Local\Abelssoft
2013-12-14 20:19 - 2013-12-14 20:19 - 00000000 ____D C:\ProgramData\XDMessagingv4
2013-12-14 20:19 - 2013-12-14 20:19 - 00000000 ____D C:\Program Files (x86)\COMPUTERBILD-Abzockschutz
2013-12-14 19:28 - 2013-12-12 19:24 - 00000000 ____D C:\Program Files (x86)\1und1Softwareaktualisierung
2013-12-14 19:27 - 2013-12-13 21:49 - 00000000 ____D C:\Program Files (x86)\Advanced System Protector
2013-12-14 19:27 - 2013-12-12 20:21 - 00000000 ____D C:\Program Files (x86)\Browsersafeguard
2013-12-14 19:27 - 2013-12-12 20:16 - 00000000 ____D C:\Program Files (x86)\Spring Smart
2013-12-14 18:58 - 2013-12-14 18:58 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\OpenOffice
2013-12-14 18:58 - 2013-12-13 22:58 - 00000316 _____ C:\Windows\Tasks\FoxTab.job
2013-12-14 18:57 - 2013-12-13 22:18 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Windows Net Data
2013-12-14 18:53 - 2013-12-13 21:46 - 00000000 ____D C:\Program Files (x86)\RegClean Pro
2013-12-14 18:52 - 2013-12-13 21:47 - 00003108 _____ C:\Windows\System32\Tasks\RegClean Pro
2013-12-14 18:32 - 2013-12-12 20:22 - 00000000 ____D C:\Users\Bernd\AppData\Local\Lollipop
2013-12-14 18:23 - 2013-12-14 18:23 - 00000000 ____D C:\Users\Bernd\Documents\Symantec
2013-12-14 18:18 - 2013-12-14 18:18 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security CBE
2013-12-14 18:17 - 2013-12-14 18:15 - 00000000 ____D C:\ProgramData\Norton
2013-12-14 18:17 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-12-14 18:16 - 2013-12-14 18:16 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2013-12-14 18:16 - 2013-12-14 18:16 - 00008222 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2013-12-14 18:16 - 2013-12-14 18:16 - 00003244 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-12-14 18:16 - 2013-12-14 18:16 - 00002656 _____ C:\Users\Public\Desktop\Norton Internet Security CBE.lnk
2013-12-14 18:16 - 2013-12-14 18:16 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-12-14 18:16 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-12-14 18:15 - 2013-12-14 18:15 - 00000000 ____D C:\Windows\system32\Drivers\NISx64
2013-12-14 18:15 - 2013-12-14 18:15 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security CBE
2013-12-14 18:05 - 2013-12-14 18:05 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00377856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2013-12-14 18:05 - 2013-12-14 18:05 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2013-12-14 18:05 - 2013-12-14 18:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2013-12-14 18:05 - 2013-12-14 18:05 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2013-12-14 18:05 - 2013-12-14 18:05 - 00004316 _____ C:\Windows\System32\Tasks\Feven 1.5-updater
2013-12-14 18:05 - 2013-12-14 18:05 - 00004218 _____ C:\Windows\System32\Tasks\Feven 1.5-codedownloader
2013-12-14 18:05 - 2013-12-14 18:05 - 00004118 _____ C:\Windows\System32\Tasks\Feven 1.5-enabler
2013-12-14 18:05 - 2013-12-14 18:05 - 00002518 _____ C:\Windows\System32\Tasks\spmonitor
2013-12-14 18:05 - 2013-12-14 18:05 - 00002508 _____ C:\Windows\System32\Tasks\SpeedUpMyPC
2013-12-14 18:05 - 2013-12-14 18:05 - 00001150 _____ C:\Users\Public\Desktop\SpeedUpMyPC.lnk
2013-12-14 18:05 - 2013-12-14 18:05 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Uniblue
2013-12-14 18:05 - 2013-12-14 18:05 - 00000000 ____D C:\Program Files (x86)\Uniblue
2013-12-14 18:05 - 2013-12-14 18:04 - 00000000 ____D C:\Program Files (x86)\Feven 1.5
2013-12-14 18:03 - 2013-12-14 18:03 - 00519600 _____ C:\Users\Bernd\Downloads\PluginV2(1).exe
2013-12-14 17:56 - 2013-12-14 17:56 - 04344096 _____ (Engelmann Media) C:\Users\Bernd\Downloads\win8starter.exe
2013-12-14 17:56 - 2013-12-14 17:56 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Engelmann Media
2013-12-14 17:56 - 2013-12-14 17:56 - 00000000 ____D C:\Program Files (x86)\Engelmann Media
2013-12-14 17:54 - 2013-12-14 17:54 - 00001132 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2013-12-14 17:53 - 2013-12-14 17:53 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-12-14 17:51 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-14 17:49 - 2013-12-14 17:49 - 00000000 ____D C:\Users\Bernd\Desktop\OpenOffice 4.0.1 (de) Installation Files
2013-12-14 17:48 - 2013-12-14 17:40 - 163606685 _____ C:\Users\Bernd\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2013-12-14 17:46 - 2013-12-13 21:49 - 00000000 ____D C:\Users\Bernd\AppData\Local\Mobogenie
2013-12-14 15:52 - 2013-12-12 18:03 - 00000000 __RDO C:\Users\privat\SkyDrive
2013-12-14 15:52 - 2013-12-12 16:32 - 00000000 ____D C:\Users\privat\Documents\Youcam
2013-12-14 15:01 - 2013-12-13 21:47 - 00000304 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-12-14 14:55 - 2013-12-12 17:25 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B35484AC-E1DA-40F6-BF84-2BF4FDB0D66E}
2013-12-14 14:53 - 2013-12-14 14:53 - 00000000 ____D C:\Users\privat\AppData\Roaming\Iminent
2013-12-14 14:53 - 2013-12-12 16:31 - 00000000 ___RD C:\Users\privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-14 14:53 - 2013-12-12 16:31 - 00000000 ___RD C:\Users\privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-14 14:53 - 2013-12-12 16:30 - 00000000 ____D C:\Users\privat\AppData\Local\Packages
2013-12-14 14:53 - 2013-12-12 16:30 - 00000000 ____D C:\Users\privat
2013-12-13 23:54 - 2013-12-13 23:50 - 00000000 ____D C:\Users\Bernd\AppData\Local\HP
2013-12-13 23:52 - 2013-12-13 23:52 - 00003628 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z
2013-12-13 23:52 - 2013-12-13 23:02 - 00000000 ____D C:\Program Files (x86)\HP
2013-12-13 23:51 - 2013-12-13 23:51 - 00002272 _____ C:\Users\Public\Desktop\HP Officejet 6500 E710n-z.lnk
2013-12-13 23:51 - 2013-12-13 23:51 - 00001204 _____ C:\Users\Public\Desktop\Shop für Zubehör - HP Officejet 6500 E710n-z.lnk
2013-12-13 23:51 - 2013-12-13 23:51 - 00000057 _____ C:\ProgramData\Ament.ini
2013-12-13 23:51 - 2013-12-13 23:51 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\HpUpdate
2013-12-13 23:51 - 2013-12-13 23:51 - 00000000 ____D C:\Program Files\HP
2013-12-13 23:51 - 2013-12-13 23:01 - 00000000 ____D C:\ProgramData\HP
2013-12-13 23:38 - 2013-12-13 22:49 - 122662720 _____ C:\Users\Bernd\Downloads\OJ6500_E710n-z_1315.exe
2013-12-13 23:04 - 2013-12-13 23:04 - 00000000 ____D C:\Users\Bernd\Documents\Optimizer Pro
2013-12-13 23:04 - 2013-12-13 23:04 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Optimizer Pro
2013-12-13 23:03 - 2013-12-13 22:54 - 00000000 ____D C:\Users\Bernd\AppData\Local\Adobe
2013-12-13 23:02 - 2013-12-13 23:02 - 00000000 ____D C:\Users\Bernd\Desktop\HP
2013-12-13 23:02 - 2013-12-13 23:02 - 00000000 ____D C:\ProgramData\Apple
2013-12-13 23:02 - 2013-12-13 23:02 - 00000000 ____D C:\Program Files\Bonjour
2013-12-13 23:02 - 2013-12-13 23:02 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-12-13 23:02 - 2013-12-12 15:46 - 00000000 ___RD C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-13 23:00 - 2013-12-13 22:59 - 00000000 ____D C:\HP_ePrint
2013-12-13 22:59 - 2013-12-13 22:59 - 00001082 _____ C:\Users\Bernd\Desktop\Optimizer Pro.lnk
2013-12-13 22:59 - 2013-12-13 22:58 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-12-13 22:58 - 2013-12-13 22:58 - 00002654 _____ C:\Windows\System32\Tasks\FoxTab
2013-12-13 22:58 - 2013-12-13 22:58 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\FoxTab
2013-12-13 22:58 - 2013-12-13 22:58 - 00000000 ____D C:\Users\Bernd\AppData\Local\Macromedia
2013-12-13 22:58 - 2013-12-13 22:57 - 00000000 ____D C:\Program Files (x86)\Foxtab
2013-12-13 22:57 - 2013-12-13 22:57 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-13 22:57 - 2013-12-13 22:57 - 00001054 _____ C:\Users\Public\Desktop\FlvPlayer.lnk
2013-12-13 22:57 - 2013-12-13 22:57 - 00000000 ____D C:\Program Files (x86)\FlvPlayer
2013-12-13 22:56 - 2013-12-13 22:49 - 58738880 _____ C:\Users\Bernd\Downloads\HP-ePrint-win-4.5.52.12202.exe
2013-12-13 22:55 - 2013-12-13 22:55 - 01135368 _____ C:\Users\Bernd\Downloads\FlvPlayerSetup.exe
2013-12-13 22:26 - 2013-12-13 22:26 - 01070944 _____ (Solid State Networks) C:\Users\Bernd\Downloads\install_flashplayer11x32_mssa_aaa_aih.exe
2013-12-13 22:20 - 2013-12-13 21:54 - 00001167 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-13 22:20 - 2013-12-13 21:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-13 22:19 - 2013-12-13 22:19 - 00000000 ____D C:\Users\Bernd\AppData\Local\Google
2013-12-13 22:18 - 2013-12-13 22:18 - 00000187 _____ C:\Users\Bernd\Desktop\Amazon.de.url
2013-12-13 22:18 - 2013-12-13 22:18 - 00000000 ____D C:\Users\Bernd\ChromeExtensions
2013-12-13 22:18 - 2013-12-13 22:18 - 00000000 ____D C:\Users\Bernd\AppData\Local\Tempdc71c953596ad56fbce35f696e89e674
2013-12-13 22:18 - 2013-12-13 22:18 - 00000000 ____D C:\Users\Bernd\AppData\Local\Tempb2801231ea6512ca85d005e5f1de0ecf
2013-12-13 22:18 - 2013-12-13 22:18 - 00000000 ____D C:\Users\Bernd\AppData\Local\Temp3598df397e6cc537d15e0423fa2e4b7b
2013-12-13 22:18 - 2013-12-12 15:44 - 00000000 ____D C:\Users\Bernd
2013-12-13 22:16 - 2013-12-13 22:16 - 00943872 _____ C:\Users\Bernd\Downloads\Mozilla-Firefox--Setup.exe
2013-12-13 22:08 - 2013-12-13 22:08 - 00519600 _____ C:\Users\Bernd\Downloads\PluginV2.exe
2013-12-13 22:07 - 2013-12-13 22:07 - 00000000 ____D C:\ProgramData\WPM
2013-12-13 22:06 - 2013-12-13 21:49 - 00000000 ____D C:\Users\Bernd\AppData\Local\cache
2013-12-13 22:06 - 2013-12-13 21:48 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2013-12-13 22:06 - 2013-12-12 20:16 - 00002365 _____ C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-12-13 22:06 - 2013-12-12 20:16 - 00002267 _____ C:\Users\Bernd\Desktop\Search.lnk
2013-12-13 22:06 - 2013-12-12 18:35 - 00002136 _____ C:\Users\Bernd\Desktop\Amazon.lnk
2013-12-13 22:06 - 2013-12-12 18:35 - 00002134 _____ C:\Users\Bernd\Desktop\WEB.DE.lnk
2013-12-13 22:06 - 2013-12-12 18:35 - 00002132 _____ C:\Users\Bernd\Desktop\eBay.lnk
2013-12-13 22:06 - 2013-12-12 15:46 - 00002135 _____ C:\Users\Bernd\Desktop\ALDI Nord Blumen Service.lnk
2013-12-13 22:06 - 2013-12-12 15:46 - 00002065 _____ C:\Users\Bernd\Desktop\ALDI Talk.lnk
2013-12-13 22:06 - 2013-12-12 15:46 - 00002057 _____ C:\Users\Public\Desktop\eBay.lnk
2013-12-13 22:06 - 2013-12-12 15:46 - 00001660 _____ C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-13 22:06 - 2013-12-12 15:46 - 00001329 _____ C:\Users\Bernd\Desktop\ALDI Nord Reisen.lnk
2013-12-13 22:06 - 2013-12-12 15:46 - 00001297 _____ C:\Users\Bernd\Desktop\ALDI Nord Startseite.lnk
2013-12-13 22:05 - 2013-12-13 22:04 - 00960096 _____ (Firefox) C:\Users\Bernd\Downloads\FirefoxSetup(1).exe
2013-12-13 21:58 - 2013-12-13 21:58 - 00001607 _____ C:\Users\Bernd\Desktop\Continue Firefox.lnk
2013-12-13 21:57 - 2013-12-13 21:54 - 00000000 ____D C:\Users\Bernd\AppData\Local\Mozilla
2013-12-13 21:55 - 2013-12-13 21:54 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Mozilla
2013-12-13 21:54 - 2013-12-13 21:54 - 00000635 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-12-13 21:54 - 2013-12-13 21:54 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Iminent
2013-12-13 21:54 - 2013-12-13 21:54 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-13 21:54 - 2013-12-13 21:54 - 00000000 ____D C:\ProgramData\Iminent
2013-12-13 21:54 - 2013-12-13 21:54 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-12-13 21:50 - 2013-12-13 21:50 - 00000000 ____D C:\Users\Bernd\Qtrax
2013-12-13 21:49 - 2013-12-13 21:49 - 00960096 _____ (Firefox) C:\Users\Bernd\Downloads\FirefoxSetup.exe
2013-12-13 21:49 - 2013-12-13 21:49 - 00001221 _____ C:\Users\Public\Desktop\Advanced System Protector.lnk
2013-12-13 21:49 - 2013-12-13 21:49 - 00001039 _____ C:\Users\Bernd\Desktop\Mobogenie.lnk
2013-12-13 21:49 - 2013-12-13 21:49 - 00000000 ____D C:\Users\Bernd\Documents\Mobogenie
2013-12-13 21:49 - 2013-12-13 21:49 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2013-12-13 21:49 - 2013-12-13 21:49 - 00000000 ____D C:\ProgramData\Systweak
2013-12-13 21:49 - 2013-12-13 21:47 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Systweak
2013-12-13 21:49 - 2013-12-12 20:17 - 00001107 _____ C:\Users\Bernd\Desktop\MyPC Backup.lnk
2013-12-13 21:49 - 2013-12-12 20:17 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-12-13 21:47 - 2013-12-13 21:47 - 00003044 _____ C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2013-12-13 21:47 - 2013-12-13 21:47 - 00002888 _____ C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2013-12-13 21:47 - 2013-12-13 21:47 - 00001070 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-12-13 21:47 - 2013-12-13 21:47 - 00000000 ____D C:\Program Files (x86)\PricePeep
2013-12-13 21:37 - 2013-12-13 21:37 - 00003560 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-12-13 21:37 - 2013-12-13 21:33 - 00000000 ___RD C:\Windows\BrowserChoice
2013-12-13 21:37 - 2013-12-12 15:46 - 00000000 ___RD C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-13 21:37 - 2013-12-12 15:46 - 00000000 ____D C:\Users\Bernd\AppData\Local\Packages
2013-12-13 21:33 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2013-12-13 21:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore
2013-12-13 21:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\sl-SI
2013-12-13 21:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2013-12-13 21:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sl-SI
2013-12-13 21:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\migwiz
2013-12-13 21:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\en-GB
2013-12-13 21:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-13 21:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\MediaViewer
2013-12-13 21:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\FileManager
2013-12-13 21:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Camera
2013-12-13 21:16 - 2013-12-13 20:59 - 00000000 ____D C:\Windows\system32\MRT
2013-12-12 22:00 - 2013-10-07 08:36 - 00000000 ____D C:\Users\Public\CyberLink
2013-12-12 20:45 - 2013-12-12 20:45 - 00000000 ____D C:\Users\privat\AppData\Local\SearchProtect
2013-12-12 20:39 - 2013-12-12 20:39 - 00001055 _____ C:\Users\Bernd\Desktop\Dropbox.lnk
2013-12-12 20:34 - 2013-12-12 20:34 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-12-12 20:24 - 2013-12-12 20:23 - 00000000 ____D C:\Users\Bernd\AppData\Local\SearchProtect
2013-12-12 20:24 - 2013-12-12 20:23 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-12-12 20:23 - 2013-12-12 20:23 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
2013-12-12 20:23 - 2013-12-12 20:23 - 00000000 ____D C:\Program Files (x86)\Wajam
2013-12-12 20:22 - 2013-12-12 20:22 - 00003066 _____ C:\Windows\System32\Tasks\ViewPassword Update
2013-12-12 20:22 - 2013-12-12 20:22 - 00000000 ____D C:\Program Files (x86)\ViewPassword
2013-12-12 20:21 - 2013-12-12 20:21 - 00003868 _____ C:\Windows\System32\Tasks\BrowserSafeguard Update Task
2013-12-12 20:20 - 2013-12-12 20:20 - 00004328 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-updater
2013-12-12 20:20 - 2013-12-12 20:20 - 00000000 ____D C:\Users\Bernd\AppData\Local\VisualBeeClient
2013-12-12 20:20 - 2013-12-12 20:19 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.5
2013-12-12 20:19 - 2013-12-12 20:19 - 00004230 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-codedownloader
2013-12-12 20:19 - 2013-12-12 20:19 - 00004130 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-enabler
2013-12-12 20:19 - 2013-12-12 20:19 - 00000000 ____D C:\Users\Bernd\AppData\Local\VisualBeeExe
2013-12-12 20:19 - 2013-12-12 20:18 - 00000000 ____D C:\ProgramData\VisualBee
2013-12-12 20:18 - 2013-12-12 20:18 - 00001224 _____ C:\Users\Bernd\Desktop\Create Amazing Presentations.lnk
2013-12-12 20:18 - 2013-12-12 20:18 - 00001224 _____ C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
2013-12-12 20:18 - 2013-12-12 20:18 - 00000000 ____D C:\Users\Bernd\AppData\Local\emaze
2013-12-12 20:17 - 2013-12-12 20:17 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-12-12 20:16 - 2013-12-12 20:15 - 00000000 ____D C:\Users\Bernd\AppData\Local\Smartbar
2013-12-12 20:13 - 2013-12-12 20:13 - 02412840 _____ (Premium Installer ) C:\Users\Bernd\Downloads\Setup.exe
2013-12-12 20:12 - 2013-12-12 20:12 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Macromedia
2013-12-12 19:24 - 2013-12-12 19:24 - 00003882 _____ C:\Windows\System32\Tasks\Registration 1und1 Task
2013-12-12 19:24 - 2013-12-12 19:24 - 00000000 ____D C:\ProgramData\UUdb
2013-12-12 19:24 - 2013-12-12 19:24 - 00000000 ____D C:\ProgramData\1&1 Mail & Media GmbH
2013-12-12 19:24 - 2013-12-12 19:24 - 00000000 ____D C:\Program Files\WEB.DE MailCheck
2013-12-12 19:24 - 2013-12-12 19:24 - 00000000 ____D C:\Program Files (x86)\WEB.DE MailCheck
2013-12-12 18:35 - 2013-12-12 18:35 - 00000000 ____D C:\ProgramData\DesktopIcons
2013-12-12 17:36 - 2013-12-12 17:36 - 00000000 ____D C:\Users\privat\AppData\Roaming\Macromedia
2013-12-12 17:28 - 2013-08-22 15:46 - 00056076 _____ C:\Windows\setupact.log
2013-12-12 16:32 - 2013-12-12 16:32 - 00000000 ____D C:\Users\privat\AppData\Local\CyberLink
2013-12-12 16:31 - 2013-12-12 16:31 - 00000000 ____D C:\Users\privat\AppData\Local\Power2Go8
2013-12-12 16:31 - 2013-12-12 15:46 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-12 16:30 - 2013-12-12 16:30 - 00001458 _____ C:\Users\privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-12 16:30 - 2013-12-12 16:30 - 00000020 ___SH C:\Users\privat\ntuser.ini
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\Vorlagen
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\Startmenü
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\Netzwerkumgebung
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\Lokale Einstellungen
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\Eigene Dateien
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\Druckumgebung
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\Documents\Eigene Musik
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\Documents\Eigene Bilder
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\AppData\Local\Verlauf
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\AppData\Local\Anwendungsdaten
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 _SHDL C:\Users\privat\Anwendungsdaten
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 ____D C:\Users\privat\Documents\My Bluetooth
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 ____D C:\Users\privat\AppData\Roaming\Adobe
2013-12-12 16:30 - 2013-12-12 16:30 - 00000000 ____D C:\Users\privat\AppData\Local\VirtualStore
2013-12-12 16:19 - 2013-12-12 16:19 - 00000000 ____D C:\Users\Bernd\Documents\CyberLink
2013-12-12 16:19 - 2013-12-12 16:19 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\CyberLink
2013-12-12 16:19 - 2013-10-07 08:27 - 00000000 ____D C:\ProgramData\CyberLink
2013-12-12 16:00 - 2013-10-07 07:05 - 00000000 ____D C:\Windows\Panther
2013-12-12 15:47 - 2013-12-12 15:47 - 00000000 ____D C:\Users\Bernd\AppData\Local\Power2Go8
2013-12-12 15:47 - 2013-12-12 15:47 - 00000000 ____D C:\Users\Bernd\AppData\Local\CyberLink
2013-12-12 15:46 - 2013-12-12 15:46 - 00000000 ____D C:\Users\Bernd\Documents\My Bluetooth
2013-12-12 15:46 - 2013-12-12 15:46 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Adobe
2013-12-12 15:46 - 2013-12-12 15:46 - 00000000 ____D C:\Users\Bernd\AppData\Local\VirtualStore
2013-12-12 15:46 - 2013-08-22 15:45 - 00000000 ____D C:\Windows\Setup
2013-12-12 15:44 - 2013-12-12 15:44 - 00000020 ___SH C:\Users\Bernd\ntuser.ini
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\Vorlagen
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\Startmenü
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\Netzwerkumgebung
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\Lokale Einstellungen
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\Eigene Dateien
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\Druckumgebung
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\Documents\Eigene Musik
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\Documents\Eigene Bilder
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\AppData\Local\Verlauf
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\AppData\Local\Anwendungsdaten
2013-12-12 15:44 - 2013-12-12 15:44 - 00000000 _SHDL C:\Users\Bernd\Anwendungsdaten
2013-12-12 15:36 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\restore
2013-12-12 14:24 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2013-12-04 01:05 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:05 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-01 14:42 - 2013-10-07 07:12 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-26 12:54 - 2013-12-12 21:53 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 11:11 - 2013-12-12 21:53 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 10:41 - 2013-12-12 21:53 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 09:57 - 2013-12-12 21:53 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 09:38 - 2013-12-12 21:53 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 09:35 - 2013-12-12 21:53 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:16 - 2013-12-12 21:53 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 09:02 - 2013-12-12 21:53 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:48 - 2013-12-12 21:53 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 08:32 - 2013-12-12 21:53 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 08:26 - 2013-12-12 21:53 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 08:07 - 2013-12-12 21:53 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:40 - 2013-12-12 21:53 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 07:34 - 2013-12-12 21:53 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:34 - 2013-12-12 21:53 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 07:33 - 2013-12-12 21:53 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 07:27 - 2013-12-12 21:53 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-23 05:34 - 2013-12-12 21:53 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-11-23 05:13 - 2013-12-12 21:53 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-11-23 04:32 - 2013-12-12 21:53 - 04105728 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2013-11-23 04:10 - 2013-12-12 21:53 - 00568832 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2013-11-21 07:24 - 2013-10-07 06:23 - 00000000 __SHD C:\Recovery
2013-11-21 07:24 - 2013-08-22 16:37 - 00009272 _____ C:\Windows\DtcInstall.log
2013-11-21 07:24 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Recovery
2013-11-21 07:23 - 2013-11-21 07:23 - 00002324 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3793513485-3065062101-2964870661-500
2013-11-19 11:30 - 2013-10-07 07:11 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\Bernd\AppData\Local\Temp\455.7824454212927_Update.exe
C:\Users\Bernd\AppData\Local\Temp\6_Offer_15.exe
C:\Users\Bernd\AppData\Local\Temp\6_Offer_16.exe
C:\Users\Bernd\AppData\Local\Temp\amazonicon_v3.exe
C:\Users\Bernd\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Bernd\AppData\Local\Temp\BackupSetup.exe
C:\Users\Bernd\AppData\Local\Temp\COMAP.EXE
C:\Users\Bernd\AppData\Local\Temp\DownloadManager.exe
C:\Users\Bernd\AppData\Local\Temp\Firefox_Setup_26.0.exe
C:\Users\Bernd\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Bernd\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Bernd\AppData\Local\Temp\GetCC.dll
C:\Users\Bernd\AppData\Local\Temp\ICReinstall_ZipOpenerSetup.exe
C:\Users\Bernd\AppData\Local\Temp\Mobogenie563.exe
C:\Users\Bernd\AppData\Local\Temp\nsaD45A.exe
C:\Users\Bernd\AppData\Local\Temp\nsiCBDE.exe
C:\Users\Bernd\AppData\Local\Temp\nstD91E.exe
C:\Users\Bernd\AppData\Local\Temp\nsv752.exe
C:\Users\Bernd\AppData\Local\Temp\obw_aartemis_2013111118305.exe
C:\Users\Bernd\AppData\Local\Temp\plus-hd-2-5.exe
C:\Users\Bernd\AppData\Local\Temp\RegClean10.exe
C:\Users\Bernd\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Bernd\AppData\Local\Temp\sdapskill.exe
C:\Users\Bernd\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\Bernd\AppData\Local\Temp\SendMsg.dll
C:\Users\Bernd\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Bernd\AppData\Local\Temp\vbmz10.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== BCD ================================
Start-Manager fr Firmware
--------------------------
Bezeichner {fwbootmgr}
displayorder {bootmgr}
timeout 2
Windows-Start-Manager
---------------------
Bezeichner {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale de-DE
inherit {globalsettings}
integrityservices Enable
default {current}
resumeobject {1d66be53-2f0b-11e3-8268-54bef7577d65}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Windows-Startladeprogramm
-------------------------
Bezeichner {1d66be51-2f0b-11e3-8268-54bef7577d65}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{1d66be52-2f0b-11e3-8268-54bef7577d65}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-GB
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{1d66be52-2f0b-11e3-8268-54bef7577d65}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Windows-Startladeprogramm
-------------------------
Bezeichner {current}
device partition=C:
path \Windows\system32\winload.efi
description Windows 8.1
locale de-DE
inherit {bootloadersettings}
recoverysequence {966ba74a-5275-11e3-8279-240a64fdc898}
integrityservices Enable
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {1d66be53-2f0b-11e3-8268-54bef7577d65}
nx OptIn
bootmenupolicy Standard
Windows-Startladeprogramm
-------------------------
Bezeichner {8d7f0cc6-879e-47f6-a767-0ed8fd3b0659}
device ramdisk=[\Device\HarddiskVolume4]\Sources\boot.wim,{572bcd56-ffa7-11d9-aae0-0007e994107d}
path \windows\system32\winload.efi
description MEDION Recovery Environment
osdevice ramdisk=[\Device\HarddiskVolume4]\Sources\boot.wim,{572bcd56-ffa7-11d9-aae0-0007e994107d}
systemroot \windows
nx OptIn
winpe Yes
Windows-Startladeprogramm
-------------------------
Bezeichner {966ba74a-5275-11e3-8279-240a64fdc898}
device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{966ba74b-5275-11e3-8279-240a64fdc898}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-GB
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{966ba74b-5275-11e3-8279-240a64fdc898}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {1d66be53-2f0b-11e3-8268-54bef7577d65}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
recoverysequence {966ba74a-5275-11e3-8279-240a64fdc898}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Windows-Speichertestprogramm
----------------------------
Bezeichner {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Windows Memory Diagnostic
locale de-DE
inherit {globalsettings}
badmemoryaccess Yes
EMS-Einstellungen
-----------------
Bezeichner {emssettings}
bootems No
Debuggereinstellungen
---------------------
Bezeichner {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM-Defekte
-----------
Bezeichner {badmemory}
Globale Einstellungen
---------------------
Bezeichner {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Startladeprogramm-Einstellungen
-------------------------------
Bezeichner {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisoreinstellungen
-------------------
Bezeichner {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner {resumeloadersettings}
inherit {globalsettings}
Ger„teoptionen
--------------
Bezeichner {1d66be52-2f0b-11e3-8268-54bef7577d65}
description Windows Recovery
ramdisksdidevice unknown
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Ger„teoptionen
--------------
Bezeichner {572bcd56-ffa7-11d9-aae0-0007e994107d}
description Ramdisk Options
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \boot\boot.sdi
Ger„teoptionen
--------------
Bezeichner {966ba74b-5275-11e3-8279-240a64fdc898}
description Windows Recovery
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
LastRegBack: 2013-10-07 06:06
==================== End Of Log ============================
ich hoffe jetzt stimmte es so, vielen Dank für Deine Gedult und Hilfe Gruß pv54466 |
|
29.12.2013, 12:37
| #10 |
| /// the machine /// TB-Ausbilder | Diverse Palgegeister auf meinen neuen Laptop (4 tage alt ) Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.01.2014, 17:52
| #11 |
| | Diverse Palgegeister auf meinen neuen Laptop (4 tage alt ) Hallo Schrauber, endilch gehts weiter. Sorry das ich nicht früher konnte. Anbei die Log´s Maleware ist 2x abgestürzt daher 3 Logs Log1 Code:
ATTFilter 2014/01/26 15:08:27 +0100 DAMPFMASCHINN Bernd MESSAGE Executing scheduled update: Daily
2014/01/26 15:08:34 +0100 DAMPFMASCHINN Bernd MESSAGE Starting protection
2014/01/26 15:08:34 +0100 DAMPFMASCHINN Bernd MESSAGE Protection started successfully
2014/01/26 15:08:34 +0100 DAMPFMASCHINN Bernd MESSAGE Starting IP protection
2014/01/26 15:09:11 +0100 DAMPFMASCHINN Bernd MESSAGE IP Protection started successfully
2014/01/26 15:09:57 +0100 DAMPFMASCHINN Bernd MESSAGE Starting database refresh
2014/01/26 15:09:57 +0100 DAMPFMASCHINN Bernd MESSAGE Stopping IP protection
2014/01/26 15:09:57 +0100 DAMPFMASCHINN Bernd MESSAGE Scheduled update executed successfully: database updated from version v2013.04.04.07 to version v2014.01.26.03
2014/01/26 15:10:01 +0100 DAMPFMASCHINN Bernd MESSAGE IP Protection stopped successfully
2014/01/26 15:10:09 +0100 DAMPFMASCHINN Bernd MESSAGE Database refreshed successfully
2014/01/26 15:10:09 +0100 DAMPFMASCHINN Bernd MESSAGE Starting IP protection
2014/01/26 15:10:21 +0100 DAMPFMASCHINN Bernd MESSAGE IP Protection started successfully
2014/01/26 15:37:56 +0100 DAMPFMASCHINN Bernd DETECTION C:\ProgramData\WPM\wprotectmanager.exe PUP.Optional.WpManager.A QUARANTINE
2014/01/26 15:37:56 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: DeleteFile failed with error code 5
2014/01/26 15:37:58 +0100 DAMPFMASCHINN Bernd DETECTION C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe PUP.Optional.Iminent QUARANTINE
2014/01/26 15:37:59 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: DeleteFile failed with error code 5
2014/01/26 15:38:03 +0100 DAMPFMASCHINN Bernd DETECTION C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe PUP.Optional.Wajam.A QUARANTINE
2014/01/26 15:38:03 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: DeleteFile failed with error code 5
2014/01/26 15:38:05 +0100 DAMPFMASCHINN Bernd DETECTION C:\Users\Bernd\AppData\Local\Smartbar\Application\SnapDo.exe PUP.Optional.SmartBar.A QUARANTINE
2014/01/26 15:38:05 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: DeleteFile failed with error code 5
2014/01/26 15:38:06 +0100 DAMPFMASCHINN Bernd DETECTION C:\Program Files (x86)\Iminent\Iminent.exe PUP.Optional.Iminent.A QUARANTINE
2014/01/26 15:38:06 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: DeleteFile failed with error code 5
2014/01/26 15:38:07 +0100 DAMPFMASCHINN Bernd DETECTION C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe PUP.Optional.Conduit.A QUARANTINE
2014/01/26 15:38:07 +0100 DAMPFMASCHINN Bernd DETECTION C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe PUP.Optional.Conduit.A QUARANTINE
2014/01/26 15:38:07 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: DeleteFile failed with error code 5
2014/01/26 15:38:07 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: DeleteFile failed with error code 5
2014/01/26 15:38:07 +0100 DAMPFMASCHINN Bernd DETECTION C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe PUP.Optional.Conduit.A QUARANTINE
2014/01/26 15:38:07 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: DeleteFile failed with error code 5
2014/01/26 16:06:44 +0100 DAMPFMASCHINN Bernd MESSAGE Starting protection
2014/01/26 16:06:44 +0100 DAMPFMASCHINN Bernd MESSAGE Protection started successfully
2014/01/26 16:06:44 +0100 DAMPFMASCHINN Bernd MESSAGE Starting IP protection
2014/01/26 16:06:55 +0100 DAMPFMASCHINN Bernd MESSAGE IP Protection started successfully
2014/01/26 16:30:46 +0100 DAMPFMASCHINN (null) MESSAGE Starting protection
2014/01/26 16:30:46 +0100 DAMPFMASCHINN (null) MESSAGE Protection started successfully
2014/01/26 16:30:46 +0100 DAMPFMASCHINN (null) MESSAGE Starting IP protection
2014/01/26 16:30:57 +0100 DAMPFMASCHINN Bernd MESSAGE IP Protection started successfully
2014/01/26 16:37:09 +0100 DAMPFMASCHINN Bernd DETECTION C:\Program Files (x86)\FlvPlayer\FLVPlayerApp.exe PUP.Optional.InstallCore QUARANTINE
2014/01/26 16:37:18 +0100 DAMPFMASCHINN Bernd DETECTION c:\program files (x86)\flvplayer\flvplayerapp.exe PUP.Optional.InstallCore QUARANTINE
2014/01/26 16:37:18 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: SDKQuarantine failed with error code 2
2014/01/26 16:37:28 +0100 DAMPFMASCHINN Bernd DETECTION c:\program files (x86)\flvplayer\flvplayerapp.exe PUP.Optional.InstallCore QUARANTINE
2014/01/26 16:37:28 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: SDKQuarantine failed with error code 2
2014/01/26 16:37:33 +0100 DAMPFMASCHINN Bernd DETECTION c:\program files (x86)\flvplayer\flvplayerapp.exe PUP.Optional.InstallCore QUARANTINE
2014/01/26 16:37:33 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: SDKQuarantine failed with error code 2
2014/01/26 16:37:38 +0100 DAMPFMASCHINN Bernd DETECTION c:\program files (x86)\flvplayer\flvplayerapp.exe PUP.Optional.InstallCore QUARANTINE
2014/01/26 16:37:38 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: SDKQuarantine failed with error code 2
2014/01/26 16:37:44 +0100 DAMPFMASCHINN Bernd DETECTION c:\program files (x86)\flvplayer\flvplayerapp.exe PUP.Optional.InstallCore QUARANTINE
2014/01/26 16:37:44 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: SDKQuarantine failed with error code 2
2014/01/26 16:37:47 +0100 DAMPFMASCHINN Bernd DETECTION c:\program files (x86)\flvplayer\flvplayerapp.exe PUP.Optional.InstallCore QUARANTINE
2014/01/26 16:37:47 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: SDKQuarantine failed with error code 2
2014/01/26 16:37:52 +0100 DAMPFMASCHINN Bernd DETECTION c:\program files (x86)\flvplayer\flvplayerapp.exe PUP.Optional.InstallCore QUARANTINE
2014/01/26 16:37:52 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: SDKQuarantine failed with error code 2
2014/01/26 16:37:56 +0100 DAMPFMASCHINN Bernd DETECTION c:\program files (x86)\flvplayer\flvplayerapp.exe PUP.Optional.InstallCore QUARANTINE
2014/01/26 16:37:56 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: SDKQuarantine failed with error code 2
2014/01/26 16:38:03 +0100 DAMPFMASCHINN Bernd DETECTION c:\program files (x86)\flvplayer\flvplayerapp.exe PUP.Optional.InstallCore QUARANTINE
2014/01/26 16:38:03 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: SDKQuarantine failed with error code 2
2014/01/26 16:38:07 +0100 DAMPFMASCHINN Bernd DETECTION c:\program files (x86)\flvplayer\flvplayerapp.exe PUP.Optional.InstallCore QUARANTINE
2014/01/26 16:38:07 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: SDKQuarantine failed with error code 2
2014/01/26 16:38:11 +0100 DAMPFMASCHINN Bernd DETECTION c:\program files (x86)\flvplayer\flvplayerapp.exe PUP.Optional.InstallCore QUARANTINE
2014/01/26 16:38:11 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: SDKQuarantine failed with error code 2
2014/01/26 16:38:15 +0100 DAMPFMASCHINN Bernd DETECTION c:\program files (x86)\flvplayer\flvplayerapp.exe PUP.Optional.InstallCore QUARANTINE
2014/01/26 16:38:16 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: SDKQuarantine failed with error code 2
2014/01/26 16:38:20 +0100 DAMPFMASCHINN Bernd DETECTION c:\program files (x86)\flvplayer\flvplayerapp.exe PUP.Optional.InstallCore QUARANTINE
2014/01/26 16:38:20 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: SDKQuarantine failed with error code 2
2014/01/26 16:38:27 +0100 DAMPFMASCHINN Bernd DETECTION c:\program files (x86)\flvplayer\flvplayerapp.exe PUP.Optional.InstallCore QUARANTINE
2014/01/26 16:38:27 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: SDKQuarantine failed with error code 2
2014/01/26 16:38:32 +0100 DAMPFMASCHINN Bernd DETECTION c:\program files (x86)\flvplayer\flvplayerapp.exe PUP.Optional.InstallCore QUARANTINE
2014/01/26 16:38:32 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: SDKQuarantine failed with error code 2
2014/01/26 16:38:37 +0100 DAMPFMASCHINN Bernd DETECTION c:\program files (x86)\flvplayer\flvplayerapp.exe PUP.Optional.InstallCore QUARANTINE
2014/01/26 16:38:37 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: SDKQuarantine failed with error code 2
2014/01/26 16:38:42 +0100 DAMPFMASCHINN Bernd DETECTION c:\program files (x86)\flvplayer\flvplayerapp.exe PUP.Optional.InstallCore QUARANTINE
2014/01/26 16:38:42 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: SDKQuarantine failed with error code 2
2014/01/26 16:38:47 +0100 DAMPFMASCHINN Bernd DETECTION c:\program files (x86)\flvplayer\flvplayerapp.exe PUP.Optional.InstallCore QUARANTINE
2014/01/26 16:38:47 +0100 DAMPFMASCHINN Bernd ERROR Quarantine failed: SDKQuarantine failed with error code 2
2014/01/26 17:18:10 +0100 DAMPFMASCHINN (null) MESSAGE Starting protection
2014/01/26 17:18:10 +0100 DAMPFMASCHINN (null) MESSAGE Protection started successfully
2014/01/26 17:18:10 +0100 DAMPFMASCHINN (null) MESSAGE Starting IP protection
2014/01/26 17:18:21 +0100 DAMPFMASCHINN Bernd MESSAGE IP Protection started successfully
Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.26.03 Windows 8 x64 NTFS Internet Explorer 11.0.9600.16476 Bernd :: DAMPFMASCHINN [Administrator] Schutz: Aktiviert 26.01.2014 16:08:14 mbam-log-2014-01-26 (16-08-14).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 231468 Laufzeit: 6 Minute(n), 46 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.26.03 Windows 8 x64 NTFS Internet Explorer 11.0.9600.16476 Bernd :: DAMPFMASCHINN [Administrator] Schutz: Aktiviert 26.01.2014 15:47:44 mbam-log-2014-01-26 (15-47-44).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 232927 Laufzeit: 7 Minute(n), 52 Sekunde(n) Infizierte Speicherprozesse: 6 C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> 1412 -> Löschen bei Neustart. C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe (PUP.Optional.Iminent) -> 2024 -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\Iminent.exe (PUP.Optional.Iminent.A) -> 6688 -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (PUP.Optional.Iminent.A) -> 9968 -> Löschen bei Neustart. C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe (PUP.Optional.Wajam.A) -> 2656 -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\SnapDo.exe (PUP.Optional.SmartBar.A) -> 7916 -> Löschen bei Neustart. Infizierte Speichermodule: 39 C:\Program Files (x86)\Iminent\f_in_box.dll (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\Iminent.WinCore.dll (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\System.Data.SQLite.dll (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Interop.WMPLib.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\MACTrackBarLib.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.Logging.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\sgml.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\sgmu.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\sidb.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\siem.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\sipb.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\sismlp.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\spbe.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\spbl.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\sppsm.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\spusm.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\srau.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\srbs.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\srns.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\srpdm.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\srsbs.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\srsbsau.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\srut.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. Infizierte Registrierungsschlüssel: 2 HKCU\Software\Iminent (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\UMBRELLA (PUP.Optional.Umbrella.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 1 HKLM\SOFTWARE\Umbrella|MUpdBlock (PUP.Optional.Umbrella.A) -> Daten: { "MASSUPDATE" : { "CHROME_MBAR" : { "Checked" : 1, "RetryIdx" : 0, "Version" : 1 }, "FIREFOX_MBAR" : { "Checked" : 1, "RetryIdx" : 0, "Version" : 1 }, "IEXPLORE_BHO" : { "Checked" : 1, "RetryIdx" : 0, "Version" : 1 } } } -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 9 C:\Program Files (x86)\Iminent (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\de (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Program Files (x86)\Wajam (PUP.Optional.Wajam.A) -> Löschen bei Neustart. C:\Program Files (x86)\Wajam\Updater (PUP.Optional.Wajam.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\de (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Program Files (x86)\SearchProtect\UI\bin (PUP.Optional.SearchProtect.A) -> Löschen bei Neustart. C:\Program Files (x86)\SearchProtect\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Löschen bei Neustart. Infizierte Dateien: 58 C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> Löschen bei Neustart. C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe (PUP.Optional.Iminent) -> Löschen bei Neustart. C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Löschen bei Neustart. C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Löschen bei Neustart. C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe (PUP.Optional.Conduit.A) -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\Iminent.exe (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\Iminent.Booster.UI.dll (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\f_in_box.dll (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\Iminent.Business.Connect.dll (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\Iminent.Business.dll (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\Iminent.Entity.dll (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\Iminent.Mediator.ActivePlayers.dll (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\Iminent.Mediator.dll (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\Iminent.Services.dll (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\Iminent.WinCore.dll (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\Iminent.Windows.dll (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\Iminent.Workflow.dll (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\System.Data.SQLite.dll (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Program Files (x86)\Iminent\de\Iminent.resources.dll (PUP.Optional.Iminent.A) -> Löschen bei Neustart. C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe (PUP.Optional.Wajam.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Interop.WMPLib.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\MACTrackBarLib.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.Logging.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\sgml.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\sgmu.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\sidb.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\siem.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\sipb.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\sismlp.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\SnapDo.exe (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\spbe.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\spbl.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\sppsm.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\spusm.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\srau.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\srbs.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\srns.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\srpdm.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\srsbs.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\srsbsau.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\srut.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. C:\Users\Bernd\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll (PUP.Optional.SmartBar.A) -> Löschen bei Neustart. (Ende) Code:
ATTFilter # AdwCleaner v3.017 - Bericht erstellt am 26/01/2014 um 16:25:22
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Bernd - DAMPFMASCHINN
# Gestartet von : C:\Users\Bernd\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : 70e6ca8c
Dienst Gelöscht : BackupStack
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Iminent
Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\ProgramData\VisualBee
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue\SpeedUpMyPC
Ordner Gelöscht : C:\Program Files (x86)\Advanced System Protector
Ordner Gelöscht : C:\Program Files (x86)\FoxTab
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\openit
Ordner Gelöscht : C:\Program Files (x86)\optimizer pro
Ordner Gelöscht : C:\Program Files (x86)\PC Speed Maximizer
Ordner Gelöscht : C:\Program Files (x86)\Searchprotect
Ordner Gelöscht : C:\Program Files (x86)\Spring Smart
Ordner Gelöscht : C:\Program Files (x86)\Uniblue\SpeedUpMyPC
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella
Ordner Gelöscht : C:\Windows\SysWOW64\Searchprotect
Ordner Gelöscht : C:\Users\Bernd\Qtrax
Ordner Gelöscht : C:\Users\Bernd\AppData\Local\emaze
Ordner Gelöscht : C:\Users\Bernd\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Bernd\AppData\Local\Searchprotect
Ordner Gelöscht : C:\Users\Bernd\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Users\Bernd\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\Bernd\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Ordner Gelöscht : C:\Users\Bernd\AppData\Roaming\FoxTab
Ordner Gelöscht : C:\Users\Bernd\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\Bernd\AppData\Roaming\optimizer pro
Ordner Gelöscht : C:\Users\Bernd\AppData\Roaming\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Bernd\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Bernd\AppData\Roaming\Uniblue\SpeedUpMyPC
Ordner Gelöscht : C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Ordner Gelöscht : C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Ordner Gelöscht : C:\Users\Bernd\Documents\Mobogenie
Ordner Gelöscht : C:\Users\privat\AppData\Local\Searchprotect
Ordner Gelöscht : C:\Users\privat\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\privat\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}
Ordner Gelöscht : C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
Ordner Gelöscht : C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\sparpilot@sparpilot.com
Ordner Gelöscht : C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab
Datei Gelöscht : C:\Users\Public\Desktop\Advanced System Protector.lnk
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Datei Gelöscht : C:\Users\Public\Desktop\Open It!.lnk
Datei Gelöscht : C:\Users\Public\Desktop\RegClean Pro.lnk
Datei Gelöscht : C:\Users\Public\Desktop\speedupmypc.lnk
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Datei Gelöscht : C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
Datei Gelöscht : C:\Users\Bernd\Desktop\eBay.lnk
Datei Gelöscht : C:\Users\Bernd\Desktop\Mobogenie.lnk
Datei Gelöscht : C:\Users\Bernd\Desktop\MyPC Backup.lnk
Datei Gelöscht : C:\Users\Bernd\Desktop\Optimizer Pro.lnk
Datei Gelöscht : C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\Advanced System Protector_startup
Datei Gelöscht : C:\Windows\Tasks\FoxTab.job
Datei Gelöscht : C:\Windows\System32\Tasks\FoxTab
Datei Gelöscht : C:\Windows\Tasks\SpeedUpMyPC.job
Datei Gelöscht : C:\Windows\System32\Tasks\SpeedUpMyPC
Datei Gelöscht : C:\Windows\Tasks\spmonitor.job
Datei Gelöscht : C:\Windows\System32\Tasks\spmonitor
***** [ Verknüpfungen ] *****
Code:
ATTFilter # AdwCleaner v3.017 - Bericht erstellt am 26/01/2014 um 16:27:41
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Bernd - DAMPFMASCHINN
# Gestartet von : C:\Users\Bernd\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\Bernd\Desktop\ALDI Nord Blumen Service.lnk
Verknüpfung Desinfiziert : C:\Users\Bernd\Desktop\ALDI Nord Reisen.lnk
Verknüpfung Desinfiziert : C:\Users\Bernd\Desktop\ALDI Nord Startseite.lnk
Verknüpfung Desinfiziert : C:\Users\Bernd\Desktop\ALDI Talk.lnk
Verknüpfung Desinfiziert : C:\Users\Bernd\Desktop\Amazon.lnk
Verknüpfung Desinfiziert : C:\Users\Bernd\Desktop\Search.lnk
Verknüpfung Desinfiziert : C:\Users\Bernd\Desktop\WEB.DE.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome.lnk
Verknüpfung Desinfiziert : C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Verknüpfung Desinfiziert : C:\Users\Bernd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Bernd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Classes\Applications\lollipop.exe
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [PC Speed Maximizer]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322342238}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322852232}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366346638}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366856632}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322342238}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322852232}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366346638}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366856632}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\pc speed maximizer
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\visualbee
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\aartemisSoftware
Schlüssel Gelöscht : HKLM\Software\InstallCore
Schlüssel Gelöscht : HKLM\Software\SearchProtect
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\visualbee
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0C3DD791-1026-4B03-8085-34EFB8CE1BBF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{48C7EA08-0178-45A4-B7D9-137AE61164E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OpenIt Open It!
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DomaIQ
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spring Smart
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\197DD3C0620130B4085843FE8BECB1FB
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\197DD3C0620130B4085843FE8BECB1FB
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16384
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\prefs.js ]
Zeile gelöscht : user_pref("browser.search.selectedEngine", "aartemis");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "142f211fab9075c39606101a7ca574cc");
[ Datei : C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\sbrri8eu.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.crossrider.bic", "143547d474c2f48ceb26e3fbacbf3dc8");
*************************
AdwCleaner[R0].txt - [31924 octets] - [26/01/2014 16:23:53]
AdwCleaner[R1].txt - [27334 octets] - [26/01/2014 16:26:21]
AdwCleaner[S0].txt - [4850 octets] - [26/01/2014 16:25:22]
AdwCleaner[S1].txt - [23901 octets] - [26/01/2014 16:27:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [23962 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 8.1 x64
Ran by Bernd on 26.01.2014 at 16:34:14,38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3793513485-3065062101-2964870661-1001\Software\wajam
~~~ Files
Successfully deleted: [File] "C:\Users\Bernd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\speedupmypc.lnk"
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\browsersafeguard"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uniblue"
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Bernd\AppData\Roaming\mozilla\firefox\profiles\dmcfp0qk.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com
Emptied folder: C:\Users\Bernd\AppData\Roaming\mozilla\firefox\profiles\dmcfp0qk.default\minidumps [2 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.01.2014 at 16:53:50,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-01-2014 02
Ran by Bernd (administrator) on DAMPFMASCHINN on 26-01-2014 17:27:38
Running from C:\Users\Bernd\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\nis.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\nis.exe
() C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
() C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
(Engelmann Media) C:\Program Files (x86)\Engelmann Media\Win8Starter\Win8Starter.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Dropbox, Inc.) C:\Users\Bernd\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(1und1 Mail und Media GmbH) C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Farbar) C:\Users\Bernd\Downloads\FRST64(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-29] (Realtek Semiconductor Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2777840 2013-08-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-09-23] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-18] (CyberLink Corp.)
HKLM-x32\...\Run: [MailCheck IE Broker] - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [1766464 2013-10-16] (1und1 Mail und Media GmbH)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM\...\Winlogon: [Shell] explorer.exe /select,explorer.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKCU\...\Run: [HP Officejet 6500 E710n-z (NET)] - C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Policies\Explorer: [DisallowRun] 1
Startup: C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Bernd\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:54144;https=127.0.0.1:54144
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Plus-HD-2.5 - {11111111-1111-1111-1111-110311341138} - C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-bho64.dll No File
BHO: Feven 1.5 - {11111111-1111-1111-1111-110311851132} - C:\Program Files (x86)\Feven 1.5\Feven 1.5-bho64.dll No File
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: WEB.DE MailCheck BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
BHO-x32: CBAbzockschutz.InitToolbarBHO - {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: WEB.DE MailCheck BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Handler-x32: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default
FF Homepage: hxxp://googel.de
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Amazon-Icon - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\amazon-icon@giga.de [2013-12-13]
FF Extension: Spring Smart - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\firefox@springsmart.net.xpi [2013-12-13]
FF Extension: WEB.DE MailCheck - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\toolbar@web.de.xpi [2013-12-13]
FF Extension: COMPUTERBILD-Abzockschutz - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}.xpi [2013-12-16]
FF Extension: Video MPEG4 Helper Light - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\{efc65769-b95a-49f0-8aab-a1e84c83674d}.xpi [2014-01-26]
FF Extension: {f4b26a50-3277-4dfa-97a2-dcb5896f7a70} - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\{f4b26a50-3277-4dfa-97a2-dcb5896f7a70}.xpi [2014-01-14]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [jid0-1wPBLrijxGVkIUhu0kFYq6ZaWzA@jetpack] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox
FF Extension: AntiBrowserSpy - SocialBlocker - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox [2013-12-14]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF [2013-12-22]
FF HKCU\...\Firefox\Extensions: [{f1fdd844-1f47-4b8c-a30b-4abcaa3b8fc3}] - C:\Program Files (x86)\ViewPassword\150.xpi
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Feven 1.5) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\baodmgdpdoelldjmkhknbolcldnfjegg [2013-12-14]
CHR Extension: (Plus-HD-2.5) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd [2013-12-14]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Bernd\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2013-12-13]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\Exts\Chrome.crx [2013-12-27]
==================== Services (Whitelisted) =================
U2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [61440 2013-09-26] ()
U2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
U2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
U2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [160768 2013-06-27] ()
U2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation)
U3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
U2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
U2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
U2 NIS; C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
U2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
U3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
U0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
U3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
U1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [1526488 2013-12-03] (Symantec Corporation)
U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
U1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
U1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
U1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-14] (Symantec Corporation)
U3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-14] (Symantec Corporation)
U3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
U3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
U0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
U1 IDSVia64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\IPSDefs\20131225.001\IDSvia64.sys [521944 2013-12-20] (Symantec Corporation)
U0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
U0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
U3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U3 NAVENG; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20131226.024\ENG64.SYS [126040 2013-12-14] (Symantec Corporation)
U3 NAVEX15; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20131226.024\EX64.SYS [2099288 2013-12-14] (Symantec Corporation)
U3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
U3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
U3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
U2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
U3 PegaRadioSwitch; C:\Windows\System32\drivers\PegaRadioSwitch.sys [23552 2013-08-22] (Windows (R) Win 7 DDK provider)
U3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2013-10-22] ()
U3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
U3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
U3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2945240 2013-09-12] (Realtek Semiconductor Corporation )
U3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
U3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-08-14] (Synaptics Incorporated)
U3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)
U3 SRTSP; C:\Windows\System32\Drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
U1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
U0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
U0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
U0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
U0 SymELAM; C:\Windows\System32\drivers\NISx64\1501000.012\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
U3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-14] (Symantec Corporation)
U1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
U1 SymNetS; C:\Windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)
U3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
U3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
U3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
Code:
ATTFilter ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-26 17:26 - 2014-01-26 17:26 - 02078208 _____ (Farbar) C:\Users\Bernd\Downloads\FRST64(1).exe 2014-01-26 17:13 - 2014-01-26 17:13 - 00001549 _____ C:\Users\Bernd\Desktop\JRT 26.01..txt 2014-01-26 16:53 - 2014-01-26 16:53 - 00001549 _____ C:\Users\Bernd\Desktop\JRT.txt 2014-01-26 16:34 - 2014-01-26 16:34 - 00000000 ____D C:\Windows\ERUNT 2014-01-26 16:32 - 2014-01-26 15:05 - 01236282 _____ C:\Users\Bernd\Downloads\adwcleaner.exe 2014-01-26 16:31 - 2014-01-26 15:06 - 01037068 _____ (Thisisu) C:\Users\Bernd\Desktop\JRT.exe 2014-01-26 16:23 - 2014-01-26 16:27 - 00000000 ____D C:\AdwCleaner 2014-01-26 15:08 - 2014-01-26 15:08 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Malwarebytes 2014-01-26 15:07 - 2014-01-26 15:07 - 00001129 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-01-26 15:07 - 2014-01-26 15:07 - 00000000 ____D C:\ProgramData\Malwarebytes 2014-01-26 15:07 - 2014-01-26 15:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-01-26 15:07 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-01-26 15:06 - 2014-01-26 15:06 - 01037068 _____ (Thisisu) C:\Users\Bernd\Downloads\JRT.exe 2014-01-26 15:05 - 2014-01-26 15:05 - 01236282 _____ C:\Users\Bernd\Desktop\adwcleaner.exe 2014-01-26 14:40 - 2014-01-26 14:40 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Bernd\Downloads\mbam-setup-1.75.0.1300.exe 2014-01-24 15:16 - 2014-01-24 15:16 - 00652937 _____ C:\Users\privat\Documents\265.oxps 2014-01-23 16:04 - 2014-01-23 19:48 - 00000000 ____D C:\Users\privat\Desktop\Lisa 2014-01-23 16:01 - 2014-01-23 16:01 - 00000000 ____D C:\Users\privat\AppData\Local\HP 2014-01-22 22:12 - 2014-01-22 22:12 - 00000000 ____D C:\Users\privat\AppData\Roaming\OpenOffice 2014-01-22 16:53 - 2014-01-22 16:53 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-01-14 22:14 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2014-01-14 22:14 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll 2014-01-14 22:14 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe 2014-01-14 22:14 - 2013-11-27 11:34 - 00138240 _____ C:\Windows\system32\OEMLicense.dll 2014-01-14 22:14 - 2013-11-27 10:54 - 00103936 _____ C:\Windows\SysWOW64\OEMLicense.dll 2014-01-14 22:14 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-01-14 22:14 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll 2014-01-14 22:14 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-01-14 22:14 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll 2014-01-14 22:14 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2014-01-14 22:14 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2014-01-14 19:16 - 2014-01-14 19:16 - 00000000 ____D C:\Users\privat\AppData\Roaming\HpUpdate 2014-01-02 21:51 - 2014-01-24 17:28 - 00000000 ____D C:\Users\privat\AppData\Local\CrashDumps 2014-01-02 19:56 - 2014-01-02 19:56 - 00000000 ____D C:\Users\privat\AppData\Roaming\COMPUTERBILD-Abzockschutz 2013-12-29 20:29 - 2013-12-29 20:29 - 00000000 ____D C:\Users\privat\AppData\Local\Macromedia 2013-12-28 20:57 - 2013-12-29 19:59 - 00000000 ____D C:\Users\privat\AppData\Roaming\Mozilla 2013-12-28 20:57 - 2013-12-29 19:59 - 00000000 ____D C:\Users\privat\AppData\Local\Mozilla 2013-12-27 18:51 - 2013-12-27 18:51 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security CBE 2013-12-27 18:15 - 2013-12-27 18:15 - 00029830 _____ C:\Users\Bernd\Desktop\FRST.zip 2013-12-27 18:15 - 2013-12-27 18:15 - 00008303 _____ C:\Users\Bernd\Desktop\Addition.zip ==================== One Month Modified Files and Folders ======= 2014-01-26 17:27 - 2013-12-16 11:36 - 00019352 _____ C:\Users\Bernd\Downloads\FRST.txt 2014-01-26 17:26 - 2014-01-26 17:26 - 02078208 _____ (Farbar) C:\Users\Bernd\Downloads\FRST64(1).exe 2014-01-26 17:23 - 2013-10-07 06:42 - 00797412 _____ C:\Windows\system32\perfh013.dat 2014-01-26 17:23 - 2013-10-07 06:42 - 00161992 _____ C:\Windows\system32\perfc013.dat 2014-01-26 17:23 - 2013-10-07 06:40 - 00793160 _____ C:\Windows\system32\perfh010.dat 2014-01-26 17:23 - 2013-10-07 06:40 - 00156082 _____ C:\Windows\system32\perfc010.dat 2014-01-26 17:23 - 2013-10-07 06:37 - 00742562 _____ C:\Windows\system32\perfh00E.dat 2014-01-26 17:23 - 2013-10-07 06:37 - 00177650 _____ C:\Windows\system32\perfc00E.dat 2014-01-26 17:23 - 2013-10-07 06:35 - 00801394 _____ C:\Windows\system32\perfh00C.dat 2014-01-26 17:23 - 2013-10-07 06:35 - 00158846 _____ C:\Windows\system32\perfc00C.dat 2014-01-26 17:23 - 2013-10-07 06:32 - 00765582 _____ C:\Windows\system32\perfh007.dat 2014-01-26 17:23 - 2013-10-07 06:32 - 00159366 _____ C:\Windows\system32\perfc007.dat 2014-01-26 17:23 - 2013-10-07 06:30 - 00455668 _____ C:\Windows\system32\perfh006.dat 2014-01-26 17:23 - 2013-10-07 06:30 - 00079422 _____ C:\Windows\system32\perfc006.dat 2014-01-26 17:23 - 2013-10-07 06:11 - 06098376 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-26 17:19 - 2013-12-12 20:33 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Dropbox 2014-01-26 17:19 - 2013-12-12 15:47 - 00000000 ____D C:\Users\Bernd\Documents\Youcam 2014-01-26 17:18 - 2013-12-12 15:49 - 00000000 __RDO C:\Users\Bernd\SkyDrive 2014-01-26 17:18 - 2013-12-12 15:46 - 00128702 _____ C:\Users\Bernd\AppData\Local\BTServer.log 2014-01-26 17:17 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-26 17:16 - 2013-12-12 15:35 - 01663375 _____ C:\Windows\WindowsUpdate.log 2014-01-26 17:14 - 2013-12-13 22:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-26 17:13 - 2014-01-26 17:13 - 00001549 _____ C:\Users\Bernd\Desktop\JRT 26.01..txt 2014-01-26 17:13 - 2013-12-12 15:53 - 00003950 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{72052607-CF90-47BF-B528-3B605F4E2372} 2014-01-26 17:10 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore 2014-01-26 17:03 - 2013-12-13 20:59 - 00000000 ____D C:\Windows\system32\MRT 2014-01-26 17:03 - 2013-10-07 07:12 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-01-26 17:00 - 2013-12-12 15:51 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3793513485-3065062101-2964870661-1001 2014-01-26 17:00 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru 2014-01-26 16:53 - 2014-01-26 16:53 - 00001549 _____ C:\Users\Bernd\Desktop\JRT.txt 2014-01-26 16:37 - 2013-12-13 22:57 - 00000000 ____D C:\Program Files (x86)\FlvPlayer 2014-01-26 16:34 - 2014-01-26 16:34 - 00000000 ____D C:\Windows\ERUNT 2014-01-26 16:33 - 2013-12-16 23:25 - 00000000 ____D C:\Users\Bernd\AppData\Local\CrashDumps 2014-01-26 16:30 - 2013-08-22 14:25 - 00524288 ___SH C:\Windows\system32\config\BBI 2014-01-26 16:27 - 2014-01-26 16:23 - 00000000 ____D C:\AdwCleaner 2014-01-26 16:27 - 2013-12-12 20:16 - 00001120 _____ C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-01-26 16:27 - 2013-12-12 15:46 - 00001011 _____ C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-01-26 16:25 - 2013-12-14 18:05 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Uniblue 2014-01-26 16:25 - 2013-12-14 18:05 - 00000000 ____D C:\Program Files (x86)\Uniblue 2014-01-26 16:25 - 2013-12-12 15:46 - 00000000 ___RD C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-01-26 16:25 - 2013-12-12 15:44 - 00000000 ____D C:\Users\Bernd 2014-01-26 16:05 - 2013-10-07 06:06 - 00584902 _____ C:\Windows\PFRO.log 2014-01-26 15:19 - 2013-12-13 21:49 - 00006323 _____ C:\Users\Bernd\daemonprocess.txt 2014-01-26 15:08 - 2014-01-26 15:08 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Malwarebytes 2014-01-26 15:07 - 2014-01-26 15:07 - 00001129 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-01-26 15:07 - 2014-01-26 15:07 - 00000000 ____D C:\ProgramData\Malwarebytes 2014-01-26 15:07 - 2014-01-26 15:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-01-26 15:06 - 2014-01-26 16:31 - 01037068 _____ (Thisisu) C:\Users\Bernd\Desktop\JRT.exe 2014-01-26 15:06 - 2014-01-26 15:06 - 01037068 _____ (Thisisu) C:\Users\Bernd\Downloads\JRT.exe 2014-01-26 15:05 - 2014-01-26 16:32 - 01236282 _____ C:\Users\Bernd\Downloads\adwcleaner.exe 2014-01-26 15:05 - 2014-01-26 15:05 - 01236282 _____ C:\Users\Bernd\Desktop\adwcleaner.exe 2014-01-26 15:01 - 2013-12-20 09:56 - 00001426 _____ C:\Users\Bernd\Desktop\Registry kostenlos entrümpeln!.lnk 2014-01-26 14:40 - 2014-01-26 14:40 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Bernd\Downloads\mbam-setup-1.75.0.1300.exe 2014-01-26 14:17 - 2013-12-13 22:54 - 00000000 ____D C:\Users\Bernd\AppData\Local\Adobe 2014-01-26 14:15 - 2013-12-12 20:39 - 00000000 ___RD C:\Users\Bernd\Dropbox 2014-01-26 14:14 - 2013-12-14 14:53 - 00013447 _____ C:\Users\privat\daemonprocess.txt 2014-01-26 14:14 - 2013-12-12 16:30 - 00194211 _____ C:\Users\privat\AppData\Local\BTServer.log 2014-01-26 12:35 - 2013-10-08 12:22 - 00000000 ____D C:\Program Files (x86)\PHotkey 2014-01-26 11:31 - 2013-12-12 16:36 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3793513485-3065062101-2964870661-1002 2014-01-26 11:27 - 2013-12-12 16:32 - 00000000 ____D C:\Users\privat\Documents\Youcam 2014-01-25 21:53 - 2013-08-22 15:46 - 00070007 _____ C:\Windows\setupact.log 2014-01-25 19:46 - 2013-12-14 20:23 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\vlc 2014-01-25 19:29 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness 2014-01-25 19:22 - 2013-12-12 20:39 - 00001033 _____ C:\Users\Bernd\Desktop\Dropbox.lnk 2014-01-25 19:22 - 2013-12-12 20:34 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-01-24 18:01 - 2013-12-12 18:03 - 00000000 __RDO C:\Users\privat\SkyDrive 2014-01-24 17:28 - 2014-01-02 21:51 - 00000000 ____D C:\Users\privat\AppData\Local\CrashDumps 2014-01-24 15:16 - 2014-01-24 15:16 - 00652937 _____ C:\Users\privat\Documents\265.oxps 2014-01-24 14:56 - 2013-12-12 17:25 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B35484AC-E1DA-40F6-BF84-2BF4FDB0D66E} 2014-01-23 19:48 - 2014-01-23 16:04 - 00000000 ____D C:\Users\privat\Desktop\Lisa 2014-01-23 16:01 - 2014-01-23 16:01 - 00000000 ____D C:\Users\privat\AppData\Local\HP 2014-01-22 22:12 - 2014-01-22 22:12 - 00000000 ____D C:\Users\privat\AppData\Roaming\OpenOffice 2014-01-22 16:54 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2014-01-22 16:53 - 2014-01-22 16:53 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-01-14 19:16 - 2014-01-14 19:16 - 00000000 ____D C:\Users\privat\AppData\Roaming\HpUpdate 2014-01-07 23:58 - 2013-12-20 09:58 - 00000072 _____ C:\Users\Bernd\AppData\Roaming\WB.CFG 2014-01-06 23:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-01-06 23:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-01-02 19:56 - 2014-01-02 19:56 - 00000000 ____D C:\Users\privat\AppData\Roaming\COMPUTERBILD-Abzockschutz 2013-12-29 20:29 - 2013-12-29 20:29 - 00000000 ____D C:\Users\privat\AppData\Local\Macromedia 2013-12-29 19:59 - 2013-12-28 20:57 - 00000000 ____D C:\Users\privat\AppData\Roaming\Mozilla 2013-12-29 19:59 - 2013-12-28 20:57 - 00000000 ____D C:\Users\privat\AppData\Local\Mozilla 2013-12-28 19:49 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP 2013-12-27 18:51 - 2013-12-27 18:51 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security CBE 2013-12-27 18:51 - 2013-12-14 18:16 - 00003242 _____ C:\Windows\System32\Tasks\Norton WSC Integration 2013-12-27 18:51 - 2013-12-14 18:16 - 00002569 _____ C:\Users\Public\Desktop\Norton Internet Security CBE.lnk 2013-12-27 18:51 - 2013-12-14 18:15 - 00000000 ____D C:\Windows\system32\Drivers\NISx64 2013-12-27 18:15 - 2013-12-27 18:15 - 00029830 _____ C:\Users\Bernd\Desktop\FRST.zip 2013-12-27 18:15 - 2013-12-27 18:15 - 00008303 _____ C:\Users\Bernd\Desktop\Addition.zip Some content of TEMP: ==================== C:\Users\Bernd\AppData\Local\Temp\455.7824454212927_Update.exe C:\Users\Bernd\AppData\Local\Temp\6_Offer_15.exe C:\Users\Bernd\AppData\Local\Temp\6_Offer_16.exe C:\Users\Bernd\AppData\Local\Temp\amazonicon_v3.exe C:\Users\Bernd\AppData\Local\Temp\amazoninstallernircmdc.exe C:\Users\Bernd\AppData\Local\Temp\BackupSetup.exe C:\Users\Bernd\AppData\Local\Temp\COMAP.EXE C:\Users\Bernd\AppData\Local\Temp\Firefox_Setup_26.0.exe C:\Users\Bernd\AppData\Local\Temp\fp_pl_pfs_installer-1.exe C:\Users\Bernd\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\Bernd\AppData\Local\Temp\Mobogenie563.exe C:\Users\Bernd\AppData\Local\Temp\plus-hd-2-5.exe C:\Users\Bernd\AppData\Local\Temp\Quarantine.exe C:\Users\Bernd\AppData\Local\Temp\sdanircmdc.exe C:\Users\Bernd\AppData\Local\Temp\sdapskill.exe C:\Users\Bernd\AppData\Local\Temp\SendMsg.dll C:\Users\Bernd\AppData\Local\Temp\System.Data.SQLite.dll C:\Users\Bernd\AppData\Local\Temp\Viee9457.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-26 17:00 ==================== End Of Log ============================ --- --- --- Ich hoffe das war´s. Lapi läuf schon viel stabieler.. Sind noch Icons auf dem Desktop, aber es gehen wenigstens schon keine Fenster mehr von alleine auf. LG pv54466 |
|
27.01.2014, 11:02
| #12 |
| /// the machine /// TB-Ausbilder | Diverse Palgegeister auf meinen neuen Laptop (4 tage alt )ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.01.2014, 14:51
| #13 |
| | Diverse Palgegeister auf meinen neuen Laptop (4 tage alt ) WOW, vielen Dank für die Hilfe. Bis bis 22:00 im Dienst gegen 23:00 zuhause, lege dann los. Gruss und Danke pv54466 |
|
28.01.2014, 11:15
| #14 |
| /// the machine /// TB-Ausbilder | Diverse Palgegeister auf meinen neuen Laptop (4 tage alt ) ok
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.01.2014, 11:58
| #15 |
| | Diverse Palgegeister auf meinen neuen Laptop (4 tage alt ) eset Smartinstaller bekomme ich nicht ans laufen. Er will wohl ein update machen bekommt aber keine Netzverbindung can not get up, is proxy configured? security Check Code:
ATTFilter Results of screen317's Security Check version 0.99.79 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender Norton Internet Security CBE WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` AntiBrowserSpy Malwarebytes Anti-Malware Version 1.75.0.1300 Adobe Flash Player 11.9.900.170 Mozilla Firefox (26.0) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-01-2014 02
Ran by Bernd (administrator) on DAMPFMASCHINN on 28-01-2014 11:54:11
Running from C:\Users\Bernd\Desktop
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\nis.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\nis.exe
() C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
(Engelmann Media) C:\Program Files (x86)\Engelmann Media\Win8Starter\Win8Starter.exe
(Dropbox, Inc.) C:\Users\Bernd\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(1und1 Mail und Media GmbH) C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Farbar) C:\Users\Bernd\Desktop\FRST64(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-29] (Realtek Semiconductor Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2777840 2013-08-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-09-23] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-18] (CyberLink Corp.)
HKLM-x32\...\Run: [MailCheck IE Broker] - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [1766464 2013-10-16] (1und1 Mail und Media GmbH)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM\...\Winlogon: [Shell] explorer.exe /select,explorer.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKCU\...\Run: [HP Officejet 6500 E710n-z (NET)] - C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Policies\Explorer: [DisallowRun] 1
Startup: C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Bernd\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:54144;https=127.0.0.1:54144
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Plus-HD-2.5 - {11111111-1111-1111-1111-110311341138} - C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-bho64.dll No File
BHO: Feven 1.5 - {11111111-1111-1111-1111-110311851132} - C:\Program Files (x86)\Feven 1.5\Feven 1.5-bho64.dll No File
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: WEB.DE MailCheck BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
BHO-x32: CBAbzockschutz.InitToolbarBHO - {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: WEB.DE MailCheck BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Handler-x32: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default
FF Homepage: hxxp://googel.de
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Amazon-Icon - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\amazon-icon@giga.de [2013-12-13]
FF Extension: WEB.DE MailCheck - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\toolbar@web.de.xpi [2013-12-13]
FF Extension: COMPUTERBILD-Abzockschutz - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}.xpi [2013-12-16]
FF Extension: Video MPEG4 Helper Light - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\{efc65769-b95a-49f0-8aab-a1e84c83674d}.xpi [2014-01-26]
FF Extension: {f4b26a50-3277-4dfa-97a2-dcb5896f7a70} - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\dmcfp0qk.default\Extensions\{f4b26a50-3277-4dfa-97a2-dcb5896f7a70}.xpi [2014-01-14]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [jid0-1wPBLrijxGVkIUhu0kFYq6ZaWzA@jetpack] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox
FF Extension: AntiBrowserSpy - SocialBlocker - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox [2013-12-14]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF [2013-12-22]
FF HKCU\...\Firefox\Extensions: [{f1fdd844-1f47-4b8c-a30b-4abcaa3b8fc3}] - C:\Program Files (x86)\ViewPassword\150.xpi
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Feven 1.5) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\baodmgdpdoelldjmkhknbolcldnfjegg [2013-12-14]
CHR Extension: (Plus-HD-2.5) - C:\Users\Bernd\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd [2013-12-14]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Bernd\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2013-12-13]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\Exts\Chrome.crx [2013-12-27]
==================== Services (Whitelisted) =================
U2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [61440 2013-09-26] ()
U2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
U2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
U2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [160768 2013-06-27] ()
U2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation)
U3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
U2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
U2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
U2 NIS; C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
U2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
U3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
U0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
U3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
U1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
U1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
U1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
U1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-14] (Symantec Corporation)
U3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-14] (Symantec Corporation)
U3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
U3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
U0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
U1 IDSVia64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\IPSDefs\20140127.001\IDSvia64.sys [521944 2014-01-24] (Symantec Corporation)
U0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
U0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
U3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U3 NAVENG; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140127.022\ENG64.SYS [126040 2014-01-25] (Symantec Corporation)
U3 NAVEX15; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140127.022\EX64.SYS [2099288 2014-01-25] (Symantec Corporation)
U3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
U3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
U3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
U2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
U3 PegaRadioSwitch; C:\Windows\System32\drivers\PegaRadioSwitch.sys [23552 2013-08-22] (Windows (R) Win 7 DDK provider)
U3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2013-10-22] ()
U3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
U3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
U3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2945240 2013-09-12] (Realtek Semiconductor Corporation )
U3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
U3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-08-14] (Synaptics Incorporated)
U3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)
U3 SRTSP; C:\Windows\System32\Drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
U1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
U0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
U0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
U0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
U0 SymELAM; C:\Windows\System32\drivers\NISx64\1501000.012\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
U3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-14] (Symantec Corporation)
U1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
U1 SymNetS; C:\Windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)
U3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
U3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
U3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
Code:
ATTFilter ==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-28 11:54 - 2014-01-28 11:54 - 00019177 _____ C:\Users\Bernd\Desktop\FRST.txt
2014-01-28 11:54 - 2014-01-26 17:26 - 02078208 _____ (Farbar) C:\Users\Bernd\Desktop\FRST64(1).exe
2014-01-28 11:47 - 2014-01-28 11:02 - 02347384 _____ (ESET) C:\Users\Bernd\Desktop\esetsmartinstaller_enu.exe
2014-01-28 11:03 - 2014-01-28 11:03 - 00987425 _____ C:\Users\Bernd\Downloads\SecurityCheck.exe
2014-01-28 11:03 - 2014-01-28 11:03 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-28 11:02 - 2014-01-28 11:02 - 02347384 _____ (ESET) C:\Users\Bernd\Downloads\esetsmartinstaller_enu.exe
2014-01-26 18:06 - 2014-01-26 18:06 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security
2014-01-26 17:58 - 2014-01-28 11:53 - 00000000 ____D C:\Users\Bernd\Desktop\Lapi aufräumen
2014-01-26 17:26 - 2014-01-26 17:26 - 02078208 _____ (Farbar) C:\Users\Bernd\Downloads\FRST64(1).exe
2014-01-26 16:34 - 2014-01-26 16:34 - 00000000 ____D C:\Windows\ERUNT
2014-01-26 16:32 - 2014-01-26 15:05 - 01236282 _____ C:\Users\Bernd\Downloads\adwcleaner.exe
2014-01-26 16:23 - 2014-01-26 16:27 - 00000000 ____D C:\AdwCleaner
2014-01-26 15:08 - 2014-01-26 15:08 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Malwarebytes
2014-01-26 15:07 - 2014-01-26 15:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-26 15:07 - 2014-01-26 15:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-26 15:07 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-26 15:06 - 2014-01-26 15:06 - 01037068 _____ (Thisisu) C:\Users\Bernd\Downloads\JRT.exe
2014-01-26 14:40 - 2014-01-26 14:40 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Bernd\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-24 15:16 - 2014-01-24 15:16 - 00652937 _____ C:\Users\privat\Documents\265.oxps
2014-01-23 16:01 - 2014-01-23 16:01 - 00000000 ____D C:\Users\privat\AppData\Local\HP
2014-01-22 22:12 - 2014-01-22 22:12 - 00000000 ____D C:\Users\privat\AppData\Roaming\OpenOffice
2014-01-22 16:53 - 2014-01-22 16:53 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-01-14 22:14 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-01-14 22:14 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2014-01-14 22:14 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2014-01-14 22:14 - 2013-11-27 11:34 - 00138240 _____ C:\Windows\system32\OEMLicense.dll
2014-01-14 22:14 - 2013-11-27 10:54 - 00103936 _____ C:\Windows\SysWOW64\OEMLicense.dll
2014-01-14 22:14 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 22:14 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2014-01-14 22:14 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 22:14 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-01-14 22:14 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-14 22:14 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-01-14 19:16 - 2014-01-14 19:16 - 00000000 ____D C:\Users\privat\AppData\Roaming\HpUpdate
2014-01-02 21:51 - 2014-01-24 17:28 - 00000000 ____D C:\Users\privat\AppData\Local\CrashDumps
2014-01-02 19:56 - 2014-01-02 19:56 - 00000000 ____D C:\Users\privat\AppData\Roaming\COMPUTERBILD-Abzockschutz
2013-12-29 20:29 - 2013-12-29 20:29 - 00000000 ____D C:\Users\privat\AppData\Local\Macromedia
==================== One Month Modified Files and Folders =======
2014-01-28 11:54 - 2014-01-28 11:54 - 00019177 _____ C:\Users\Bernd\Desktop\FRST.txt
2014-01-28 11:53 - 2014-01-26 17:58 - 00000000 ____D C:\Users\Bernd\Desktop\Lapi aufräumen
2014-01-28 11:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru
2014-01-28 11:46 - 2013-10-07 06:42 - 00797412 _____ C:\Windows\system32\perfh013.dat
2014-01-28 11:46 - 2013-10-07 06:42 - 00161992 _____ C:\Windows\system32\perfc013.dat
2014-01-28 11:46 - 2013-10-07 06:40 - 00793160 _____ C:\Windows\system32\perfh010.dat
2014-01-28 11:46 - 2013-10-07 06:40 - 00156082 _____ C:\Windows\system32\perfc010.dat
2014-01-28 11:46 - 2013-10-07 06:37 - 00742562 _____ C:\Windows\system32\perfh00E.dat
2014-01-28 11:46 - 2013-10-07 06:37 - 00177650 _____ C:\Windows\system32\perfc00E.dat
2014-01-28 11:46 - 2013-10-07 06:35 - 00801394 _____ C:\Windows\system32\perfh00C.dat
2014-01-28 11:46 - 2013-10-07 06:35 - 00158846 _____ C:\Windows\system32\perfc00C.dat
2014-01-28 11:46 - 2013-10-07 06:32 - 00765582 _____ C:\Windows\system32\perfh007.dat
2014-01-28 11:46 - 2013-10-07 06:32 - 00159366 _____ C:\Windows\system32\perfc007.dat
2014-01-28 11:46 - 2013-10-07 06:30 - 00455668 _____ C:\Windows\system32\perfh006.dat
2014-01-28 11:46 - 2013-10-07 06:30 - 00079422 _____ C:\Windows\system32\perfc006.dat
2014-01-28 11:46 - 2013-10-07 06:11 - 06098376 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-28 11:45 - 2013-12-12 20:33 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Dropbox
2014-01-28 11:45 - 2013-12-12 15:53 - 00003950 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{72052607-CF90-47BF-B528-3B605F4E2372}
2014-01-28 11:45 - 2013-12-12 15:47 - 00000000 ____D C:\Users\Bernd\Documents\Youcam
2014-01-28 11:44 - 2013-12-12 15:49 - 00000000 __RDO C:\Users\Bernd\SkyDrive
2014-01-28 11:44 - 2013-12-12 15:46 - 00136164 _____ C:\Users\Bernd\AppData\Local\BTServer.log
2014-01-28 11:41 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-28 11:41 - 2013-08-22 14:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2014-01-28 11:14 - 2013-12-13 22:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-28 11:09 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2014-01-28 11:03 - 2014-01-28 11:03 - 00987425 _____ C:\Users\Bernd\Downloads\SecurityCheck.exe
2014-01-28 11:03 - 2014-01-28 11:03 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-28 11:02 - 2014-01-28 11:47 - 02347384 _____ (ESET) C:\Users\Bernd\Desktop\esetsmartinstaller_enu.exe
2014-01-28 11:02 - 2014-01-28 11:02 - 02347384 _____ (ESET) C:\Users\Bernd\Downloads\esetsmartinstaller_enu.exe
2014-01-28 10:39 - 2013-12-12 15:35 - 01837644 _____ C:\Windows\WindowsUpdate.log
2014-01-28 10:29 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2014-01-27 21:03 - 2013-12-12 16:30 - 00202015 _____ C:\Users\privat\AppData\Local\BTServer.log
2014-01-27 20:55 - 2013-12-12 16:36 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3793513485-3065062101-2964870661-1002
2014-01-27 20:53 - 2013-12-12 17:25 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B35484AC-E1DA-40F6-BF84-2BF4FDB0D66E}
2014-01-27 20:51 - 2013-12-12 16:32 - 00000000 ____D C:\Users\privat\Documents\Youcam
2014-01-27 20:50 - 2013-12-12 18:03 - 00000000 __RDO C:\Users\privat\SkyDrive
2014-01-26 22:09 - 2013-12-14 20:23 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\vlc
2014-01-26 19:46 - 2013-10-07 06:06 - 00589206 _____ C:\Windows\PFRO.log
2014-01-26 19:12 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2014-01-26 18:06 - 2014-01-26 18:06 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security
2014-01-26 17:29 - 2013-12-16 11:36 - 00033918 _____ C:\Users\Bernd\Downloads\FRST.txt
2014-01-26 17:26 - 2014-01-28 11:54 - 02078208 _____ (Farbar) C:\Users\Bernd\Desktop\FRST64(1).exe
2014-01-26 17:26 - 2014-01-26 17:26 - 02078208 _____ (Farbar) C:\Users\Bernd\Downloads\FRST64(1).exe
2014-01-26 17:10 - 2013-12-13 20:59 - 00000000 ____D C:\Windows\system32\MRT
2014-01-26 17:10 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore
2014-01-26 17:03 - 2013-10-07 07:12 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-26 17:00 - 2013-12-12 15:51 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3793513485-3065062101-2964870661-1001
2014-01-26 16:37 - 2013-12-13 22:57 - 00000000 ____D C:\Program Files (x86)\FlvPlayer
2014-01-26 16:34 - 2014-01-26 16:34 - 00000000 ____D C:\Windows\ERUNT
2014-01-26 16:33 - 2013-12-16 23:25 - 00000000 ____D C:\Users\Bernd\AppData\Local\CrashDumps
2014-01-26 16:27 - 2014-01-26 16:23 - 00000000 ____D C:\AdwCleaner
2014-01-26 16:27 - 2013-12-12 20:16 - 00001120 _____ C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-01-26 16:27 - 2013-12-12 15:46 - 00001011 _____ C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-26 16:25 - 2013-12-14 18:05 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Uniblue
2014-01-26 16:25 - 2013-12-14 18:05 - 00000000 ____D C:\Program Files (x86)\Uniblue
2014-01-26 16:25 - 2013-12-12 15:46 - 00000000 ___RD C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-26 16:25 - 2013-12-12 15:44 - 00000000 ____D C:\Users\Bernd
2014-01-26 15:19 - 2013-12-13 21:49 - 00006323 _____ C:\Users\Bernd\daemonprocess.txt
2014-01-26 15:08 - 2014-01-26 15:08 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Malwarebytes
2014-01-26 15:07 - 2014-01-26 15:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-26 15:07 - 2014-01-26 15:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-26 15:06 - 2014-01-26 15:06 - 01037068 _____ (Thisisu) C:\Users\Bernd\Downloads\JRT.exe
2014-01-26 15:05 - 2014-01-26 16:32 - 01236282 _____ C:\Users\Bernd\Downloads\adwcleaner.exe
2014-01-26 15:01 - 2013-12-20 09:56 - 00001426 _____ C:\Users\Bernd\Desktop\Registry kostenlos entrümpeln!.lnk
2014-01-26 14:40 - 2014-01-26 14:40 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Bernd\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-26 14:17 - 2013-12-13 22:54 - 00000000 ____D C:\Users\Bernd\AppData\Local\Adobe
2014-01-26 14:15 - 2013-12-12 20:39 - 00000000 ___RD C:\Users\Bernd\Dropbox
2014-01-26 14:14 - 2013-12-14 14:53 - 00013447 _____ C:\Users\privat\daemonprocess.txt
2014-01-26 12:35 - 2013-10-08 12:22 - 00000000 ____D C:\Program Files (x86)\PHotkey
2014-01-25 21:53 - 2013-08-22 15:46 - 00070007 _____ C:\Windows\setupact.log
2014-01-25 19:22 - 2013-12-12 20:39 - 00001033 _____ C:\Users\Bernd\Desktop\Dropbox.lnk
2014-01-25 19:22 - 2013-12-12 20:34 - 00000000 ____D C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-24 17:28 - 2014-01-02 21:51 - 00000000 ____D C:\Users\privat\AppData\Local\CrashDumps
2014-01-24 15:16 - 2014-01-24 15:16 - 00652937 _____ C:\Users\privat\Documents\265.oxps
2014-01-23 16:01 - 2014-01-23 16:01 - 00000000 ____D C:\Users\privat\AppData\Local\HP
2014-01-22 22:12 - 2014-01-22 22:12 - 00000000 ____D C:\Users\privat\AppData\Roaming\OpenOffice
2014-01-22 16:54 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2014-01-22 16:53 - 2014-01-22 16:53 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-01-14 19:16 - 2014-01-14 19:16 - 00000000 ____D C:\Users\privat\AppData\Roaming\HpUpdate
2014-01-07 23:58 - 2013-12-20 09:58 - 00000072 _____ C:\Users\Bernd\AppData\Roaming\WB.CFG
2014-01-06 23:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-06 23:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-02 19:56 - 2014-01-02 19:56 - 00000000 ____D C:\Users\privat\AppData\Roaming\COMPUTERBILD-Abzockschutz
2013-12-29 20:29 - 2013-12-29 20:29 - 00000000 ____D C:\Users\privat\AppData\Local\Macromedia
2013-12-29 19:59 - 2013-12-28 20:57 - 00000000 ____D C:\Users\privat\AppData\Roaming\Mozilla
2013-12-29 19:59 - 2013-12-28 20:57 - 00000000 ____D C:\Users\privat\AppData\Local\Mozilla
Some content of TEMP:
====================
C:\Users\Bernd\AppData\Local\Temp\455.7824454212927_Update.exe
C:\Users\Bernd\AppData\Local\Temp\6_Offer_15.exe
C:\Users\Bernd\AppData\Local\Temp\6_Offer_16.exe
C:\Users\Bernd\AppData\Local\Temp\amazonicon_v3.exe
C:\Users\Bernd\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Bernd\AppData\Local\Temp\BackupSetup.exe
C:\Users\Bernd\AppData\Local\Temp\COMAP.EXE
C:\Users\Bernd\AppData\Local\Temp\Firefox_Setup_26.0.exe
C:\Users\Bernd\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Bernd\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Bernd\AppData\Local\Temp\Mobogenie563.exe
C:\Users\Bernd\AppData\Local\Temp\plus-hd-2-5.exe
C:\Users\Bernd\AppData\Local\Temp\Quarantine.exe
C:\Users\Bernd\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Bernd\AppData\Local\Temp\sdapskill.exe
C:\Users\Bernd\AppData\Local\Temp\SendMsg.dll
C:\Users\Bernd\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Bernd\AppData\Local\Temp\Viee9457.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-26 17:00
==================== End Of Log ============================
|
|
| Themen zu Diverse Palgegeister auf meinen neuen Laptop (4 tage alt ) |
| clean, diverse, hallo zusammen, hoffe, laptop, neue, neuen, plagegeister, probleme, zusammen |
Linear-Darstellung
