| |
| |||||||
Log-Analyse und Auswertung: Windows 7 findet "einige" VirenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
03.01.2014, 18:07
| #1 |
 |  Windows 7 findet "einige" Viren Hey, habe gerade Avast Suchlauf gestartet, nichts gefunden. Stattdessen dann MBAM (Defogger war disabled): Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.03.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Vinc :: BLUE-VINC [Administrator] 03.01.2014 17:55:06 MBAM-log-2014-01-03 (17-59-29).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 301322 Laufzeit: 3 Minute(n), 40 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 7 HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1 (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Keine Aktion durchgeführt. HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Keine Aktion durchgeführt. HKCU\Software\diamondata (PUP.Optional.diamondata.A) -> Keine Aktion durchgeführt. HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. HKCU\Software\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 12 C:\Program Files (x86)\RegClean Pro (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. Infizierte Dateien: 100 C:\Windows\Tasks\RegClean Pro_UPDATES.job (PUP.Optional.RegCleanerPro.J) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\TraditionalCn_rcp_zh-tw.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Chinese_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\CleanSchedule.exe (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Danish_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Dutch_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\eng_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Finnish_rcp_fi.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\French_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\German_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\greek_rcp_el.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\install_left_image.bmp (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\isxdl.dll (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Italian_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Japanese_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\korean_rcp_ko.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Norwegian_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\polish_rcp_pl.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\portugese_rcp_pt.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Portuguese_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\RCPUninstall.exe (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\RegCleanPro.dll (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\russian_rcp_ru.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Spanish_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Swedish_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\systweakasp.exe (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\turkish_rcp_tr.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\unins000.dat (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\unins000.exe (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\unins000.msg (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\xmllite.dll (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Windows\Tasks\RegClean Pro_DEFAULT.job (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_01-01-2014.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_03-20-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_04-19-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_05-24-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_07-20-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_09-19-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000002.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000002.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000003.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000003.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000004.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000004.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000005.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000005.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000006.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000006.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000007.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000007.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000008.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000008.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000009.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000009.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_07-27-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_07-28-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_07-29-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_09-10-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-01-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-17-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_01-03-2014.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_04-19-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_10-19-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_10-27-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_01-01-2014.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_01-03-2014.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-26-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-27-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-29-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-31-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\rcpupdate.ini (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000002.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000002.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000003.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000003.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000004.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000004.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. (Ende) Code:
ATTFilter OTL logfile created on: 1/3/2014 6:00:02 PM - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Programme\OTL 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16428) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.65 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 43.06% Memory free 7.30 Gb Paging File | 4.79 Gb Available in Paging File | 65.54% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 150.00 Gb Total Space | 79.17 Gb Free Space | 52.78% Space Free | Partition Type: NTFS Drive D: | 150.00 Gb Total Space | 141.71 Gb Free Space | 94.47% Space Free | Partition Type: NTFS Drive E: | 200.00 Gb Total Space | 133.24 Gb Free Space | 66.62% Space Free | Partition Type: NTFS Drive F: | 431.51 Gb Total Space | 288.66 Gb Free Space | 66.90% Space Free | Partition Type: NTFS Computer Name: BLUE-VINC | User Name: Vinc | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/12/30 17:56:48 | 003,764,024 | ---- | M] (AVAST Software) -- D:\Programme\Avast\AvastUI.exe PRC - [2013/12/30 17:56:48 | 000,050,344 | ---- | M] (AVAST Software) -- D:\Programme\Avast\AvastSvc.exe PRC - [2013/12/11 20:40:36 | 001,823,656 | ---- | M] (Valve Corporation) -- D:\Programme\Steam\Steam.exe PRC - [2013/12/11 20:40:36 | 000,569,768 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe PRC - [2013/12/04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2013/10/18 23:26:10 | 000,906,536 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe PRC - [2013/10/18 23:24:08 | 001,795,880 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe PRC - [2013/10/18 23:21:20 | 000,555,304 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe PRC - [2013/07/03 09:32:44 | 001,228,504 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe PRC - [2013/07/03 09:32:44 | 000,660,184 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe PRC - [2013/07/03 09:32:42 | 000,563,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe PRC - [2013/05/10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013/04/29 01:56:32 | 000,101,888 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe PRC - [2013/03/20 09:36:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Programme\OTL\OTL.exe PRC - [2012/11/17 17:37:54 | 007,755,704 | ---- | M] (Systweak Inc) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe PRC - [2012/11/13 13:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- D:\Programme\Spybot - Search & Destroy\SDUpdate.exe PRC - [2012/11/13 13:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- D:\Programme\Spybot - Search & Destroy\SDTray.exe PRC - [2012/11/13 13:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- D:\Programme\Spybot - Search & Destroy\SDWSCSvc.exe PRC - [2012/11/13 13:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- D:\Programme\Spybot - Search & Destroy\SDUpdSvc.exe PRC - [2012/11/13 13:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- D:\Programme\Spybot - Search & Destroy\SDFSSvc.exe PRC - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012/05/31 11:37:17 | 003,491,792 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe PRC - [2012/04/27 21:25:04 | 001,173,680 | ---- | M] (Acronis) -- D:\Programme\Acronis True Image\TrueImageHome\TimounterMonitor.exe PRC - [2012/04/27 21:23:54 | 005,924,008 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe PRC - [2012/04/27 21:22:54 | 000,403,656 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2012/04/27 21:22:12 | 005,993,136 | ---- | M] (Acronis) -- D:\Programme\Acronis True Image\TrueImageHome\TrueImageMonitor.exe PRC - [2010/01/18 13:41:44 | 000,116,088 | ---- | M] (Sysinternals - www.sysinternals.com) -- D:\Programme\Microsofts Desktops\Desktops.exe PRC - [2009/09/05 16:29:06 | 000,385,024 | ---- | M] (shbox.de) -- C:\Program Files (x86)\FreePDF_XP\fpassist.exe PRC - [2009/02/19 13:46:26 | 000,341,264 | ---- | M] (Fujitsu Technology Solutions) -- C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe ========== Modules (No Company Name) ========== MOD - [2013/12/11 20:40:38 | 001,135,016 | ---- | M] () -- D:\Programme\Steam\bin\chromehtml.dll MOD - [2013/12/04 03:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll MOD - [2013/12/04 03:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll MOD - [2013/12/04 03:47:11 | 000,702,416 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll MOD - [2013/12/04 03:47:11 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll MOD - [2013/12/04 03:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll MOD - [2013/11/21 13:45:24 | 019,336,120 | ---- | M] () -- D:\Programme\Avast\libcef.dll MOD - [2013/11/06 22:48:12 | 020,625,832 | ---- | M] () -- D:\Programme\Steam\bin\libcef.dll MOD - [2013/11/06 22:48:10 | 000,691,200 | ---- | M] () -- D:\Programme\Steam\SDL2.dll MOD - [2013/10/18 23:16:44 | 000,902,952 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll MOD - [2013/07/10 17:07:22 | 000,756,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL MOD - [2013/06/15 00:49:12 | 001,100,800 | ---- | M] () -- D:\Programme\Steam\bin\avcodec-53.dll MOD - [2013/06/15 00:49:12 | 000,192,000 | ---- | M] () -- D:\Programme\Steam\bin\avformat-53.dll MOD - [2013/06/15 00:49:12 | 000,124,416 | ---- | M] () -- D:\Programme\Steam\bin\avutil-51.dll MOD - [2012/11/13 13:06:32 | 000,158,624 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\snlFileFormats150.bpl MOD - [2012/11/13 13:06:30 | 000,108,960 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\snlThirdParty150.bpl MOD - [2012/11/13 13:06:28 | 000,554,400 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\VirtualTreesDXE150.bpl MOD - [2012/11/13 13:06:28 | 000,528,288 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\JSDialogPack150.bpl MOD - [2012/11/13 13:06:28 | 000,416,160 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\DEC150.bpl MOD - [2012/05/30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012/05/30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2012/04/27 21:21:52 | 013,005,104 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll ========== Services (SafeList) ========== SRV:64bit: - [2013/12/04 17:35:57 | 000,621,336 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\WTabletServicePro.exe -- (WTabletServicePro) SRV:64bit: - [2013/11/26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013/12/30 17:56:48 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Programme\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2013/12/11 20:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013/12/11 20:33:42 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/12/11 19:59:25 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/10/18 23:26:10 | 000,906,536 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe -- (hshld) SRV - [2013/10/18 23:21:20 | 000,555,304 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd) SRV - [2013/10/16 02:46:36 | 000,078,512 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE -- (HssTrayService) SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013/07/03 09:32:44 | 001,228,504 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent) SRV - [2013/07/03 09:32:44 | 000,660,184 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent) SRV - [2013/05/10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013/04/29 01:56:32 | 000,101,888 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver) SRV - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012/05/31 11:37:17 | 003,491,792 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv) SRV - [2012/04/27 21:23:54 | 005,924,008 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv) SRV - [2012/04/27 21:23:22 | 001,133,360 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/08/19 13:34:04 | 000,034,816 | ---- | M] (Fujitsu Technology Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Fujitsu\DeskViewBasic\DeskViewBasicService.exe -- (DeskViewBasicService) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/02/19 13:46:26 | 000,341,264 | ---- | M] (Fujitsu Technology Solutions) [Auto | Running] -- C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013/12/30 17:57:27 | 000,079,672 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm) DRV:64bit: - [2013/12/30 17:56:50 | 001,034,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2013/12/30 17:56:50 | 000,422,216 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2013/12/30 17:56:50 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:64bit: - [2013/12/30 17:56:50 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2013/11/21 13:45:25 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2013/11/21 13:45:25 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:64bit: - [2013/11/12 01:16:03 | 000,090,424 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter) DRV:64bit: - [2013/11/12 01:16:03 | 000,015,160 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter) DRV:64bit: - [2013/11/12 01:16:02 | 000,014,136 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf) DRV:64bit: - [2013/10/16 02:44:42 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6) DRV:64bit: - [2013/10/16 02:42:02 | 000,044,744 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6) DRV:64bit: - [2013/07/03 09:32:42 | 000,018,456 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys -- (PSI) DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012/05/31 11:37:18 | 000,367,200 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp) DRV:64bit: - [2012/05/31 11:37:13 | 001,294,432 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman) DRV:64bit: - [2012/05/31 11:37:11 | 000,994,912 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter) DRV:64bit: - [2012/05/31 11:37:02 | 000,211,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr) DRV:64bit: - [2012/05/31 11:37:00 | 000,146,528 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt67.sys -- (vidsflt67) DRV:64bit: - [2012/05/31 11:36:56 | 000,320,096 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman) DRV:64bit: - [2012/05/31 11:36:52 | 000,137,312 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv) DRV:64bit: - [2012/05/02 14:24:12 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012/04/27 09:20:04 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012/04/24 23:32:27 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/02/11 18:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/07/01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc) DRV:64bit: - [2009/09/22 23:00:00 | 000,283,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress) DRV:64bit: - [2009/08/13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2009/07/10 05:45:00 | 000,139,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) DRV:64bit: - [2009/06/23 12:28:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/06/04 17:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV - [2010/07/01 18:11:24 | 000,012,352 | ---- | M] () [Kernel | Unavailable | Unknown] -- D:\Programme\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2005/03/09 19:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {951CC197-18C5-4940-B16B-38C50F803073} IE:64bit: - HKLM\..\SearchScopes\{951CC197-18C5-4940-B16B-38C50F803073}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSB IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {81DF0A95-0BF9-4A6B-AFD4-A9D45B6DE068} IE - HKLM\..\SearchScopes\{81DF0A95-0BF9-4A6B-AFD4-A9D45B6DE068}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSB IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://bluevinc.jimdo.com/hxxp:// [Binary data over 200 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\..\SearchScopes,DefaultScope = {81DF0A95-0BF9-4A6B-AFD4-A9D45B6DE068} IE - HKCU\..\SearchScopes\{81DF0A95-0BF9-4A6B-AFD4-A9D45B6DE068}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_de IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.13 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: D:\Programme\VLC\npvlc.dll (VideoLAN) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: D:\Programme\VLC\npvlc.dll (VideoLAN) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: D:\Programme\VLC\npvlc.dll (VideoLAN) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: D:\Programme\VLC\npvlc.dll (VideoLAN) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: D:\Programme\VLC\npvlc.dll (VideoLAN) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: D:\Programme\VLC\npvlc.dll (VideoLAN) FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: D:\Programme\Avast\WebRep\FF [2013/12/30 17:56:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: D:\Programme\Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: D:\Programme\Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/12/11 20:33:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/12/11 20:33:37 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010/07/25 14:43:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vinc\AppData\Roaming\mozilla\Extensions [2010/07/25 14:43:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vinc\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2013/05/09 16:14:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vinc\AppData\Roaming\mozilla\Firefox\Profiles\extensions [2013/12/15 13:40:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vinc\AppData\Roaming\mozilla\Firefox\Profiles\xme43mgw.default\extensions [2013/04/08 18:11:52 | 000,199,379 | ---- | M] () (No name found) -- C:\Users\Vinc\AppData\Roaming\mozilla\firefox\profiles\extensions\m2k@m2kdownloader.com.xpi [2013/12/15 13:40:05 | 000,287,503 | ---- | M] () (No name found) -- C:\Users\Vinc\AppData\Roaming\mozilla\firefox\profiles\xme43mgw.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012/12/13 15:45:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: hxxp://www.google.com CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: iTunes Application Detector (Enabled) = D:\Programme\iTunes\Mozilla Plugins\npitunes.dll CHR - Extension: Click&Clean = C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0\ CHR - Extension: AdBlock = C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0\ CHR - Extension: Google Wallet = C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\ CHR - Extension: Click&Clean App = C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0\ O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer-Networking Ltd.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programme\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Programme\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AcronisTimounterMonitor] D:\Programme\Acronis True Image\TrueImageHome\TimounterMonitor.exe (Acronis) O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AvastUI.exe] D:\Programme\Avast\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKLM..\Run: [SDTray] D:\Programme\Spybot - Search & Destroy\SDTray.exe (Safer-Networking Ltd.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [TrueImageMonitor.exe] D:\Programme\Acronis True Image\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKCU..\Run: [DS3 Tool] D:\Programme\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com) O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKCU..\Run: [Spybot-S&D Cleaning] D:\Programme\Spybot - Search & Destroy\SDCleaner.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [Steam] D:\Programme\Steam\Steam.exe (Valve Corporation) O4 - HKCU..\Run: [Sysinternals Desktops] D:\Programme\Microsofts Desktops\Desktops.exe (Sysinternals - www.sysinternals.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer-Networking Ltd.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA44982D-5625-444B-926F-A42C4142DB57}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2014/01/03 15:24:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Registry [2013/12/31 17:05:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins [2013/12/31 17:05:47 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett [2013/12/31 17:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\TabletPlugins [2013/12/31 17:05:44 | 000,015,160 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys [2013/12/31 17:05:43 | 000,090,424 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wachidrouter.sys [2013/12/31 17:05:35 | 001,945,880 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wacom_Tablet.dll [2013/12/31 17:05:35 | 001,938,712 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wacom_Touch_Tablet.dll [2013/12/31 17:05:35 | 001,808,152 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wintab32.dll [2013/12/31 17:05:35 | 001,805,080 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\WacomMT.dll [2013/12/31 17:05:35 | 001,604,376 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wacom_Tablet.dll [2013/12/31 17:05:35 | 001,596,696 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wacom_Touch_Tablet.dll [2013/12/31 17:05:35 | 001,483,032 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wintab32.dll [2013/12/31 17:05:35 | 001,479,960 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\WacomMT.dll [2013/12/31 16:36:55 | 000,000,000 | ---D | C] -- C:\Users\Vinc\.android [2013/12/31 16:02:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Hotspot Shield [2013/12/31 15:19:22 | 000,000,000 | ---D | C] -- C:\Users\Vinc\AppData\Local\Paint.NET [2013/12/31 02:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield [2013/12/31 02:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Hotspot Shield [2013/12/31 02:23:53 | 000,044,744 | ---- | C] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys [2013/12/31 02:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hotspot Shield [2013/12/31 02:23:24 | 000,000,000 | ---D | C] -- C:\Users\Vinc\AppData\Roaming\Hotspot Shield [2013/12/30 17:57:14 | 000,079,672 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys [2013/12/15 13:26:32 | 000,000,000 | ---D | C] -- C:\Users\Vinc\AppData\Roaming\RoboForm [2013/12/15 13:23:00 | 000,000,000 | ---D | C] -- C:\ProgramData\RoboForm [2013/12/15 13:22:50 | 000,000,000 | ---D | C] -- F:\Eigene Dateien\Eigene Dokumente\My RoboForm Data [2013/12/15 13:17:54 | 000,000,000 | ---D | C] -- C:\Users\Vinc\AppData\Local\Mozilla [2013/12/11 20:33:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2013/12/08 18:22:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock ========== Files - Modified Within 30 Days ========== [2014/01/03 18:02:29 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\RegClean Prosch.job [2014/01/03 17:59:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014/01/03 17:54:48 | 000,000,000 | ---- | M] () -- C:\Users\Vinc\defogger_reenable [2014/01/03 17:51:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014/01/03 17:38:40 | 000,009,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014/01/03 17:38:39 | 000,009,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014/01/03 17:27:06 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014/01/03 17:26:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014/01/03 17:26:50 | 2941,440,000 | -HS- | M] () -- C:\hiberfil.sys [2014/01/03 17:19:58 | 005,036,216 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014/01/03 15:45:28 | 000,000,677 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2014/01/01 22:55:08 | 000,001,074 | ---- | M] () -- C:\Users\Vinc\Desktop\RegClean Pro.lnk [2014/01/01 22:55:01 | 000,013,449 | ---- | M] () -- C:\Users\Vinc\Desktop\Recuva.lnk [2014/01/01 22:54:33 | 000,000,743 | ---- | M] () -- C:\Users\Vinc\Desktop\CDBurnerXP.lnk [2014/01/01 22:54:24 | 000,000,619 | ---- | M] () -- C:\Users\Vinc\Desktop\VLC media player.lnk [2014/01/01 22:54:17 | 000,001,547 | ---- | M] () -- C:\Users\Vinc\Desktop\iTunes.lnk [2014/01/01 22:54:02 | 000,001,931 | ---- | M] () -- C:\Users\Vinc\Desktop\Driver DVD.lnk [2014/01/01 22:53:45 | 000,001,030 | ---- | M] () -- C:\Users\Vinc\Desktop\ Malwarebytes Anti-Malware .lnk [2014/01/01 21:18:32 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job [2014/01/01 15:01:27 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job [2013/12/30 17:57:27 | 000,079,672 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys [2013/12/30 17:56:50 | 001,034,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013/12/30 17:56:50 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013/12/30 17:56:50 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2013/12/30 17:56:50 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013/12/30 17:56:50 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013/12/30 17:56:50 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2013/12/21 14:43:56 | 000,000,651 | ---- | M] () -- C:\Users\Public\Desktop\Mp3tag.lnk [2013/12/21 11:33:53 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/12/21 11:33:53 | 000,653,968 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013/12/21 11:33:53 | 000,615,850 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/12/21 11:33:53 | 000,129,840 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013/12/21 11:33:53 | 000,106,230 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/12/15 13:17:42 | 000,000,729 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013/12/08 18:22:48 | 000,000,719 | ---- | M] () -- C:\Users\Vinc\Desktop\Free Alarm Clock.lnk [2013/12/05 13:49:31 | 000,002,181 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk ========== Files Created - No Company Name ========== [2014/01/03 17:54:48 | 000,000,000 | ---- | C] () -- C:\Users\Vinc\defogger_reenable [2014/01/03 17:19:45 | 005,036,216 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014/01/03 15:45:28 | 000,000,677 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2014/01/01 22:55:08 | 000,001,074 | ---- | C] () -- C:\Users\Vinc\Desktop\RegClean Pro.lnk [2014/01/01 22:55:01 | 000,013,449 | ---- | C] () -- C:\Users\Vinc\Desktop\Recuva.lnk [2014/01/01 22:54:33 | 000,000,743 | ---- | C] () -- C:\Users\Vinc\Desktop\CDBurnerXP.lnk [2014/01/01 22:54:24 | 000,000,619 | ---- | C] () -- C:\Users\Vinc\Desktop\VLC media player.lnk [2014/01/01 22:54:17 | 000,001,547 | ---- | C] () -- C:\Users\Vinc\Desktop\iTunes.lnk [2014/01/01 22:54:02 | 000,001,931 | ---- | C] () -- C:\Users\Vinc\Desktop\Driver DVD.lnk [2014/01/01 22:53:45 | 000,001,030 | ---- | C] () -- C:\Users\Vinc\Desktop\ Malwarebytes Anti-Malware .lnk [2013/12/15 13:17:42 | 000,000,729 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013/12/15 13:17:42 | 000,000,729 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013/12/08 18:22:48 | 000,000,719 | ---- | C] () -- C:\Users\Vinc\Desktop\Free Alarm Clock.lnk [2013/05/04 12:37:55 | 000,000,132 | ---- | C] () -- C:\Users\Vinc\AppData\Roaming\Adobe PNG Format CS6 Prefs [2013/04/21 16:01:57 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys [2013/03/12 17:15:53 | 000,000,214 | ---- | C] () -- C:\Users\Vinc\.swfinfo [2012/11/19 08:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll [2012/11/19 08:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll [2012/09/25 12:28:24 | 000,007,605 | ---- | C] () -- C:\Users\Vinc\AppData\Local\Resmon.ResmonCfg [2012/05/27 11:25:53 | 000,003,584 | ---- | C] () -- C:\Users\Vinc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013/04/24 18:37:27 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Acreon [2012/05/31 11:39:12 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Acronis [2012/09/13 14:20:48 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Audacity [2013/11/21 16:32:44 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\AVAST Software [2012/09/28 19:42:12 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\avidemux [2013/04/19 15:02:12 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\BANDISOFT [2013/04/20 08:56:21 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Blender Foundation [2013/04/04 22:44:41 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Canneverbe Limited [2012/09/16 16:16:19 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012/09/28 20:25:02 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\DVDVideoSoft [2013/09/04 11:46:26 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\GoforFiles [2013/12/31 02:23:24 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Hotspot Shield [2012/09/09 21:07:06 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\KompoZer [2013/03/02 13:51:02 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\LolClient [2013/04/21 16:19:00 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\MotioninJoy [2013/12/28 17:54:12 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Mp3tag [2013/04/19 22:08:15 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\OBS [2012/09/12 15:28:51 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Opera [2013/05/11 15:33:47 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Origin [2012/09/16 17:11:26 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\PDAppFlex [2012/09/13 18:13:27 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\RaimaRadioPro [2013/12/31 16:43:40 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\RoboForm [2013/08/19 12:56:06 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Screaming Bee [2012/09/16 17:22:23 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Sony [2013/08/14 09:41:58 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Systweak [2010/07/25 15:17:39 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\TeamViewer [2014/01/03 15:57:08 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Thunderbird ========== Purity Check ========== < End of report > |
|
04.01.2014, 11:59
| #2 |
| | Windows 7 findet "einige" Viren FRST.txt von FRST:
__________________Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-01-2014
Ran by Vinc (administrator) on BLUE-VINC on 03-01-2014 18:10:26
Running from C:\Users\Vinc\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) D:\Programme\Avast\AvastSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Safer-Networking Ltd.) D:\Programme\Spybot - Search & Destroy\SDFSSvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Fujitsu Technology Solutions) C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sysinternals - www.sysinternals.com) D:\Programme\Microsofts Desktops\Desktops.exe
(Valve Corporation) D:\Programme\Steam\Steam.exe
(www.motioninjoy.com) D:\Programme\MotioninJoy\ds3\DS3_Tool.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Acronis) D:\Programme\Acronis True Image\TrueImageHome\TrueImageMonitor.exe
(Acronis) D:\Programme\Acronis True Image\TrueImageHome\TimounterMonitor.exe
(Apple Inc.) D:\Programme\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) D:\Programme\Spybot - Search & Destroy\SDTray.exe
(AVAST Software) D:\Programme\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) D:\Programme\Spybot - Search & Destroy\SDUpdSvc.exe
(Safer-Networking Ltd.) D:\Programme\Spybot - Search & Destroy\SDWSCSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) D:\Programme\Spybot - Search & Destroy\SDUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9642528 2009-12-03] (Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE [767312 2009-03-18] (CANON INC.)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [403656 2012-04-27] (Acronis)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - D:\Programme\Acronis True Image\TrueImageHome\TrueImageMonitor.exe [5993136 2012-04-27] (Acronis)
HKLM-x32\...\Run: [AcronisTimounterMonitor] - D:\Programme\Acronis True Image\TrueImageHome\TimounterMonitor.exe [1173680 2012-04-27] (Acronis)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - D:\Programme\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] - D:\Programme\Spybot - Search & Destroy\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] - D:\Programme\Avast\AvastUI.exe [3764024 2013-12-30] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
HKCU\...\Run: [Sysinternals Desktops] - D:\Programme\Microsofts Desktops\Desktops.exe [116088 2010-01-18] (Sysinternals - www.sysinternals.com)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [Steam] - D:\Programme\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Run: [DS3 Tool] - D:\Programme\MotioninJoy\ds3\DS3_Tool.exe [104768 2013-10-23] (www.motioninjoy.com)
HKCU\...\Run: [Spybot-S&D Cleaning] - D:\Programme\Spybot - Search & Destroy\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-27] (Google Inc.)
HKU\Admin\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
HKU\Admin\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-27] (Google Inc.)
HKU\Admin\...\Run: [Sysinternals Desktops] - D:\Programme\Microsofts Desktops\Desktops.exe [116088 2010-01-18] (Sysinternals - www.sysinternals.com)
HKU\Gast1\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-27] (Google Inc.)
HKU\Vinc2\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-27] (Google Inc.)
HKU\Vinc2\...\Run: [Sysinternals Desktops] - D:\Programme\Microsofts Desktops\Desktops.exe [116088 2010-01-18] (Sysinternals - www.sysinternals.com)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files (x86)\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files (x86)\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Vinc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://bluevinc.jimdo.com/
hxxp://youtube.com/user/bluevinc
hxxp://facebook.de/
hxxp://twitter.com/
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {951CC197-18C5-4940-B16B-38C50F803073} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer-Networking Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programme\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: af0.Adblock.BHO - {90EFF544-3981-4d46-85C9-C0361D0931D6} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Programme\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\xme43mgw.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: Greasemonkey - C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\xme43mgw.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: No Name - C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\profiles\extensions\m2k@m2kdownloader.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Programme\Avast\WebRep\FF
FF Extension: avast! Online Security - D:\Programme\Avast\WebRep\FF
FF StartMenuInternet: FIREFOX.EXE - D:\Programme\Firefox\firefox.exe
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Skype Click to Call) - C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (WacomTabletPlugin) - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (iTunes Application Detector) - D:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Extension: (Click&Clean) - C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0
CHR Extension: (AdBlock) - C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (Google Wallet) - C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Click&Clean App) - C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0
CHR HKLM-x32\...\Chrome\Extension: [lbbbdmbjkgojacipgefbifkiebpcdjhn] - C:\Program Files (x86)\Movie2KDownloader.com\m2kDownloader10.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
==================== Services (Whitelisted) =================
R2 avast! Antivirus; D:\Programme\Avast\AvastSvc.exe [50344 2013-12-30] (AVAST Software)
S2 DeskViewBasicService; C:\Program Files (x86)\Fujitsu\DeskViewBasic\DeskViewBasicService.exe [34816 2009-08-19] (Fujitsu Technology Solutions)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-04-29] (Freemake)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [906536 2013-10-18] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-10-16] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [555304 2013-10-18] ()
R2 SDScannerService; D:\Programme\Spybot - Search & Destroy\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; D:\Programme\Spybot - Search & Destroy\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; D:\Programme\Spybot - Search & Destroy\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 TestHandler; C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [341264 2009-02-19] (Fujitsu Technology Solutions)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)
S2 AntiVirSchedulerService; "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" [x]
S2 AntiVirService; "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" [x]
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-30] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-30] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-04-24] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-04-27] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2012-05-02] (Avira GmbH)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2013-10-16] (AnchorFree Inc.)
S3 libusb0; C:\Windows\SysWow64\drivers\libusb0.sys [33792 2005-03-09] ()
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
U5 UnlockerDriver5; D:\Programme\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-03 18:10 - 2014-01-03 18:10 - 01931750 _____ (Farbar) C:\Users\Vinc\Desktop\FRST64.exe
2014-01-03 18:10 - 2014-01-03 18:10 - 00022836 _____ C:\Users\Vinc\Desktop\FRST.txt
2014-01-03 17:54 - 2014-01-03 17:54 - 00000470 _____ C:\Users\Vinc\Desktop\defogger_disable.log
2014-01-03 17:54 - 2014-01-03 17:54 - 00000000 _____ C:\Users\Vinc\defogger_reenable
2014-01-03 17:19 - 2014-01-03 17:26 - 00000112 _____ C:\Windows\setupact.log
2014-01-03 17:19 - 2014-01-03 17:19 - 05036216 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-03 17:19 - 2014-01-03 17:19 - 00000000 _____ C:\Windows\setuperr.log
2014-01-03 17:17 - 2014-01-03 17:17 - 00108904 _____ C:\Users\Vinc\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 15:45 - 2014-01-03 15:45 - 00000677 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-03 15:34 - 2014-01-03 15:34 - 00108904 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 15:24 - 2014-01-03 15:24 - 00108904 _____ C:\Users\Vinc2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 15:21 - 2014-01-03 15:21 - 00001020 _____ C:\Users\Vinc2\Desktop\SNES9x.lnk
2014-01-03 15:20 - 2014-01-03 15:20 - 00001365 _____ C:\Users\Vinc2\Desktop\WinDS PRO Apps.lnk
2014-01-03 15:20 - 2014-01-03 15:20 - 00001026 _____ C:\Users\Vinc2\Desktop\Nestopia.lnk
2014-01-03 15:19 - 2014-01-03 15:19 - 00000628 _____ C:\Users\Vinc2\Desktop\Pokemon World Online.lnk
2014-01-03 15:18 - 2014-01-03 15:19 - 00001179 _____ C:\Users\Vinc2\Desktop\PlanetSide 2.lnk
2014-01-03 15:17 - 2014-01-03 15:17 - 00000752 _____ C:\Users\Vinc2\Desktop\TeamSpeak 3.lnk
2014-01-03 15:17 - 2014-01-03 15:17 - 00000529 _____ C:\Users\Vinc2\Desktop\League of Legends.lnk
2014-01-03 15:16 - 2014-01-03 15:16 - 00000665 _____ C:\Users\Vinc2\Desktop\Steam.lnk
2014-01-03 15:14 - 2014-01-03 15:14 - 00000990 _____ C:\Users\Vinc2\Desktop\SDCopy.lnk
2014-01-03 15:13 - 2014-01-03 15:13 - 00000975 _____ C:\Users\Vinc2\Desktop\Spybot-S&D Start Center.lnk
2014-01-03 15:13 - 2014-01-03 15:13 - 00000719 _____ C:\Users\Vinc2\Desktop\Free Alarm Clock.lnk
2014-01-03 15:12 - 2014-01-03 15:12 - 00013449 _____ C:\Users\Vinc2\Desktop\Recuva.lnk
2014-01-03 15:12 - 2014-01-03 15:12 - 00001075 _____ C:\Users\Vinc2\Desktop\Secunia PSI.lnk
2014-01-03 15:12 - 2014-01-03 15:12 - 00001074 _____ C:\Users\Vinc2\Desktop\RegClean Pro.lnk
2014-01-03 15:11 - 2014-01-03 15:11 - 00001218 _____ C:\Users\Vinc2\Desktop\Mc Affe Labs Stinger.lnk
2014-01-03 15:11 - 2014-01-03 15:11 - 00000846 _____ C:\Users\Vinc2\Desktop\CCleaner.lnk
2014-01-03 15:11 - 2014-01-03 15:11 - 00000743 _____ C:\Users\Vinc2\Desktop\CDBurnerXP.lnk
2014-01-03 15:11 - 2014-01-03 15:11 - 00000619 _____ C:\Users\Vinc2\Desktop\VLC media player.lnk
2014-01-03 15:10 - 2014-01-03 15:10 - 00001931 _____ C:\Users\Vinc2\Desktop\Driver DVD.lnk
2014-01-03 15:10 - 2014-01-03 15:10 - 00001547 _____ C:\Users\Vinc2\Desktop\iTunes.lnk
2014-01-03 15:09 - 2014-01-03 15:09 - 00001030 _____ C:\Users\Vinc2\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 23:05 - 2014-01-01 23:05 - 00000000 ____D C:\Users\Vinc2\AppData\Roaming\WTablet
2014-01-01 23:05 - 2014-01-01 23:05 - 00000000 ____D C:\Users\Vinc2\AppData\Roaming\AVAST Software
2014-01-01 23:04 - 2014-01-01 23:04 - 00000000 ____D C:\Users\Gast1\AppData\Roaming\WTablet
2014-01-01 22:59 - 2014-01-01 22:59 - 00001030 _____ C:\Users\Admin\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 22:55 - 2014-01-01 22:55 - 00013449 _____ C:\Users\Vinc\Desktop\Recuva.lnk
2014-01-01 22:55 - 2014-01-01 22:55 - 00001074 _____ C:\Users\Vinc\Desktop\RegClean Pro.lnk
2014-01-01 22:54 - 2014-01-01 22:54 - 00001931 _____ C:\Users\Vinc\Desktop\Driver DVD.lnk
2014-01-01 22:54 - 2014-01-01 22:54 - 00001547 _____ C:\Users\Vinc\Desktop\iTunes.lnk
2014-01-01 22:54 - 2014-01-01 22:54 - 00000743 _____ C:\Users\Vinc\Desktop\CDBurnerXP.lnk
2014-01-01 22:54 - 2014-01-01 22:54 - 00000619 _____ C:\Users\Vinc\Desktop\VLC media player.lnk
2014-01-01 22:53 - 2014-01-01 22:53 - 00001030 _____ C:\Users\Vinc\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 22:38 - 2014-01-01 22:38 - 00001020 _____ C:\Users\Admin\Desktop\SNES9x.lnk
2014-01-01 22:37 - 2014-01-01 22:37 - 00001026 _____ C:\Users\Admin\Desktop\Nestopia.lnk
2014-01-01 22:34 - 2014-01-01 22:34 - 00001311 _____ C:\Users\Admin\Desktop\Movie Maker (2).lnk
2014-01-01 22:33 - 2014-01-01 22:33 - 00000990 _____ C:\Users\Admin\Desktop\SDCopy.lnk
2014-01-01 22:32 - 2014-01-01 22:32 - 00013763 _____ C:\Users\Admin\Desktop\Soundrecorder.lnk
2014-01-01 22:29 - 2014-01-01 22:29 - 00000719 _____ C:\Users\Admin\Desktop\Free Alarm Clock.lnk
2014-01-01 22:28 - 2014-01-01 22:28 - 00001075 _____ C:\Users\Admin\Desktop\Secunia PSI.lnk
2014-01-01 22:27 - 2014-01-01 22:27 - 00013449 _____ C:\Users\Admin\Desktop\Recuva.lnk
2014-01-01 22:27 - 2014-01-01 22:27 - 00001218 _____ C:\Users\Admin\Desktop\Mc Affe Labs Stinger.lnk
2014-01-01 22:27 - 2014-01-01 22:27 - 00001074 _____ C:\Users\Admin\Desktop\RegClean Pro.lnk
2014-01-01 22:26 - 2014-01-01 22:26 - 00001014 _____ C:\Users\Admin\Desktop\Acronis*True*Image*Home.lnk
2014-01-01 22:26 - 2014-01-01 22:26 - 00000846 _____ C:\Users\Admin\Desktop\CCleaner.lnk
2014-01-01 22:26 - 2014-01-01 22:26 - 00000743 _____ C:\Users\Admin\Desktop\CDBurnerXP.lnk
2014-01-01 22:25 - 2014-01-01 22:25 - 00000619 _____ C:\Users\Admin\Desktop\VLC media player.lnk
2014-01-01 22:24 - 2014-01-01 22:24 - 00012482 _____ C:\Users\Admin\Desktop\Computer.lnk
2014-01-01 22:24 - 2014-01-01 22:24 - 00001931 _____ C:\Users\Admin\Desktop\Driver DVD.lnk
2014-01-01 22:24 - 2014-01-01 22:24 - 00001547 _____ C:\Users\Admin\Desktop\iTunes.lnk
2014-01-01 22:18 - 2014-01-01 22:58 - 00000000 ____D C:\Users\Admin\AppData\Roaming\WTablet
2013-12-31 17:05 - 2013-12-31 17:05 - 00000000 ____D C:\Program Files\TabletPlugins
2013-12-31 17:05 - 2013-12-31 17:05 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2013-12-31 17:05 - 2013-12-04 17:35 - 01945880 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2013-12-31 17:05 - 2013-12-04 17:35 - 01938712 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2013-12-31 17:05 - 2013-12-04 17:35 - 01808152 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2013-12-31 17:05 - 2013-12-04 17:35 - 01805080 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2013-12-31 17:05 - 2013-12-04 17:35 - 01604376 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2013-12-31 17:05 - 2013-12-04 17:35 - 01596696 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2013-12-31 17:05 - 2013-12-04 17:35 - 01483032 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2013-12-31 17:05 - 2013-12-04 17:35 - 01479960 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2013-12-31 17:05 - 2013-11-12 01:16 - 00090424 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2013-12-31 17:05 - 2013-11-12 01:16 - 00015160 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2013-12-31 16:36 - 2013-12-31 16:36 - 00000000 ____D C:\Users\Vinc\.android
2013-12-31 16:02 - 2013-12-31 16:02 - 00000000 ____D C:\Windows\SysWOW64\Hotspot Shield
2013-12-31 15:19 - 2013-12-31 16:35 - 00000000 ____D C:\Users\Vinc\AppData\Local\Paint.NET
2013-12-31 02:25 - 2013-12-31 02:25 - 00000000 ____D C:\ProgramData\Hotspot Shield
2013-12-31 02:23 - 2013-12-31 02:26 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2013-12-31 02:23 - 2013-12-31 02:23 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\Hotspot Shield
2013-12-31 02:23 - 2013-10-16 02:42 - 00044744 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
2013-12-30 17:57 - 2013-12-30 17:57 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-15 21:54 - 2013-12-26 16:56 - 00000000 ____D C:\Users\Vinc\Downloads\Arbeit
2013-12-15 13:26 - 2013-12-31 16:43 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\RoboForm
2013-12-15 13:26 - 2013-12-31 16:41 - 00003972 _____ C:\Windows\System32\Tasks\Open URL by RoboForm
2013-12-15 13:26 - 2013-12-15 13:26 - 00003492 _____ C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
2013-12-15 13:23 - 2013-12-31 16:43 - 00000000 ____D C:\ProgramData\RoboForm
2013-12-15 13:17 - 2013-12-15 13:18 - 00000000 ____D C:\Users\Vinc\AppData\Local\Mozilla
2013-12-15 13:17 - 2013-12-15 13:17 - 00000729 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-11 20:33 - 2013-12-12 13:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-12-11 16:48 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 16:48 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 16:48 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 16:48 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 16:47 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 16:47 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 16:47 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 16:47 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 16:47 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 16:47 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-11 16:47 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 16:47 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 16:47 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 16:47 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 16:47 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 16:47 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 16:47 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-11 16:47 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-11 16:47 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 16:47 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 16:47 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 16:47 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 16:47 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 16:47 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-11 16:47 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 16:47 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 16:47 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 16:47 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-11 16:47 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 16:47 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 16:47 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 16:47 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-11 16:47 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-11 16:47 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 16:47 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 16:10 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 16:10 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 16:10 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 16:10 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 16:10 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 16:10 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 16:10 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 16:10 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 16:10 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 16:10 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 16:10 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 16:10 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 16:10 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 16:10 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 16:10 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 16:10 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 16:10 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 16:10 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 16:10 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-08 18:22 - 2013-12-08 18:22 - 00000719 _____ C:\Users\Vinc\Desktop\Free Alarm Clock.lnk
==================== One Month Modified Files and Folders =======
2014-01-03 18:10 - 2014-01-03 18:10 - 01931750 _____ (Farbar) C:\Users\Vinc\Desktop\FRST64.exe
2014-01-03 18:10 - 2014-01-03 18:10 - 00022836 _____ C:\Users\Vinc\Desktop\FRST.txt
2014-01-03 18:02 - 2013-08-14 09:44 - 00000266 _____ C:\Windows\Tasks\RegClean Prosch.job
2014-01-03 18:00 - 2013-02-10 12:22 - 00003108 _____ C:\Windows\System32\Tasks\RegClean Pro
2014-01-03 17:59 - 2012-05-26 15:35 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-03 17:57 - 2010-07-25 18:50 - 02067520 _____ C:\Windows\WindowsUpdate.log
2014-01-03 17:54 - 2014-01-03 17:54 - 00000470 _____ C:\Users\Vinc\Desktop\defogger_disable.log
2014-01-03 17:54 - 2014-01-03 17:54 - 00000000 _____ C:\Users\Vinc\defogger_reenable
2014-01-03 17:54 - 2010-07-25 11:08 - 00000000 ____D C:\Users\Vinc
2014-01-03 17:51 - 2012-05-27 11:05 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-03 17:40 - 2013-11-14 18:26 - 00000000 ____D C:\Users\Thunderbird\yiodlzyq.default
2014-01-03 17:38 - 2009-07-14 05:45 - 00009712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-03 17:38 - 2009-07-14 05:45 - 00009712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-03 17:29 - 2012-09-09 21:26 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\Skype
2014-01-03 17:27 - 2012-05-27 11:05 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-03 17:26 - 2014-01-03 17:19 - 00000112 _____ C:\Windows\setupact.log
2014-01-03 17:26 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-03 17:19 - 2014-01-03 17:19 - 05036216 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-03 17:19 - 2014-01-03 17:19 - 00000000 _____ C:\Windows\setuperr.log
2014-01-03 17:17 - 2014-01-03 17:17 - 00108904 _____ C:\Users\Vinc\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 15:57 - 2013-11-14 17:58 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\Thunderbird
2014-01-03 15:55 - 2013-03-24 16:46 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDS PRO
2014-01-03 15:45 - 2014-01-03 15:45 - 00000677 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-03 15:45 - 2012-09-12 16:55 - 00002762 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-01-03 15:34 - 2014-01-03 15:34 - 00108904 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 15:33 - 2013-03-10 22:27 - 00000000 ____D C:\Windows\Minidump
2014-01-03 15:33 - 2009-08-10 21:07 - 00000000 ____D C:\Windows\Panther
2014-01-03 15:24 - 2014-01-03 15:24 - 00108904 _____ C:\Users\Vinc2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 15:21 - 2014-01-03 15:21 - 00001020 _____ C:\Users\Vinc2\Desktop\SNES9x.lnk
2014-01-03 15:20 - 2014-01-03 15:20 - 00001365 _____ C:\Users\Vinc2\Desktop\WinDS PRO Apps.lnk
2014-01-03 15:20 - 2014-01-03 15:20 - 00001026 _____ C:\Users\Vinc2\Desktop\Nestopia.lnk
2014-01-03 15:19 - 2014-01-03 15:19 - 00000628 _____ C:\Users\Vinc2\Desktop\Pokemon World Online.lnk
2014-01-03 15:19 - 2014-01-03 15:18 - 00001179 _____ C:\Users\Vinc2\Desktop\PlanetSide 2.lnk
2014-01-03 15:17 - 2014-01-03 15:17 - 00000752 _____ C:\Users\Vinc2\Desktop\TeamSpeak 3.lnk
2014-01-03 15:17 - 2014-01-03 15:17 - 00000529 _____ C:\Users\Vinc2\Desktop\League of Legends.lnk
2014-01-03 15:16 - 2014-01-03 15:16 - 00000665 _____ C:\Users\Vinc2\Desktop\Steam.lnk
2014-01-03 15:14 - 2014-01-03 15:14 - 00000990 _____ C:\Users\Vinc2\Desktop\SDCopy.lnk
2014-01-03 15:13 - 2014-01-03 15:13 - 00000975 _____ C:\Users\Vinc2\Desktop\Spybot-S&D Start Center.lnk
2014-01-03 15:13 - 2014-01-03 15:13 - 00000719 _____ C:\Users\Vinc2\Desktop\Free Alarm Clock.lnk
2014-01-03 15:12 - 2014-01-03 15:12 - 00013449 _____ C:\Users\Vinc2\Desktop\Recuva.lnk
2014-01-03 15:12 - 2014-01-03 15:12 - 00001075 _____ C:\Users\Vinc2\Desktop\Secunia PSI.lnk
2014-01-03 15:12 - 2014-01-03 15:12 - 00001074 _____ C:\Users\Vinc2\Desktop\RegClean Pro.lnk
2014-01-03 15:11 - 2014-01-03 15:11 - 00001218 _____ C:\Users\Vinc2\Desktop\Mc Affe Labs Stinger.lnk
2014-01-03 15:11 - 2014-01-03 15:11 - 00000846 _____ C:\Users\Vinc2\Desktop\CCleaner.lnk
2014-01-03 15:11 - 2014-01-03 15:11 - 00000743 _____ C:\Users\Vinc2\Desktop\CDBurnerXP.lnk
2014-01-03 15:11 - 2014-01-03 15:11 - 00000619 _____ C:\Users\Vinc2\Desktop\VLC media player.lnk
2014-01-03 15:10 - 2014-01-03 15:10 - 00001931 _____ C:\Users\Vinc2\Desktop\Driver DVD.lnk
2014-01-03 15:10 - 2014-01-03 15:10 - 00001547 _____ C:\Users\Vinc2\Desktop\iTunes.lnk
2014-01-03 15:09 - 2014-01-03 15:09 - 00001030 _____ C:\Users\Vinc2\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-03 15:07 - 2012-09-13 12:53 - 00004144 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-01 23:05 - 2014-01-01 23:05 - 00000000 ____D C:\Users\Vinc2\AppData\Roaming\WTablet
2014-01-01 23:05 - 2014-01-01 23:05 - 00000000 ____D C:\Users\Vinc2\AppData\Roaming\AVAST Software
2014-01-01 23:04 - 2014-01-01 23:04 - 00000000 ____D C:\Users\Gast1\AppData\Roaming\WTablet
2014-01-01 22:59 - 2014-01-01 22:59 - 00001030 _____ C:\Users\Admin\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 22:58 - 2014-01-01 22:18 - 00000000 ____D C:\Users\Admin\AppData\Roaming\WTablet
2014-01-01 22:58 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2014-01-01 22:55 - 2014-01-01 22:55 - 00013449 _____ C:\Users\Vinc\Desktop\Recuva.lnk
2014-01-01 22:55 - 2014-01-01 22:55 - 00001074 _____ C:\Users\Vinc\Desktop\RegClean Pro.lnk
2014-01-01 22:54 - 2014-01-01 22:54 - 00001931 _____ C:\Users\Vinc\Desktop\Driver DVD.lnk
2014-01-01 22:54 - 2014-01-01 22:54 - 00001547 _____ C:\Users\Vinc\Desktop\iTunes.lnk
2014-01-01 22:54 - 2014-01-01 22:54 - 00000743 _____ C:\Users\Vinc\Desktop\CDBurnerXP.lnk
2014-01-01 22:54 - 2014-01-01 22:54 - 00000619 _____ C:\Users\Vinc\Desktop\VLC media player.lnk
2014-01-01 22:53 - 2014-01-01 22:53 - 00001030 _____ C:\Users\Vinc\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 22:40 - 2013-04-19 12:44 - 00000875 _____ C:\Users\Admin\Desktop\Nintendo.lnk
2014-01-01 22:38 - 2014-01-01 22:38 - 00001020 _____ C:\Users\Admin\Desktop\SNES9x.lnk
2014-01-01 22:37 - 2014-01-01 22:37 - 00001026 _____ C:\Users\Admin\Desktop\Nestopia.lnk
2014-01-01 22:34 - 2014-01-01 22:34 - 00001311 _____ C:\Users\Admin\Desktop\Movie Maker (2).lnk
2014-01-01 22:33 - 2014-01-01 22:33 - 00000990 _____ C:\Users\Admin\Desktop\SDCopy.lnk
2014-01-01 22:32 - 2014-01-01 22:32 - 00013763 _____ C:\Users\Admin\Desktop\Soundrecorder.lnk
2014-01-01 22:29 - 2014-01-01 22:29 - 00000719 _____ C:\Users\Admin\Desktop\Free Alarm Clock.lnk
2014-01-01 22:28 - 2014-01-01 22:28 - 00001075 _____ C:\Users\Admin\Desktop\Secunia PSI.lnk
2014-01-01 22:27 - 2014-01-01 22:27 - 00013449 _____ C:\Users\Admin\Desktop\Recuva.lnk
2014-01-01 22:27 - 2014-01-01 22:27 - 00001218 _____ C:\Users\Admin\Desktop\Mc Affe Labs Stinger.lnk
2014-01-01 22:27 - 2014-01-01 22:27 - 00001074 _____ C:\Users\Admin\Desktop\RegClean Pro.lnk
2014-01-01 22:26 - 2014-01-01 22:26 - 00001014 _____ C:\Users\Admin\Desktop\Acronis*True*Image*Home.lnk
2014-01-01 22:26 - 2014-01-01 22:26 - 00000846 _____ C:\Users\Admin\Desktop\CCleaner.lnk
2014-01-01 22:26 - 2014-01-01 22:26 - 00000743 _____ C:\Users\Admin\Desktop\CDBurnerXP.lnk
2014-01-01 22:25 - 2014-01-01 22:25 - 00000619 _____ C:\Users\Admin\Desktop\VLC media player.lnk
2014-01-01 22:24 - 2014-01-01 22:24 - 00012482 _____ C:\Users\Admin\Desktop\Computer.lnk
2014-01-01 22:24 - 2014-01-01 22:24 - 00001931 _____ C:\Users\Admin\Desktop\Driver DVD.lnk
2014-01-01 22:24 - 2014-01-01 22:24 - 00001547 _____ C:\Users\Admin\Desktop\iTunes.lnk
2014-01-01 21:18 - 2013-09-25 20:09 - 00000282 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-01-01 15:01 - 2013-09-25 20:09 - 00000274 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-01-01 00:30 - 2013-05-08 17:19 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-31 17:12 - 2013-03-10 15:36 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\WTablet
2013-12-31 17:08 - 2013-03-01 18:02 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-12-31 17:05 - 2013-12-31 17:05 - 00000000 ____D C:\Program Files\TabletPlugins
2013-12-31 17:05 - 2013-12-31 17:05 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2013-12-31 17:05 - 2013-03-10 15:35 - 00000000 ____D C:\Program Files\Tablet
2013-12-31 16:43 - 2013-12-15 13:26 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\RoboForm
2013-12-31 16:43 - 2013-12-15 13:23 - 00000000 ____D C:\ProgramData\RoboForm
2013-12-31 16:43 - 2010-07-25 13:29 - 00000000 ____D C:\Windows\system32\appmgmt
2013-12-31 16:41 - 2013-12-15 13:26 - 00003972 _____ C:\Windows\System32\Tasks\Open URL by RoboForm
2013-12-31 16:36 - 2013-12-31 16:36 - 00000000 ____D C:\Users\Vinc\.android
2013-12-31 16:35 - 2013-12-31 15:19 - 00000000 ____D C:\Users\Vinc\AppData\Local\Paint.NET
2013-12-31 16:02 - 2013-12-31 16:02 - 00000000 ____D C:\Windows\SysWOW64\Hotspot Shield
2013-12-31 02:33 - 2013-03-10 17:25 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\vlc
2013-12-31 02:26 - 2013-12-31 02:23 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2013-12-31 02:25 - 2013-12-31 02:25 - 00000000 ____D C:\ProgramData\Hotspot Shield
2013-12-31 02:23 - 2013-12-31 02:23 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\Hotspot Shield
2013-12-30 17:57 - 2013-12-30 17:57 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-30 17:56 - 2013-03-14 14:14 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-30 17:56 - 2012-09-13 12:53 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-30 17:56 - 2012-09-13 12:53 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-30 17:56 - 2012-09-13 12:53 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-30 17:56 - 2012-09-13 12:53 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-30 17:56 - 2012-09-13 12:53 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-28 17:54 - 2013-01-27 17:32 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\Mp3tag
2013-12-26 16:56 - 2013-12-15 21:54 - 00000000 ____D C:\Users\Vinc\Downloads\Arbeit
2013-12-22 20:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-21 14:43 - 2012-09-13 17:51 - 00000651 _____ C:\Users\Public\Desktop\Mp3tag.lnk
2013-12-21 11:33 - 2009-08-10 21:20 - 00653968 _____ C:\Windows\system32\perfh007.dat
2013-12-21 11:33 - 2009-08-10 21:20 - 00129840 _____ C:\Windows\system32\perfc007.dat
2013-12-21 11:33 - 2009-07-14 06:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-15 13:26 - 2013-12-15 13:26 - 00003492 _____ C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
2013-12-15 13:18 - 2013-12-15 13:17 - 00000000 ____D C:\Users\Vinc\AppData\Local\Mozilla
2013-12-15 13:17 - 2013-12-15 13:17 - 00000729 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-15 13:17 - 2012-12-13 15:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-14 11:03 - 2013-08-15 20:52 - 00000000 ____D C:\Windows\system32\MRT
2013-12-14 11:02 - 2010-07-25 14:11 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-14 10:55 - 2012-05-27 11:05 - 00000000 ____D C:\Users\Vinc\AppData\Local\Google
2013-12-12 20:12 - 2012-10-19 18:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-12 13:29 - 2013-12-11 20:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-12-11 19:59 - 2012-05-26 15:35 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 19:59 - 2012-05-26 15:35 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 19:59 - 2012-05-26 15:35 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 16:48 - 2009-08-21 10:14 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-08 18:22 - 2013-12-08 18:22 - 00000719 _____ C:\Users\Vinc\Desktop\Free Alarm Clock.lnk
2013-12-08 15:31 - 2012-09-09 21:26 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-08 15:31 - 2012-09-09 21:26 - 00000000 ____D C:\ProgramData\Skype
2013-12-05 18:46 - 2012-05-27 11:05 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-05 18:46 - 2012-05-27 11:05 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-05 13:49 - 2012-05-28 10:25 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-04 17:35 - 2013-12-31 17:05 - 01945880 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2013-12-04 17:35 - 2013-12-31 17:05 - 01938712 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2013-12-04 17:35 - 2013-12-31 17:05 - 01808152 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2013-12-04 17:35 - 2013-12-31 17:05 - 01805080 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2013-12-04 17:35 - 2013-12-31 17:05 - 01604376 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2013-12-04 17:35 - 2013-12-31 17:05 - 01596696 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2013-12-04 17:35 - 2013-12-31 17:05 - 01483032 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2013-12-04 17:35 - 2013-12-31 17:05 - 01479960 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-31 03:35
==================== End Of Log ============================
 Hier GMER: Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2014-01-03 18:21:15
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 ST1000DM005_HD103SJ rev.1AJ10001 931,51GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Vinc\AppData\Local\Temp\kftcipow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80002fbc000 45 bytes [00, 00, 22, 02, 4D, 6D, 43, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff80002fbc02f 16 bytes [00, 02, 00, 00, 00, 00, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\wininit.exe[776] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Windows\system32\services.exe[832] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Windows\system32\lsass.exe[860] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Windows\system32\winlogon.exe[892] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1012] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[644] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Windows\System32\svchost.exe[720] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Windows\System32\svchost.exe[560] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[632] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1040] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Program Files\Tablet\Wacom\WTabletServicePro.exe[1284] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1388] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Windows\System32\spoolsv.exe[1704] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1768] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1912] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe[2024] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1492] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe[2076] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe[2160] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\Windows\system32\taskhost.exe[2496] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Windows\Explorer.EXE[2608] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe[2648] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text D:\Programme\Spybot - Search & Destroy\SDFSSvc.exe[2932] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2508] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2508] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076d81465 2 bytes [D8, 76]
.text C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2508] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076d814bb 2 bytes [D8, 76]
.text ... * 2
.text C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe[2660] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\Windows\system32\svchost.exe[2828] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2308] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe[3160] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe[3208] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe[3220] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\Windows\System32\igfxtray.exe[3540] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Windows\System32\hkcmd.exe[3576] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Windows\System32\igfxpers.exe[3832] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text D:\Programme\Microsofts Desktops\Desktops.exe[4016] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\Windows\system32\wbem\wmiprvse.exe[2768] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text D:\Programme\Steam\Steam.exe[1968] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text D:\Programme\MotioninJoy\ds3\DS3_Tool.exe[3692] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3956] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[1260] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[1260] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076d81465 2 bytes [D8, 76]
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[1260] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076d814bb 2 bytes [D8, 76]
.text ... * 2
.text C:\Program Files (x86)\FreePDF_XP\fpassist.exe[3352] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE[3936] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text D:\Programme\Acronis True Image\TrueImageHome\TrueImageMonitor.exe[952] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text D:\Programme\Acronis True Image\TrueImageHome\TimounterMonitor.exe[4112] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text D:\Programme\iTunes\iTunesHelper.exe[4256] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text D:\Programme\Spybot - Search & Destroy\SDTray.exe[4460] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text D:\Programme\Spybot - Search & Destroy\SDTray.exe[4460] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000076d81465 2 bytes [D8, 76]
.text D:\Programme\Spybot - Search & Destroy\SDTray.exe[4460] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000076d814bb 2 bytes [D8, 76]
.text ... * 2
.text D:\Programme\Avast\AvastUI.exe[4468] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text D:\Programme\Avast\AvastUI.exe[4468] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076d81465 2 bytes [D8, 76]
.text D:\Programme\Avast\AvastUI.exe[4468] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076d814bb 2 bytes [D8, 76]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4500] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text D:\Programme\Spybot - Search & Destroy\SDUpdSvc.exe[4752] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text D:\Programme\Spybot - Search & Destroy\SDWSCSvc.exe[4908] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\Program Files\iPod\bin\iPodService.exe[4248] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Windows\system32\SearchIndexer.exe[4812] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[4100] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[4100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076d81465 2 bytes [D8, 76]
.text C:\Program Files (x86)\Secunia\PSI\sua.exe[4100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076d814bb 2 bytes [D8, 76]
.text ... * 2
.text C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe[4252] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe[4252] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076d81465 2 bytes [D8, 76]
.text C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe[4252] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076d814bb 2 bytes [D8, 76]
.text ... * 2
.text C:\Windows\system32\svchost.exe[5148] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe[5500] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5832] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Program Files (x86)\Common Files\Steam\SteamService.exe[1888] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\Program Files (x86)\Common Files\Steam\SteamService.exe[1888] C:\Windows\syswow64\KERNELBASE.dll!HeapCreate 0000000076c1549c 5 bytes JMP 0000000100300800
.text C:\Program Files (x86)\Common Files\Steam\SteamService.exe[1888] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000076d81465 2 bytes [D8, 76]
.text C:\Program Files (x86)\Common Files\Steam\SteamService.exe[1888] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000076d814bb 2 bytes [D8, 76]
.text ... * 2
.text C:\Windows\System32\svchost.exe[6328] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 166 000000002fcf1afc 2 bytes [CF, 2F]
.text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 253 000000002fcf1b53 2 bytes [CF, 2F]
.text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 320 000000002fcf1b96 2 bytes [CF, 2F]
.text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 390 000000002fcf1bdc 2 bytes [CF, 2F]
.text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 738 000000002fcf1d38 2 bytes [CF, 2F]
.text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 937 000000002fcf1dff 2 bytes [CF, 2F]
.text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 958 000000002fcf1e14 2 bytes [CF, 2F]
.text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 970 000000002fcf1e20 2 bytes [CF, 2F]
.text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000075628769 5 bytes JMP 0000000151ea53fc
.text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
.text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Windows\syswow64\ole32.dll!OleLoadFromStream 0000000074c76143 5 bytes JMP 000000015296f68e
.text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Windows\syswow64\OLEAUT32.dll!SysFreeString 00000000753d3e59 5 bytes JMP 0000000151ed10b7
.text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Windows\syswow64\OLEAUT32.dll!VariantClear 00000000753d3eae 5 bytes JMP 0000000151edb0be
.text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Windows\syswow64\OLEAUT32.dll!SysAllocStringByteLen 00000000753d4731 5 bytes JMP 0000000151f0b5dc
.text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Windows\syswow64\OLEAUT32.dll!VariantChangeType 00000000753d5dee 5 bytes JMP 0000000151f0c50f
.text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076d81465 2 bytes [D8, 76]
.text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076d814bb 2 bytes [D8, 76]
.text ... * 2
.text C:\Windows\system32\AUDIODG.EXE[2416] C:\Windows\System32\kernel32.dll!GetBinaryTypeW + 189 0000000076f3eecd 1 byte [62]
.text C:\Users\Vinc\Desktop\gmer_2.1.19163.exe[2696] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007564a2ba 1 byte [62]
---- Threads - GMER 2.1 ----
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5832:5136] 000007fefb212a7c
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5832:4676] 000007feea884830
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5832:5792] 000007feea884830
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5832:5728] 000007feea884830
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5832:3700] 000007feea884830
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5832:1956] 000007fef7ca5124
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5832:6560] 000007feea809d90
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5832:2720] 000007feea884830
Thread C:\Windows\System32\svchost.exe [6328:6516] 000007feedfa9688
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
LG Will mir denn keiner helfen ): ? |
|
08.01.2014, 22:30
| #3 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 7 findet "einige" Viren Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
| Themen zu Windows 7 findet "einige" Viren |
| adblock, antivirus, avg, avira, browser, defender, firefox, flash player, google, helper, hotspot, install.exe, logfile, mozilla, object, plug-in, pup.optional.babylon.a, pup.optional.datamngr.a, pup.optional.delta.a, pup.optional.diamondata.a, pup.optional.regcleanerpro.a, pup.optional.regcleanerpro.j, pup.optional.regcleanpro.a, realtek, secunia psi, security, senden, tablet, viren, windows |
Linear-Darstellung
