| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Goodgames EmpireWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
28.02.2014, 11:22
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Goodgames Empire Jetzt hast du 2x das gleich Log gepostet....additions.txt fehlt nach wie vor
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
01.03.2014, 06:04
| #17 |
 | Goodgames EmpireCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-02-2014 02
Ran by Ursel at 2014-02-28 11:07:32
Running from C:\Users\Ursel\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installed Programs ======================
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.0.16600 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.0.16600 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.0.3 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM-x32\...\{553255F3-78FD-40F1-A6F8-6882140265FE}) (Version: 1.2.1 - Apple Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 9.23.0 - ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 3.12.0 - ashampoo GmbH & Co. KG)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.27 - Atheros Communications Inc.)
Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 17.25.0.1074 - Bitdefender)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP550 series Benutzerregistrierung (HKLM-x32\...\Canon MP550 series Benutzerregistrierung) (Version: - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.11 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Content (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (x32 Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM-x32\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (x32 Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM-x32\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 (x32 Version: 4.0 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3418 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3418 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1410a - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.0.1410a - CyberLink Corp.) Hidden
CyberLink MediaShow Espresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 5.5.1412_24021a - CyberLink Corp.)
CyberLink MediaShow Espresso (x32 Version: 5.5.1412_24021a - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.0.6904 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.0.6904 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3802 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3224a - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.3224a - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2225 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.2225 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2429 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.2429 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3428 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.1.3428 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Elements 12 Organizer (x32 Version: 12.0 - Ihr Firmenname) Hidden
FileZilla Client 3.7.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.1 - FileZilla Project)
FixFoto 3.02 X64 (HKLM\...\FixFoto_is1) (Version: - Joachim Koopmann Software)
FixFoto 3.50 (HKLM-x32\...\FixFoto_is1) (Version: - Joachim Koopmann Software)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
fotokasten comfort (HKLM-x32\...\FKC22150706_is1) (Version: - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java Auto Updater (x32 Version: 2.0.2.4 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kalenderchen 5 (HKLM-x32\...\{11464943-4682-4F6B-A96D-D4E8C26DD111}_is1) (Version: - Daniel Manger)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.2 - Wistron Corp.)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2213 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2213 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: - Mobile Connection Manager)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Firefox Packages (HKCU\...\Mozilla Firefox Packages) (Version: - ) <==== ATTENTION
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.1 - Nikon)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}) (Version: 7.66.71.0 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6237 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30121 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0148 - REALTEK Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
Update for PDF Writer (HKCU\...\Digital Sites) (Version: - Update for PDF Writer) <==== ATTENTION
Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer.medionlap.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1) (Version: 0.9.511 - Deutsche Post AG)
Versandhelfer (x32 Version: 0.9.511 - Deutsche Post AG) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
X10 Hardware(TM) (HKLM-x32\...\X10Hardware) (Version: - )
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.25_TME - ZTE Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
23-02-2014 18:00:52 Windows-Sicherung
24-02-2014 07:24:18 Installed AVG 2014
24-02-2014 07:24:35 Installed AVG 2014
24-02-2014 15:31:10 Removed Visual Studio 2012 x64 Redistributables
24-02-2014 17:01:03 Windows Update
24-02-2014 18:08:51 Removed Noiseware Community Edition
24-02-2014 18:10:08 Removed Nikon Message Center 2.
24-02-2014 18:13:22 Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi wird entfernt
25-02-2014 05:30:28 Windows Update
26-02-2014 05:30:53 Windows Update
28-02-2014 06:00:58 Removed AVG 2014
28-02-2014 06:05:51 Removed AVG 2014
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {02A4B9E7-11A3-4170-8B0B-3F4F7082E19B} - System32\Tasks\AdobeAAMUpdater-1.0-Ursel-PC-Ursel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {0E9A6038-CCE1-467A-8714-5D01309F2D1A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {48535D8F-92A9-4A24-854B-9D2FCC1B7E57} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {556D61E4-4F0C-4166-92E9-8323DBD84C82} - System32\Tasks\{04F7844C-5111-43C5-8B27-D2BAA2B2C67F} => C:\Program Files (x86)\Opera\opera.exe
Task: {691AEAFE-C0BD-4094-9822-58BC866512C4} - System32\Tasks\{1A5992A8-71B7-47D7-AB61-1376EF897169} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.5.0.119.259&LastError=2
Task: {AC005D22-87C6-4C39-9B4D-87F8FF09FE30} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-30] (Google Inc.)
Task: {B22ECB21-BA12-4B5F-8E7B-58F90DFB116E} - System32\Tasks\Digital Sites => C:\Users\Ursel\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {C3B9ED12-AB91-4EA6-B8E5-267B7A58F082} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-30] (Google Inc.)
Task: {DEE55096-7016-4064-8379-0A34FFD85185} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {FA1677FA-85F0-49EB-8E82-B005FE215759} - System32\Tasks\{7DC17C54-3C81-438E-B75B-44610CC06F91} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/abandoninstall?page=tsMain
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\Digital Sites.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
==================== Loaded Modules (whitelisted) =============
2014-02-28 07:18 - 2013-06-19 11:45 - 00265080 ____C () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2014-02-28 07:18 - 2014-01-29 17:57 - 00003072 ____C () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
2014-02-28 07:18 - 2011-11-14 19:17 - 00153680 ____C () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
2014-02-28 07:18 - 2014-01-29 17:57 - 00005120 ____C () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui
2014-02-28 07:26 - 2014-02-28 07:26 - 00770792 ____C () C:\Program Files\Bitdefender\Bitdefender\otengines_00036_002\ashttpbr.mdl
2014-02-28 07:26 - 2014-02-28 07:26 - 00568400 ____C () C:\Program Files\Bitdefender\Bitdefender\otengines_00036_002\ashttpdsp.mdl
2014-02-28 07:26 - 2014-02-28 07:26 - 02592904 ____C () C:\Program Files\Bitdefender\Bitdefender\otengines_00036_002\ashttpph.mdl
2014-02-28 07:26 - 2014-02-28 07:26 - 01315680 ____C () C:\Program Files\Bitdefender\Bitdefender\otengines_00036_002\ashttprbl.mdl
2010-11-06 16:39 - 2010-02-10 12:34 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-01-10 20:12 - 2012-01-10 20:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-28 07:18 - 2013-06-19 11:44 - 00204280 ____C () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2009-11-02 22:20 - 2009-11-02 22:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 22:23 - 2009-11-02 22:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2011-01-17 15:19 - 2011-04-15 18:37 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-02-10 12:50 - 2014-02-16 12:16 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-28 07:18 - 2013-09-10 18:46 - 00035896 ____C () C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\components\ffpwdman.dll
2014-02-13 15:01 - 2014-02-13 15:01 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\bfd5296be62268bc7a31a424f0d1ad5f\IsdiInterop.ni.dll
2010-11-02 17:18 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:A5B56640
AlternateDataStreams: C:\Users\Ursel\Downloads\FRST.exe:BDU
AlternateDataStreams: C:\Users\Ursel\Downloads\FRST64(1).exe:BDU
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/28/2014 06:35:01 AM) (Source: MsiInstaller) (User: Ursel-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Produkt: AVG 2014 -- Fehler 1706. SA_Error1706: StandardAction(0xC00706AA): Für das Produkt 'AVG 2014' wurde kein Installationspaket gefunden. Wiederholen Sie die Installation mit einer gültigen Kopie des Installationspakets „Avgx64.msi“.
Error: (02/23/2014 05:42:23 PM) (Source: RasClient) (User: )
Description: CoID={8995BB95-3999-4589-AD2B-5172D19EC81F}: Der Benutzer "Ursel-PC\Ursel" hat eine Verbindung mit dem Namen "o2 Internet" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 633.
Error: (02/23/2014 05:42:10 PM) (Source: RasClient) (User: )
Description: CoID={7011911A-4136-4A90-8601-C5AAE26198AE}: Der Benutzer "Ursel-PC\Ursel" hat eine Verbindung mit dem Namen "o2 Internet" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 633.
Error: (02/20/2014 06:00:26 AM) (Source: RasClient) (User: )
Description: CoID={FC621481-959A-40CB-AAD4-34DB0ED55BA5}: Der Benutzer "Ursel-PC\Ursel" hat eine Verbindung mit dem Namen "o2 Internet" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 633.
Error: (02/20/2014 01:47:21 AM) (Source: RasClient) (User: )
Description: CoID={CB10E475-AFCE-4EE6-903C-45193FB8AD72}: Der Benutzer "Ursel-PC\Ursel" hat eine Verbindung mit dem Namen "o2 Internet" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 633.
Error: (02/15/2014 04:56:16 PM) (Source: IAStorDataMgrSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. Der Dienstprozess konnte keine Verbindung mit dem Dienstcontroller herstellen
Error: (02/15/2014 06:03:43 AM) (Source: RasClient) (User: )
Description: CoID={0AD1F7B0-791C-4469-94EC-28C5F3046081}: Der Benutzer "Ursel-PC\Ursel" hat eine Verbindung mit dem Namen "o2 Internet" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 633.
Error: (02/15/2014 06:03:09 AM) (Source: RasClient) (User: )
Description: CoID={EF6BB44D-44E6-4E60-9449-8A15ADEE18DE}: Der Benutzer "Ursel-PC\Ursel" hat eine Verbindung mit dem Namen "o2 Internet" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 633.
Error: (02/15/2014 06:03:03 AM) (Source: RasClient) (User: )
Description: CoID={26EAFE82-CAB8-4ABD-91E2-FBD048079687}: Der Benutzer "Ursel-PC\Ursel" hat eine Verbindung mit dem Namen "o2 Internet" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 633.
Error: (02/15/2014 06:02:59 AM) (Source: RasClient) (User: )
Description: CoID={3C06F471-26BA-4601-B191-A5D13BBF5940}: Der Benutzer "Ursel-PC\Ursel" hat eine Verbindung mit dem Namen "o2 Internet" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 633.
System errors:
=============
Error: (02/28/2014 08:41:55 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (02/27/2014 07:06:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (02/26/2014 08:21:15 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (02/26/2014 04:56:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Intel(R) Management & Security Application User Notification Service" wurde nicht richtig gestartet.
Error: (02/26/2014 06:31:17 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (02/25/2014 06:30:51 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (02/24/2014 04:34:34 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (02/24/2014 08:06:07 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update ResultsAlpha" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/24/2014 06:41:33 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.
Error: (02/20/2014 05:51:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Microsoft Office Sessions:
=========================
Error: (02/28/2014 06:35:01 AM) (Source: MsiInstaller)(User: Ursel-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Produkt: AVG 2014 -- Fehler 1706. SA_Error1706: StandardAction(0xC00706AA): Für das Produkt 'AVG 2014' wurde kein Installationspaket gefunden. Wiederholen Sie die Installation mit einer gültigen Kopie des Installationspakets „Avgx64.msi“.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (02/23/2014 05:42:23 PM) (Source: RasClient)(User: )
Description: {8995BB95-3999-4589-AD2B-5172D19EC81F}Ursel-PC\Urselo2 Internet633
Error: (02/23/2014 05:42:10 PM) (Source: RasClient)(User: )
Description: {7011911A-4136-4A90-8601-C5AAE26198AE}Ursel-PC\Urselo2 Internet633
Error: (02/20/2014 06:00:26 AM) (Source: RasClient)(User: )
Description: {FC621481-959A-40CB-AAD4-34DB0ED55BA5}Ursel-PC\Urselo2 Internet633
Error: (02/20/2014 01:47:21 AM) (Source: RasClient)(User: )
Description: {CB10E475-AFCE-4EE6-903C-45193FB8AD72}Ursel-PC\Urselo2 Internet633
Error: (02/15/2014 04:56:16 PM) (Source: IAStorDataMgrSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. Der Dienstprozess konnte keine Verbindung mit dem Dienstcontroller herstellen
Error: (02/15/2014 06:03:43 AM) (Source: RasClient)(User: )
Description: {0AD1F7B0-791C-4469-94EC-28C5F3046081}Ursel-PC\Urselo2 Internet633
Error: (02/15/2014 06:03:09 AM) (Source: RasClient)(User: )
Description: {EF6BB44D-44E6-4E60-9449-8A15ADEE18DE}Ursel-PC\Urselo2 Internet633
Error: (02/15/2014 06:03:03 AM) (Source: RasClient)(User: )
Description: {26EAFE82-CAB8-4ABD-91E2-FBD048079687}Ursel-PC\Urselo2 Internet633
Error: (02/15/2014 06:02:59 AM) (Source: RasClient)(User: )
Description: {3C06F471-26BA-4601-B191-A5D13BBF5940}Ursel-PC\Urselo2 Internet633
==================== Memory info ===========================
Percentage of memory in use: 51%
Total physical RAM: 3893.49 MB
Available physical RAM: 1888.42 MB
Total Pagefile: 7785.16 MB
Available Pagefile: 5521.92 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:546.25 GB) (Free:413.67 GB) NTFS
Drive d: (Recover) (Fixed) (Total:48.83 GB) (Free:7.41 GB) NTFS
Drive e: (PRE 12) (CDROM) (Total:2.47 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 596 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=546 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=49 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1023 MB) - (Type=12)
==================== End Of Log ============================
|
|
01.03.2014, 12:52
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Goodgames Empire Hast offenbar nur Adware im System. Und von Googgame ist das nur eine Verknüpfung auf dem Desktop, einfach löschen!
__________________Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
02.03.2014, 14:31
| #19 |
| | Goodgames Empire Hier wäre ADw cleaner: Code:
ATTFilter # AdwCleaner v3.020 - Bericht erstellt am 02/03/2014 um 14:07:09
# Aktualisiert 27/02/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Ursel - URSEL-PC
# Gestartet von : C:\Users\Ursel\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\RegClean Pro
Ordner Gelöscht : C:\Users\Ursel\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\Ursel\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Ursel\AppData\Local\lollipop
Ordner Gelöscht : C:\Users\Ursel\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Ursel\AppData\Local\Temp\boost_interprocess
Ordner Gelöscht : C:\Users\Ursel\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Ursel\AppData\Roaming\DigitalSites
Ordner Gelöscht : C:\Users\Ursel\AppData\Roaming\newnext.me
Ordner Gelöscht : C:\Users\Ursel\AppData\Roaming\Systweak
Datei Gelöscht : C:\END
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lollipop.lnk
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Ursel\AppData\Roaming\Mozilla\Firefox\Profiles\4qbssiuy.default\searchplugins\conduit-search.xml
Datei Gelöscht : C:\Users\Ursel\AppData\Roaming\Mozilla\Firefox\Profiles\4qbssiuy.default\user.js
Datei Gelöscht : C:\Users\Ursel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
Datei Gelöscht : C:\Users\Ursel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Classes\Applications\lollipop.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iMesh.AudioCD
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\Imesh
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\powerpack
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Mozilla Firefox v27.0.1 (de)
[ Datei : C:\Users\Ursel\AppData\Roaming\Mozilla\Firefox\Profiles\4qbssiuy.default\prefs.js ]
Zeile gelöscht : user_pref("browser.search.defaultenginename", "Conduit Search");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Conduit Search");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3320324&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPA933E78C-D24E-4D1E-A318-1936DB36BF82&SSPV=");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.admin", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.excTlbr", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.id", "ca8fa28900000000000000262dc3bced");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.instlDay", "15674");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.tlbrId", "irhnew");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=ca8fa28900000000000000262dc3bced&q=");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", true);
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=110824&tt=4812_6&babsrc=NT_ss&mntrId=ca8fa28900000000000000262dc3bced");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.89:01:44");
-\\ Google Chrome v33.0.1750.117
[ Datei : C:\Users\Ursel\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht : icon_url
Gelöscht : homepage
Gelöscht : search_url
Gelöscht : keyword
*************************
AdwCleaner[R0].txt - [7540 octets] - [02/03/2014 13:58:00]
AdwCleaner[S0].txt - [6845 octets] - [02/03/2014 14:07:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6905 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Ursel on 02.03.2014 at 14:14:28,01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] "C:\Users\Ursel\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"
Successfully deleted: [File] C:\Windows\syswow64\shoB0.tmp
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Ursel\music\qtrax media library"
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{00A5EE1D-4D91-4AC5-AD84-707F738505AC}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{019F4670-A008-47F5-B5E6-2ECB3D247178}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{034791E1-6457-44FE-ADBD-F9E0DAB41FE8}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{03839167-080C-4C07-9D67-5C4AD5FC620D}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{079268B3-95F1-484C-B11A-7C152A477C78}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{08780D69-ACD3-46E9-B8D0-3F84989EE008}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{0915F72B-B5F4-4C35-ADCE-9B0091DEF333}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{096018AC-41A4-425A-A8E9-BEA3F08BC322}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{0A360748-C265-41DD-A5B4-51C527BD2390}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{0ADD88A2-C108-4F35-B762-9C64D9153AEE}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{0C823E79-9F68-4D05-B716-8F2B499D3CE4}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{0CBE2D2B-CA74-40B2-AB5B-147D2C7C3E3F}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{0F87DB3E-3355-4B6C-93C5-4F842C553839}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{1065E31E-0370-4044-BCF7-4998252CADFA}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{12FF91F3-6F60-426E-A5BB-EC5E440250B0}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{146D20BA-614A-4B5A-8584-3EC868C74CA7}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{169EC359-310E-43D6-9101-7729C1E15C6A}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{1784974B-439E-4E12-A4FE-D0DF9885E75F}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{179E187A-D04F-408C-84CA-036926FA31E8}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{1861DBCD-34C0-4B9D-93E7-30741BA2F0C2}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{1ABB0C08-F649-4A12-A133-E6610AB96A98}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{1AE7FEA6-3AE4-4922-A2FC-1633227B1329}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{1C5A5B3E-A8B6-4982-88CF-249EBD4E82C7}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{1D5A9317-6FBD-4A42-9C87-C7FD6F3DE6AF}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{1DA54692-C5EB-4EE4-92B7-4387619A58F2}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{20BAA91C-4C51-4C69-8178-49CEC4ECB880}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{21EDE4AF-66AF-44FA-A899-C338C9CE4EFC}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{22A78EB7-F2B3-4F90-A1AF-E9F6DFB9AB69}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{27C06F07-6458-495F-B215-17ACBEAB80C8}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{28D99A70-F72D-471D-9FF9-9B98A106536A}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{29E28EE7-0438-4A12-AB7E-DE2AC2DE3AB0}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{2D6FBB28-93B4-4C13-88D7-AC1D55A5A775}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{2DFC49BD-8BFB-41BB-A67C-197A3BC67C6A}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{2E317EA2-997D-427D-85B7-048E5E84019A}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{2E4F1041-7E1B-42C6-B25D-12338108AB34}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{2EEB287E-86CC-4E56-9D8D-F856144625BD}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{2F8E2DEA-3831-4085-BD2E-1BC107BCFD46}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{30927FF1-AEE1-4FBE-869E-27141CD9FF8A}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{3149473E-933E-4425-A385-68585B5D554C}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{32294683-0CE7-48B8-A9B4-11185D92B5D7}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{37A9BC08-F46E-4211-904D-7B848D3E39A3}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{3868C9D3-F0ED-4699-9BBF-12F9EBCDA188}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{38775486-37AC-4685-B045-0D9E2E941089}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{38C729C5-31CF-4D06-96C2-B43E5A12473C}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{3946CD94-B2D6-4784-8224-98F0F8CDF30D}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{39CF02F5-A5A2-4B80-B766-C2F3B5AF5449}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{3C0BE150-D730-4923-9029-4E2F9E318EA8}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{3F765962-DB9F-477A-AB52-C73EC0FDDC5E}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{442BBC4D-7786-4028-83A6-CF489041795A}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{44FBD0E0-64D9-4BAC-9A52-7B10B2E71502}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{457854A2-7344-4D76-8720-09B5FA4FA306}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{46122BF2-1ECC-4E2E-8450-54DDA336228F}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{474263D6-D8B0-4DD8-9063-C56BE396C8BB}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{49947890-FFEC-44AB-A8DF-C8FF5E6CB0C9}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{4C9A2931-06D2-4E42-9262-937C1FE4F4B1}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{4CD3EA20-962B-4634-815E-21D6A1E9A072}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{4DAD8879-F94E-479D-A856-148999FAEC33}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{4F0E2A47-2BE1-4C3C-A73E-5490828CE5DF}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{5051E6F3-4FAF-40F8-AF2A-733BB05CC569}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{52E6A1BC-A331-4682-8666-0DB8B8B38BC4}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{54B0EEE1-71AC-455B-A6C2-02DB564C896B}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{550A0DAD-E39F-4AF1-9B5D-6223FDEE3711}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{561F9775-CD9A-499B-A3D5-6A2A68163B31}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{5895F297-BBC3-4D61-AD5C-22355D6B3066}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{59EEFCD9-D2C4-42BD-9A7B-F256A56B3958}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{6AA1881B-298E-4168-A545-C146F487D307}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{6AB6E6BE-575C-40DF-8097-97EC3B0929D7}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{6B19480E-C71D-4605-A0A9-914C66DAA2E8}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{6B1F9578-2536-4A0A-8320-6C182E61EB83}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{6BF9CA6C-3BE9-42EF-92A6-3091E7818898}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{6CE9BF69-B902-4A63-8299-536CD63EA382}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{6D2995AE-6357-4175-94A3-D8E5C8F0E172}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{71964A43-882C-478B-93C7-5598F0925E09}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{775F53FC-658F-40C1-9872-E4FCFA645BFB}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{79D7ECB1-560A-4FC6-B1EB-677C630C34D9}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{7D808CA5-DE69-4377-922F-1A59F21FFE5A}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{7F2B5227-FC8B-4345-8BF3-45B82B46EB4F}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{7F9B26EC-0D3D-47F4-A0CD-5D7CB080B07C}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{81CFB5C7-6567-42F6-A31B-C0DACBD7CC86}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{82CE4713-DE6F-48DB-9D78-ED6B609DC8FB}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{840BBDF4-524F-4BC3-AE02-3BF2DD488EF1}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{8477AE50-573B-4DE7-999F-5AE3EAA63F81}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{84D7F049-2085-4234-9B5F-72E1DFDC2FEE}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{8593B802-4847-4234-BCF2-C34D9080F406}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{862DE87D-2A0E-4693-A667-4D3C42C2E455}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{86C0057D-7B29-4F6B-9BA7-2E50E3251F88}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{87BDF2C2-E4A9-40C0-8275-4C52D30EC8EB}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{89BA154D-5B7F-476A-A39B-D4ABBE146859}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{8CCD49EB-C98E-4755-8CCC-2605E80F8F17}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{8D52C593-9E98-4F6B-BF52-E30D8EDD5467}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{922E57AE-7683-413B-B395-A4DF75F33070}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{9542A0A4-4A70-44F3-B963-DC346F1CDBBC}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{95D4F96B-AE70-4D62-A2A4-224F58EC433F}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{962D0E0C-3DC5-470E-8EB3-D7C13158FC20}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{96AF79BF-7B25-4C13-B36D-58DDEE09FDAA}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{98899D07-FC5A-444A-88A1-33D1A17B09CA}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{A042F9B8-45C5-4274-B26A-D9E119975D66}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{A0CADA05-4B1D-4961-AB0A-ECFE3CA4517E}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{A2987D46-2347-4CA4-99AD-A6CBA523AF66}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{A5075F5C-F4C6-4E16-8AC6-334D40328861}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{A655A253-25A6-466A-BA1A-D1212D220A8E}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{A6F3F0E8-81A8-4072-9DD2-DDE2DF2F7B77}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{A7DE7409-4037-40DC-A31E-8FAC17213317}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{A88526E3-ACCB-492F-BA54-FE35D8DBDD6D}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{A8AEE73A-77E2-40CD-A351-54B00C83CE71}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{ABACCB62-0C56-4F2F-AF68-2D0DB09F901B}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{ABB57E62-34ED-4106-B179-4C3DE80D7A05}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{AD07BAB7-0A44-4ADA-A07F-CE9AF4600A71}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{B0B2A7F3-C18D-44EC-A946-6B500DF177CF}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{B15011DF-359C-402C-80A6-E63E205B540D}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{B3C641E3-7927-4BFF-AAD1-FDDEE5F06574}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{B5C2B1F1-F0E7-4A40-888E-BD33CCAA9B10}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{B7552195-F2C2-458D-B601-2CC20055FB70}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{B75F3B1E-68E6-415D-A779-C94CAD88D151}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{B8A7D75D-4DA3-4C36-B8E9-522236A48882}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{BEEEA9E3-F5C2-4872-8917-6672615315EA}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{BF0AA2C4-C716-4FAE-9E66-5A4E3D3014E1}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{BF5A867D-EBCD-4EDC-B81B-F252BF46A4A9}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{C385DAEF-3581-4048-85ED-B8A14FF4D28C}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{C4117AB5-805E-4384-9812-663DD7FA28BC}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{C7818313-D8D6-416B-962B-C10C6CD47763}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{CF4F0226-2DAE-4B4C-AB57-A1B8D42A1F39}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{D00A604B-ABAB-492C-9928-71202A8B9607}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{D0B76A4C-CE8C-47C3-BA3D-E616331CC60A}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{D23617C1-9D21-4912-9552-8A07AC48424E}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{D5BBA302-46B2-4582-AF47-CE015D69479B}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{D641903D-021B-4FF2-8505-D073011255A8}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{D6D53C7A-E4B4-4CAE-B9A0-86905FA83CDB}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{D6E7AAB2-04FF-4B22-980A-A9D42C7BA449}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{DC1C1E92-5FC0-4D4E-ABC4-281E3FA4B12C}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{DC32044E-643C-42B6-977C-35AD6B255DCD}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{DF795EB1-E9A1-43E4-8C71-2ADD7C057A02}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{DFE91A1F-E484-4AB2-9005-C1353988A7AA}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{E030E269-489D-4B53-B37E-238375819918}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{E07A0D01-4F53-4FD2-AE0E-850F955CC562}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{E1244E0E-6B34-4FAA-B562-91C68EFB4AC9}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{E1E297C7-1A48-4E53-AECA-E9FD4ECF97E1}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{E2EBACAD-6FFB-491F-8695-73CC8FBF3368}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{E3D3B328-DB0F-4835-8A62-DEA79BFB0EA4}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{E57C0EAD-BC1A-457B-854D-CACD832274E8}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{E930181A-2B2D-4768-BBED-DBE30FAFFCD3}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{ED2896E6-CC65-41A4-A201-AF53F038FFC8}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{EF8CC5BB-2C1B-4B17-897C-AB688B32A262}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{F154F39E-B1D7-432D-9A8E-656078BA80C0}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{F2711982-E9AE-467D-B3BC-D996434F3416}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{F3B2A16C-C7E3-496F-90F9-64D1E9568CDB}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{F44774CE-C31A-4CB1-8577-F52D5574EA3C}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{F56669CB-524B-4DE1-A972-E1EDDB6B00B5}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{F716BDBE-0DAD-4723-BEE7-1D80A213AB1C}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{F939DDB4-BC71-479A-AD1A-5599FBA210C3}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{FBB9E5BF-4BE8-4B86-9B58-24F59814034E}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{FDB27C1F-4812-42BE-834F-AA3E666E86CE}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{FF2A95F0-7D2C-4ED2-AE64-DBFF5977665D}
Successfully deleted: [Empty Folder] C:\Users\Ursel\appdata\local\{FFEB9C48-617E-47E2-A6D1-1318351A9A2D}
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Ursel\AppData\Roaming\mozilla\firefox\profiles\4qbssiuy.default\extensions\staged
Emptied folder: C:\Users\Ursel\AppData\Roaming\mozilla\firefox\profiles\4qbssiuy.default\minidumps [369 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.03.2014 at 14:25:27,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2014 01
Ran by Ursel (administrator) on URSEL-PC on 02-03-2014 14:27:29
Running from C:\Users\Ursel\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(X10) C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Amazon.com) C:\Users\Ursel\AppData\Local\Amazon\Kindle\application\Kindle.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Ursel\Downloads\FRST64(2).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-11] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11548264 2010-11-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2181224 2010-11-03] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-07-27] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1739480 2014-02-28] (Bitdefender)
HKLM-x32\...\Run: [HotkeyApp] - C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [200704 2009-12-14] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] - C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2009-12-11] (Wistron Corp.)
HKLM-x32\...\Run: [Wbutton] - C:\Program Files (x86)\Launch Manager\Wbutton.exe [436264 2010-06-21] (Wistron Corp.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2010-10-29] (CyberLink)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-02-28] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-02-28] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-02-28] (Bitdefender)
HKU\S-1-5-21-1019772088-3661694572-1671400686-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1019772088-3661694572-1671400686-1000\...\Run: [CAHeadless] - C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [1400224 2013-09-25] (Adobe Systems Incorporated)
HKU\S-1-5-21-1019772088-3661694572-1671400686-1000\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-02-28] (Bitdefender)
HKU\S-1-5-21-1019772088-3661694572-1671400686-1000\...\Run: [Bitdefender-Geldbörse] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-02-28] (Bitdefender)
HKU\S-1-5-21-1019772088-3661694572-1671400686-1000\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-02-28] (Bitdefender)
HKU\S-1-5-21-1019772088-3661694572-1671400686-1000\...\MountPoints2: {70db10cf-b64c-11e1-a97a-485d60d37cf5} - G:\LaunchU3.exe -a
HKU\S-1-5-21-1019772088-3661694572-1671400686-1000\...\MountPoints2: {7a5a2cb6-4821-11e1-a75a-00262dc3bced} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1019772088-3661694572-1671400686-1000\...\MountPoints2: {817083ba-2cdd-11e0-9b27-806e6f6e6963} - E:\AutoPlay.exe -auto
HKU\S-1-5-21-1019772088-3661694572-1671400686-1000\...\MountPoints2: {964b8874-2fc8-11e0-9df2-485d60d37cf5} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1019772088-3661694572-1671400686-1000\...\MountPoints2: {c0d821c4-6484-11e1-b7b9-00262dc3bced} - F:\Setup.exe
Startup: C:\Users\Ursel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C6C7B56A-7496-4934-91A2-BCDE5DFA33E1}: [NameServer]192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Ursel\AppData\Roaming\Mozilla\Firefox\Profiles\4qbssiuy.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WEB.DE MailCheck - C:\Users\Ursel\AppData\Roaming\Mozilla\Firefox\Profiles\4qbssiuy.default\Extensions\toolbar@web.de.xpi [2012-02-06]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-02-28]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ []
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-02-28]
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: Conduit Search
CHR DefaultSearchURL: hxxp://www.google.com
CHR DefaultNewTabURL:
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Extension: (Bitdefender Wallet) - C:\Users\Ursel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-02-28]
CHR Extension: (Google Wallet) - C:\Users\Ursel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-02-28]
==================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-21] (Bitdefender)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-02-10] ()
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [199600 2010-11-11] (Telefónica I+D)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1507248 2014-02-28] (Bitdefender)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2009-10-23] (Wistron Corp.)
R2 x10nets; C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe [20480 2009-11-07] (X10)
==================== Drivers (Whitelisted) ====================
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2013-12-02] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2013-12-02] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated)
S3 mod7764; C:\Windows\System32\DRIVERS\mod77-64.sys [913888 2009-09-24] (DiBcom SA)
S3 NxpCap64; C:\Windows\System32\DRIVERS\NxpCap64.sys [1888864 2010-02-04] (NXP Semiconductors Germany GmbH)
S3 TrdCap64; C:\Windows\System32\DRIVERS\TrdCap64.sys [1887528 2010-06-09] (Trident Microsystems, Inc.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [15896 2009-05-13] (X10 Wireless Technology, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [32792 2009-05-13] (X10 Wireless Technology, Inc.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-02 14:27 - 2014-03-02 14:27 - 02156544 _____ (Farbar) C:\Users\Ursel\Downloads\FRST64(2).exe
2014-03-02 14:25 - 2014-03-02 14:25 - 00017600 _____ () C:\Users\Ursel\Desktop\JRT.txt
2014-03-02 14:14 - 2014-03-02 14:14 - 00000000 ____D () C:\Windows\ERUNT
2014-03-02 13:57 - 2014-03-02 14:07 - 00000000 ___DC () C:\AdwCleaner
2014-03-02 13:56 - 2014-03-02 13:56 - 01244192 _____ () C:\Users\Ursel\Downloads\adwcleaner.exe
2014-03-02 13:56 - 2014-03-02 13:56 - 01037734 _____ (Thisisu) C:\Users\Ursel\Downloads\JRT.exe
2014-03-02 13:55 - 2014-03-02 13:55 - 00080808 _____ () C:\Users\Ursel\AppData\Roaming\GDIPFONTCACHEV1.DAT
2014-02-28 19:17 - 2014-02-28 19:18 - 00000000 ____D () C:\Users\Ursel\Desktop\Foto wettbewerb
2014-02-28 13:02 - 2014-02-28 13:02 - 00000385 _____ () C:\Users\Ursel\AppData\Roaminguser_gensett.xml
2014-02-28 11:00 - 2014-02-28 11:00 - 02155520 _____ (Farbar) C:\Users\Ursel\Downloads\FRST64(1).exe
2014-02-28 10:58 - 2014-02-28 10:58 - 01143808 _____ (Farbar) C:\Users\Ursel\Downloads\FRST.exe
2014-02-28 08:36 - 2014-02-28 08:36 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-02-28 07:49 - 2014-02-28 07:49 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-02-28 07:49 - 2014-02-28 07:49 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-02-28 07:25 - 2014-02-28 07:25 - 00693717 _____ () C:\ProgramData\1393567676.bdinstall.bin
2014-02-28 07:18 - 2014-02-28 07:49 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-02-28 07:18 - 2014-02-28 07:18 - 00002194 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2014-02-28 07:18 - 2014-02-28 07:18 - 00002075 _____ () C:\Users\Public\Desktop\Bitdefender Internet Security.lnk
2014-02-28 07:18 - 2014-02-28 07:18 - 00000684 ___HC () C:\bdr-cf01
2014-02-28 07:18 - 2014-02-28 07:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-02-28 07:18 - 2014-02-28 07:18 - 00000000 ____D () C:\ProgramData\BDLogging
2014-02-28 07:18 - 2013-12-02 11:58 - 00635392 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-02-28 07:18 - 2013-12-02 11:56 - 00893440 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-02-28 07:18 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2014-02-28 07:18 - 2013-02-22 18:46 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2014-02-28 07:18 - 2012-11-02 13:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-02-28 07:18 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2014-02-28 07:13 - 2014-02-28 07:18 - 00253404 ____H () C:\bdr-ld01
2014-02-28 07:13 - 2014-02-28 07:18 - 00009216 ____H () C:\bdr-ld01.mbr
2014-02-28 07:13 - 2014-02-28 07:13 - 00000000 ____D () C:\Users\Ursel\AppData\Roaming\Bitdefender
2014-02-28 07:13 - 2013-09-24 15:38 - 46879860 ____H () C:\bdr-im01.gz
2014-02-28 07:13 - 2013-08-13 12:38 - 03271472 ____H () C:\bdr-bz01
2014-02-28 07:08 - 2014-02-28 07:49 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-02-28 07:08 - 2014-02-28 07:08 - 00000000 ___DC () C:\Program Files\Bitdefender
2014-02-28 07:08 - 2013-11-04 15:47 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2014-02-28 07:08 - 2013-11-04 15:46 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2014-02-28 07:08 - 2013-08-23 12:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-02-28 07:08 - 2013-08-07 12:46 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-02-28 07:07 - 2014-02-28 07:07 - 00000000 ____D () C:\Users\Ursel\AppData\Roaming\QuickScan
2014-02-28 06:56 - 2014-02-28 06:57 - 05701712 _____ () C:\Users\Ursel\Downloads\bitdefender_14isecurity(1).exe
2014-02-28 06:53 - 2014-02-12 15:07 - 00000426 ____C () C:\AVScanner.ini
2014-02-28 06:51 - 2014-02-28 07:08 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-02-28 06:29 - 2014-02-28 06:29 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-02-25 19:59 - 2014-02-25 19:59 - 00000000 ____D () C:\Users\Ursel\Desktop\PSE
2014-02-24 19:11 - 2014-02-24 19:11 - 00000000 _____ () C:\ProgramData\Vocal Transformer
2014-02-24 15:56 - 2014-02-28 11:08 - 00035475 _____ () C:\Users\Ursel\Downloads\Addition.txt
2014-02-24 15:54 - 2014-03-02 14:27 - 00019636 _____ () C:\Users\Ursel\Downloads\FRST.txt
2014-02-24 15:54 - 2014-02-24 15:54 - 00000000 ____D () C:\ProgramData\1E2C0
2014-02-24 15:53 - 2014-03-02 14:27 - 00000000 ___DC () C:\FRST
2014-02-24 15:51 - 2014-02-24 15:51 - 02155520 _____ (Farbar) C:\Users\Ursel\Downloads\FRST64.exe
2014-02-24 15:48 - 2014-02-24 15:48 - 00000000 ____D () C:\Users\Ursel\Documents\My Received Files
2014-02-24 15:48 - 2014-02-24 15:48 - 00000000 ____D () C:\Users\Ursel\AppData\Roaming\MusicNet
2014-02-24 08:27 - 2014-02-24 08:27 - 00000000 ____D () C:\Users\Ursel\AppData\Roaming\AVG2014
2014-02-24 08:25 - 2014-02-28 07:05 - 00000000 ____D () C:\ProgramData\AVG2014
2014-02-24 08:25 - 2014-02-28 07:02 - 00000000 __HDC () C:\$AVG
2014-02-24 08:21 - 2014-02-28 08:34 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-24 08:21 - 2014-02-28 07:06 - 00000000 ____D () C:\Users\Ursel\AppData\Local\Avg2014
2014-02-24 08:21 - 2014-02-24 08:21 - 00000000 ____D () C:\Users\Ursel\AppData\Local\MFAData
2014-02-24 07:57 - 2014-02-24 07:57 - 00118784 _____ () C:\Windows\system32\liokinfo.exe
2014-02-24 07:50 - 2014-02-24 07:50 - 00000148 _____ () C:\Users\Ursel\Desktop\Goodgame Empire.url
2014-02-22 20:28 - 2014-02-22 20:28 - 00003502 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Ursel-PC-Ursel
2014-02-22 20:28 - 2014-02-22 20:28 - 00000000 ____D () C:\Users\Ursel\Documents\NewBlueFX
2014-02-22 14:09 - 2014-02-23 17:44 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-02-21 19:18 - 2014-02-21 19:18 - 00016311 _____ () C:\Users\Ursel\Downloads\Bundesschau 2014.odt
2014-02-12 06:19 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 06:19 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 06:18 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 06:18 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 06:18 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 06:18 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 06:18 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 06:18 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 06:18 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 06:18 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 06:18 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 06:18 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 06:18 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 06:18 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 06:18 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 06:18 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 06:18 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 06:18 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 06:18 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 06:18 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 06:18 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 06:18 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 06:18 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 06:18 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 06:18 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 06:18 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 06:18 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 06:18 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 06:18 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 06:18 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 06:18 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 06:18 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 06:18 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 06:18 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 06:18 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 06:18 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 06:18 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 06:18 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 06:18 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 06:18 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 06:18 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 05:54 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 05:54 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 05:54 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 05:54 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 05:54 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 05:54 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 05:54 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 05:54 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 05:54 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 05:54 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 05:54 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 05:53 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 05:53 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 05:53 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 05:53 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 05:53 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 05:53 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 05:53 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 05:53 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 05:53 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 05:53 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 05:53 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 05:53 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 05:53 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 05:53 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 05:53 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 05:53 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 05:53 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-06 15:32 - 2014-02-06 15:32 - 00283120 _____ (Mozilla) C:\Users\Ursel\Downloads\Firefox Setup Stub 27.0.exe
2014-01-31 06:22 - 2014-01-31 06:22 - 00957112 _____ (Microsoft Corporation) C:\Users\Ursel\Downloads\SaveAsPDFandXPS.exe
==================== One Month Modified Files and Folders =======
2014-03-02 14:28 - 2014-02-24 15:54 - 00019636 _____ () C:\Users\Ursel\Downloads\FRST.txt
2014-03-02 14:27 - 2014-03-02 14:27 - 02156544 _____ (Farbar) C:\Users\Ursel\Downloads\FRST64(2).exe
2014-03-02 14:27 - 2014-02-24 15:53 - 00000000 ___DC () C:\FRST
2014-03-02 14:25 - 2014-03-02 14:25 - 00017600 _____ () C:\Users\Ursel\Desktop\JRT.txt
2014-03-02 14:20 - 2009-07-14 05:45 - 00010096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-02 14:20 - 2009-07-14 05:45 - 00010096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-02 14:19 - 2012-12-21 17:22 - 00000000 ____D () C:\Users\Ursel\Documents\My Kindle Content
2014-03-02 14:17 - 2014-01-21 06:23 - 00000292 _____ () C:\Windows\Tasks\Digital Sites.job
2014-03-02 14:14 - 2014-03-02 14:14 - 00000000 ____D () C:\Windows\ERUNT
2014-03-02 14:09 - 2011-12-12 08:07 - 00076080 _____ () C:\Windows\setupact.log
2014-03-02 14:09 - 2011-01-30 18:06 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-02 14:09 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-02 14:08 - 2011-01-30 18:02 - 01322630 _____ () C:\Windows\WindowsUpdate.log
2014-03-02 14:07 - 2014-03-02 13:57 - 00000000 ___DC () C:\AdwCleaner
2014-03-02 13:56 - 2014-03-02 13:56 - 01244192 _____ () C:\Users\Ursel\Downloads\adwcleaner.exe
2014-03-02 13:56 - 2014-03-02 13:56 - 01037734 _____ (Thisisu) C:\Users\Ursel\Downloads\JRT.exe
2014-03-02 13:56 - 2012-08-20 05:28 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-02 13:55 - 2014-03-02 13:55 - 00080808 _____ () C:\Users\Ursel\AppData\Roaming\GDIPFONTCACHEV1.DAT
2014-03-02 08:39 - 2012-07-19 19:36 - 00000000 __SHD () C:\Users\Ursel\AppData\Roaming\.#
2014-03-02 08:30 - 2011-01-30 18:06 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-02 08:25 - 2012-07-19 19:36 - 00000000 ____D () C:\Users\Ursel\AppData\Roaming\ALDI_SUED_Mah_Jong
2014-03-02 06:40 - 2011-03-14 12:42 - 00000000 ____D () C:\Users\Ursel\AppData\Local\Adobe
2014-02-28 19:18 - 2014-02-28 19:17 - 00000000 ____D () C:\Users\Ursel\Desktop\Foto wettbewerb
2014-02-28 13:02 - 2014-02-28 13:02 - 00000385 _____ () C:\Users\Ursel\AppData\Roaminguser_gensett.xml
2014-02-28 11:08 - 2014-02-24 15:56 - 00035475 _____ () C:\Users\Ursel\Downloads\Addition.txt
2014-02-28 11:00 - 2014-02-28 11:00 - 02155520 _____ (Farbar) C:\Users\Ursel\Downloads\FRST64(1).exe
2014-02-28 10:58 - 2014-02-28 10:58 - 01143808 _____ (Farbar) C:\Users\Ursel\Downloads\FRST.exe
2014-02-28 08:36 - 2014-02-28 08:36 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-02-28 08:34 - 2014-02-24 08:21 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-28 08:34 - 2012-07-31 04:45 - 00180710 _____ () C:\Windows\PFRO.log
2014-02-28 07:49 - 2014-02-28 07:49 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-02-28 07:49 - 2014-02-28 07:49 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-02-28 07:49 - 2014-02-28 07:18 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-02-28 07:49 - 2014-02-28 07:08 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-02-28 07:25 - 2014-02-28 07:25 - 00693717 _____ () C:\ProgramData\1393567676.bdinstall.bin
2014-02-28 07:18 - 2014-02-28 07:18 - 00002194 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2014-02-28 07:18 - 2014-02-28 07:18 - 00002075 _____ () C:\Users\Public\Desktop\Bitdefender Internet Security.lnk
2014-02-28 07:18 - 2014-02-28 07:18 - 00000684 ___HC () C:\bdr-cf01
2014-02-28 07:18 - 2014-02-28 07:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-02-28 07:18 - 2014-02-28 07:18 - 00000000 ____D () C:\ProgramData\BDLogging
2014-02-28 07:18 - 2014-02-28 07:13 - 00253404 ____H () C:\bdr-ld01
2014-02-28 07:18 - 2014-02-28 07:13 - 00009216 ____H () C:\bdr-ld01.mbr
2014-02-28 07:13 - 2014-02-28 07:13 - 00000000 ____D () C:\Users\Ursel\AppData\Roaming\Bitdefender
2014-02-28 07:08 - 2014-02-28 07:08 - 00000000 ___DC () C:\Program Files\Bitdefender
2014-02-28 07:08 - 2014-02-28 06:51 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-02-28 07:07 - 2014-02-28 07:07 - 00000000 ____D () C:\Users\Ursel\AppData\Roaming\QuickScan
2014-02-28 07:07 - 2011-03-01 18:06 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-02-28 07:06 - 2014-02-24 08:21 - 00000000 ____D () C:\Users\Ursel\AppData\Local\Avg2014
2014-02-28 07:05 - 2014-02-24 08:25 - 00000000 ____D () C:\ProgramData\AVG2014
2014-02-28 07:02 - 2014-02-24 08:25 - 00000000 __HDC () C:\$AVG
2014-02-28 06:57 - 2014-02-28 06:56 - 05701712 _____ () C:\Users\Ursel\Downloads\bitdefender_14isecurity(1).exe
2014-02-28 06:29 - 2014-02-28 06:29 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-02-28 06:22 - 2014-01-21 06:23 - 00000189 _____ () C:\Users\Ursel\AppData\Roaming\WB.CFG
2014-02-26 18:01 - 2010-05-12 09:18 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-02-26 18:01 - 2010-05-12 09:18 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-02-26 18:01 - 2009-07-14 06:13 - 01622300 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-26 06:32 - 2011-01-30 18:24 - 01596580 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-25 19:59 - 2014-02-25 19:59 - 00000000 ____D () C:\Users\Ursel\Desktop\PSE
2014-02-24 19:12 - 2011-02-13 09:18 - 00000000 ____D () C:\Users\Ursel\AppData\Local\Nikon
2014-02-24 19:11 - 2014-02-24 19:11 - 00000000 _____ () C:\ProgramData\Vocal Transformer
2014-02-24 19:11 - 2011-02-13 09:16 - 00000000 ____H () C:\ProgramData\PKP_DLev.DAT
2014-02-24 19:11 - 2011-02-13 09:16 - 00000000 ____H () C:\ProgramData\PKP_DLet.DAT
2014-02-24 19:11 - 2011-02-13 09:16 - 00000000 ____H () C:\ProgramData\PKP_DLes.DAT
2014-02-24 19:11 - 2011-02-13 09:16 - 00000000 _____ () C:\Users\Ursel\AppData\Roaming\howto
2014-02-24 15:54 - 2014-02-24 15:54 - 00000000 ____D () C:\ProgramData\1E2C0
2014-02-24 15:51 - 2014-02-24 15:51 - 02155520 _____ (Farbar) C:\Users\Ursel\Downloads\FRST64.exe
2014-02-24 15:48 - 2014-02-24 15:48 - 00000000 ____D () C:\Users\Ursel\Documents\My Received Files
2014-02-24 15:48 - 2014-02-24 15:48 - 00000000 ____D () C:\Users\Ursel\AppData\Roaming\MusicNet
2014-02-24 11:55 - 2011-10-03 16:05 - 00000000 ____D () C:\Users\Ursel\AppData\Roaming\Skype
2014-02-24 08:27 - 2014-02-24 08:27 - 00000000 ____D () C:\Users\Ursel\AppData\Roaming\AVG2014
2014-02-24 08:26 - 2014-01-22 06:01 - 00000000 ____D () C:\Users\Ursel\AppData\Roaming\TuneUp Software
2014-02-24 08:21 - 2014-02-24 08:21 - 00000000 ____D () C:\Users\Ursel\AppData\Local\MFAData
2014-02-24 07:57 - 2014-02-24 07:57 - 00118784 _____ () C:\Windows\system32\liokinfo.exe
2014-02-24 07:50 - 2014-02-24 07:50 - 00000148 _____ () C:\Users\Ursel\Desktop\Goodgame Empire.url
2014-02-24 06:38 - 2009-07-14 05:45 - 03356880 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-23 18:15 - 2011-01-30 18:13 - 00080808 _____ () C:\Users\Ursel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-23 17:47 - 2013-06-24 06:48 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-02-23 17:44 - 2014-02-22 14:09 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-02-23 06:10 - 2010-07-07 17:28 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-22 20:28 - 2014-02-22 20:28 - 00003502 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Ursel-PC-Ursel
2014-02-22 20:28 - 2014-02-22 20:28 - 00000000 ____D () C:\Users\Ursel\Documents\NewBlueFX
2014-02-22 20:28 - 2011-02-06 03:51 - 00000000 ____D () C:\Users\Ursel\AppData\Roaming\Adobe
2014-02-22 17:34 - 2013-06-24 06:51 - 00000000 ____D () C:\Users\Ursel\Documents\Adobe
2014-02-22 14:07 - 2010-07-07 17:28 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-22 14:06 - 2013-06-24 06:47 - 00000000 ___DC () C:\Program Files\Adobe
2014-02-21 19:18 - 2014-02-21 19:18 - 00016311 _____ () C:\Users\Ursel\Downloads\Bundesschau 2014.odt
2014-02-21 15:33 - 2011-01-30 18:06 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-21 05:56 - 2012-08-20 05:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 05:56 - 2012-08-20 05:28 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 05:56 - 2011-09-02 13:04 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-20 18:01 - 2012-11-19 21:23 - 00000000 ____D () C:\Users\Ursel\Documents\IG sach
2014-02-17 19:25 - 2011-01-30 18:06 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-17 19:25 - 2011-01-30 18:06 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-17 08:38 - 2013-07-14 06:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 08:36 - 2010-07-07 16:49 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 17:26 - 2012-11-30 14:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 12:16 - 2013-12-21 07:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-16 08:17 - 2014-01-21 06:23 - 00003232 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-02-13 18:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-12 15:07 - 2014-02-28 06:53 - 00000426 ____C () C:\AVScanner.ini
2014-02-11 05:41 - 2011-10-30 19:38 - 00000000 ____D () C:\Users\Ursel\Downloads\schoko-amarena-torte_105049-Dateien
2014-02-11 05:36 - 2012-11-29 19:20 - 00000000 ____D () C:\Users\Ursel\Documents\Hölderlin
2014-02-11 05:36 - 2012-07-13 07:09 - 00000000 ____D () C:\Users\Ursel\Documents\Forum
2014-02-10 12:50 - 2012-11-30 14:48 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-07 05:32 - 2014-01-22 06:13 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-02-06 15:37 - 2013-08-27 20:28 - 00003074 _____ () C:\Windows\System32\Tasks\{7DC17C54-3C81-438E-B75B-44610CC06F91}
2014-02-06 15:37 - 2011-10-03 16:02 - 00003146 _____ () C:\Windows\System32\Tasks\{1A5992A8-71B7-47D7-AB61-1376EF897169}
2014-02-06 15:32 - 2014-02-06 15:32 - 00283120 _____ (Mozilla) C:\Users\Ursel\Downloads\Firefox Setup Stub 27.0.exe
2014-02-06 13:16 - 2014-02-12 06:18 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 06:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 06:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 06:18 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 06:18 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 06:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 06:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 06:18 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 06:18 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 06:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 06:18 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 06:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 06:18 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 06:18 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 06:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 06:18 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 06:18 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 06:18 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 06:18 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 06:18 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 06:18 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 06:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 06:18 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 06:18 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 06:18 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 06:18 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 06:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 06:18 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 06:18 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 06:18 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 06:18 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 06:18 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 06:18 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 06:18 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 06:18 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 06:18 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 06:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 06:18 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 06:18 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-03 11:32 - 2011-01-30 18:09 - 00000000 ____D () C:\Users\Ursel
2014-02-03 11:25 - 2012-11-29 19:23 - 00000000 ____D () C:\Users\Ursel\Documents\DOC. Word
2014-02-02 17:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-02 12:49 - 2012-11-19 08:08 - 00000000 ____D () C:\Users\Ursel\Allerlei
2014-01-31 06:22 - 2014-01-31 06:22 - 00957112 _____ (Microsoft Corporation) C:\Users\Ursel\Downloads\SaveAsPDFandXPS.exe
Files to move or delete:
====================
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT
C:\Users\Ursel\OOo_3.3.0_Win_x86_install-wJRE_de.exe
Some content of TEMP:
====================
C:\Users\Ursel\AppData\Local\Temp\32386uninstall.exe
C:\Users\Ursel\AppData\Local\Temp\70756uninstall.exe
C:\Users\Ursel\AppData\Local\Temp\AskSLib.dll
C:\Users\Ursel\AppData\Local\Temp\BackupSetup.exe
C:\Users\Ursel\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Ursel\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Ursel\AppData\Local\Temp\install_flashplayer11x32_mssa_au_aih.exe
C:\Users\Ursel\AppData\Local\Temp\iv_uninstall.exe
C:\Users\Ursel\AppData\Local\Temp\mpam-1c7fdfb.exe
C:\Users\Ursel\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Ursel\AppData\Local\Temp\nscC118.exe
C:\Users\Ursel\AppData\Local\Temp\nscC6E4.exe
C:\Users\Ursel\AppData\Local\Temp\nsh8CC9.exe
C:\Users\Ursel\AppData\Local\Temp\nsh8FD6.exe
C:\Users\Ursel\AppData\Local\Temp\nsh9331.exe
C:\Users\Ursel\AppData\Local\Temp\nsn3A37.exe
C:\Users\Ursel\AppData\Local\Temp\nsxC406.exe
C:\Users\Ursel\AppData\Local\Temp\Quarantine.exe
C:\Users\Ursel\AppData\Local\Temp\readSTILog.dll
C:\Users\Ursel\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Ursel\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Ursel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Ursel\AppData\Local\Temp\Sqlite3.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-28 14:37
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-03-2014 01
Ran by Ursel at 2014-03-02 14:29:56
Running from C:\Users\Ursel\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installed Programs ======================
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.0.16600 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.0.16600 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.0.3 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM-x32\...\{553255F3-78FD-40F1-A6F8-6882140265FE}) (Version: 1.2.1 - Apple Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 9.23.0 - ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 3.12.0 - ashampoo GmbH & Co. KG)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.27 - Atheros Communications Inc.)
Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 17.25.0.1074 - Bitdefender)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP550 series Benutzerregistrierung (HKLM-x32\...\Canon MP550 series Benutzerregistrierung) (Version: - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.11 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Content (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (x32 Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM-x32\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (x32 Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM-x32\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 (x32 Version: 4.0 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3418 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3418 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1410a - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.0.1410a - CyberLink Corp.) Hidden
CyberLink MediaShow Espresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 5.5.1412_24021a - CyberLink Corp.)
CyberLink MediaShow Espresso (x32 Version: 5.5.1412_24021a - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.0.6904 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.0.6904 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3802 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3224a - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.3224a - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2225 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.2225 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2429 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.2429 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3428 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.1.3428 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Elements 12 Organizer (x32 Version: 12.0 - Ihr Firmenname) Hidden
FileZilla Client 3.7.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.1 - FileZilla Project)
FixFoto 3.02 X64 (HKLM\...\FixFoto_is1) (Version: - Joachim Koopmann Software)
FixFoto 3.50 (HKLM-x32\...\FixFoto_is1) (Version: - Joachim Koopmann Software)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
fotokasten comfort (HKLM-x32\...\FKC22150706_is1) (Version: - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java Auto Updater (x32 Version: 2.0.2.4 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kalenderchen 5 (HKLM-x32\...\{11464943-4682-4F6B-A96D-D4E8C26DD111}_is1) (Version: - Daniel Manger)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.2 - Wistron Corp.)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2213 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2213 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: - Mobile Connection Manager)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Firefox Packages (HKCU\...\Mozilla Firefox Packages) (Version: - ) <==== ATTENTION
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.1 - Nikon)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}) (Version: 7.66.71.0 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6237 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30121 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0148 - REALTEK Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer.medionlap.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1) (Version: 0.9.511 - Deutsche Post AG)
Versandhelfer (x32 Version: 0.9.511 - Deutsche Post AG) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
X10 Hardware(TM) (HKLM-x32\...\X10Hardware) (Version: - )
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.25_TME - ZTE Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
23-02-2014 18:00:52 Windows-Sicherung
24-02-2014 07:24:18 Installed AVG 2014
24-02-2014 07:24:35 Installed AVG 2014
24-02-2014 15:31:10 Removed Visual Studio 2012 x64 Redistributables
24-02-2014 17:01:03 Windows Update
24-02-2014 18:08:51 Removed Noiseware Community Edition
24-02-2014 18:10:08 Removed Nikon Message Center 2.
24-02-2014 18:13:22 Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi wird entfernt
25-02-2014 05:30:28 Windows Update
26-02-2014 05:30:53 Windows Update
28-02-2014 06:00:58 Removed AVG 2014
28-02-2014 06:05:51 Removed AVG 2014
28-02-2014 10:11:30 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {02A4B9E7-11A3-4170-8B0B-3F4F7082E19B} - System32\Tasks\AdobeAAMUpdater-1.0-Ursel-PC-Ursel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {0E9A6038-CCE1-467A-8714-5D01309F2D1A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {48535D8F-92A9-4A24-854B-9D2FCC1B7E57} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {556D61E4-4F0C-4166-92E9-8323DBD84C82} - System32\Tasks\{04F7844C-5111-43C5-8B27-D2BAA2B2C67F} => C:\Program Files (x86)\Opera\opera.exe
Task: {691AEAFE-C0BD-4094-9822-58BC866512C4} - System32\Tasks\{1A5992A8-71B7-47D7-AB61-1376EF897169} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.5.0.119.259&LastError=2
Task: {AC005D22-87C6-4C39-9B4D-87F8FF09FE30} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-30] (Google Inc.)
Task: {B22ECB21-BA12-4B5F-8E7B-58F90DFB116E} - System32\Tasks\Digital Sites => C:\Users\Ursel\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {C3B9ED12-AB91-4EA6-B8E5-267B7A58F082} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-30] (Google Inc.)
Task: {DEE55096-7016-4064-8379-0A34FFD85185} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {FA1677FA-85F0-49EB-8E82-B005FE215759} - System32\Tasks\{7DC17C54-3C81-438E-B75B-44610CC06F91} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/abandoninstall?page=tsMain
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\Ursel\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-02-28 07:18 - 2013-06-19 11:45 - 00265080 ____C () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2014-02-28 07:18 - 2014-01-29 17:57 - 00003072 ____C () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
2014-02-28 07:18 - 2011-11-14 19:17 - 00153680 ____C () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
2014-02-28 07:18 - 2014-01-29 17:57 - 00005120 ____C () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui
2014-02-28 07:26 - 2014-02-28 07:26 - 00770792 ____C () C:\Program Files\Bitdefender\Bitdefender\otengines_00036_002\ashttpbr.mdl
2014-02-28 07:26 - 2014-02-28 07:26 - 00568400 ____C () C:\Program Files\Bitdefender\Bitdefender\otengines_00036_002\ashttpdsp.mdl
2014-02-28 07:26 - 2014-02-28 07:26 - 02592904 ____C () C:\Program Files\Bitdefender\Bitdefender\otengines_00036_002\ashttpph.mdl
2014-02-28 07:26 - 2014-02-28 07:26 - 01315680 ____C () C:\Program Files\Bitdefender\Bitdefender\otengines_00036_002\ashttprbl.mdl
2010-11-06 16:39 - 2010-02-10 12:34 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-01-10 20:12 - 2012-01-10 20:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-02-28 07:18 - 2013-06-19 11:44 - 00204280 ____C () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2009-11-02 22:20 - 2009-11-02 22:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 22:23 - 2009-11-02 22:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2011-01-17 15:19 - 2011-04-15 18:37 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-02-13 15:01 - 2014-02-13 15:01 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\bfd5296be62268bc7a31a424f0d1ad5f\IsdiInterop.ni.dll
2010-11-02 17:18 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-12-04 08:44 - 2012-12-04 08:44 - 10678656 _____ () C:\Users\Ursel\AppData\Local\Amazon\Kindle\application\QtWebKit4.dll
2012-12-04 08:44 - 2012-12-04 08:44 - 08073088 _____ () C:\Users\Ursel\AppData\Local\Amazon\Kindle\application\QtGui4.dll
2012-12-04 08:44 - 2012-12-04 08:44 - 02253184 _____ () C:\Users\Ursel\AppData\Local\Amazon\Kindle\application\QtCore4.dll
2012-12-04 08:44 - 2012-12-04 08:44 - 00957312 _____ () C:\Users\Ursel\AppData\Local\Amazon\Kindle\application\QtNetwork4.dll
2012-12-04 08:44 - 2012-12-04 08:44 - 01298816 _____ () C:\Users\Ursel\AppData\Local\Amazon\Kindle\application\QtScript4.dll
2012-12-04 08:44 - 2012-12-04 08:44 - 00588160 _____ () C:\Users\Ursel\AppData\Local\Amazon\Kindle\application\QtSql4.dll
2012-12-04 08:44 - 2012-12-04 08:44 - 00344448 _____ () C:\Users\Ursel\AppData\Local\Amazon\Kindle\application\QtXml4.dll
2012-12-04 08:44 - 2012-12-04 08:44 - 00213392 _____ () C:\Users\Ursel\AppData\Local\Amazon\Kindle\application\WebCoreViewer.dll
2012-12-04 08:44 - 2012-12-04 08:44 - 01342608 _____ () C:\Users\Ursel\AppData\Local\Amazon\Kindle\application\libxml2.dll
2012-12-04 08:44 - 2012-12-04 08:44 - 01053184 _____ () C:\Users\Ursel\AppData\Local\Amazon\Kindle\application\CFLite.dll
2012-12-04 08:44 - 2012-12-04 08:44 - 07974200 _____ () C:\Users\Ursel\AppData\Local\Amazon\Kindle\application\LibWebCore.dll
2012-12-04 08:44 - 2012-12-04 08:44 - 00910904 _____ () C:\Users\Ursel\AppData\Local\Amazon\Kindle\application\cairo.dll
2012-12-04 08:44 - 2012-12-04 08:44 - 00094712 _____ () C:\Users\Ursel\AppData\Local\Amazon\Kindle\application\zlib1.dll
2012-12-04 08:44 - 2012-12-04 08:44 - 00310560 _____ () C:\Users\Ursel\AppData\Local\Amazon\Kindle\application\libjpeg.dll
2012-12-04 08:44 - 2012-12-04 08:44 - 00031104 _____ () C:\Users\Ursel\AppData\Local\Amazon\Kindle\application\plugins\imageformats\qgif4.dll
2012-12-04 08:44 - 2012-12-04 08:44 - 00201088 _____ () C:\Users\Ursel\AppData\Local\Amazon\Kindle\application\plugins\imageformats\qjpeg4.dll
2014-02-10 12:50 - 2014-02-16 12:16 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-28 07:18 - 2013-09-10 18:46 - 00035896 ____C () C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\components\ffpwdman.dll
2014-02-21 05:56 - 2014-02-21 05:56 - 16265096 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:A5B56640
AlternateDataStreams: C:\Users\Ursel\Downloads\adwcleaner.exe:BDU
AlternateDataStreams: C:\Users\Ursel\Downloads\FRST.exe:BDU
AlternateDataStreams: C:\Users\Ursel\Downloads\FRST64(1).exe:BDU
AlternateDataStreams: C:\Users\Ursel\Downloads\FRST64(2).exe:BDU
AlternateDataStreams: C:\Users\Ursel\Downloads\JRT.exe:BDU
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 50%
Total physical RAM: 3893.49 MB
Available physical RAM: 1909.3 MB
Total Pagefile: 7785.16 MB
Available Pagefile: 5523.97 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:546.25 GB) (Free:409.71 GB) NTFS
Drive d: (Recover) (Fixed) (Total:48.83 GB) (Free:7.41 GB) NTFS
Drive e: (PRE 12) (CDROM) (Total:2.47 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 596 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=546 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=49 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1023 MB) - (Type=12)
==================== End Of Log ============================
|
|
02.03.2014, 15:49
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Goodgames Empire Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT
C:\Users\Ursel\OOo_3.3.0_Win_x86_install-wJRE_de.exe
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.03.2014, 17:29
| #21 |
| | Goodgames Empire Habe es genau so gemacht, wie beschrieben, aber es wird nicht gespeichert. Weder in FRST noch seperat auf dem Laptop. Er reagiert nicht darauf! Codierung ANSI, hilft das? |
|
02.03.2014, 17:37
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Goodgames Empire FRST soll nichts speichern, du sollst das Textdokument speichern auf dem Desktop als fixlist.txt
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.03.2014, 18:56
| #23 |
| | Goodgames Empire No Fixlist found. Geändert von Ursel (02.03.2014 um 19:04 Uhr) |
|
02.03.2014, 22:47
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Goodgames Empire Dann hast du FRST nicht auf dem Desktop gespeichert oder den Dateinamen (fixlist.txt) falsch geschrieben
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.03.2014, 07:58
| #25 |
| | Goodgames Empire Nun sollte man mal dem Nerd auch sagen, das man den Download FRST aus dem Downloadordner auch erst einmal in desktop verschieben sollte.  Aber man wächst mit seinen Aufgaben. Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-03-2014 03
Ran by Ursel at 2014-03-03 07:55:41 Run:1
Running from C:\Users\Ursel\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT
C:\Users\Ursel\OOo_3.3.0_Win_x86_install-wJRE_de.exe
*****************
C:\ProgramData\PKP_DLes.DAT => Moved successfully.
C:\ProgramData\PKP_DLet.DAT => Moved successfully.
C:\ProgramData\PKP_DLev.DAT => Moved successfully.
C:\Users\Ursel\OOo_3.3.0_Win_x86_install-wJRE_de.exe => Moved successfully.
==== End of Fixlog ====
|
|
03.03.2014, 11:01
| #26 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Goodgames Empire Und ich kann darauf nur entgegnen, dass die Hilfesuchenden die Anleitungen genau lesen und umsetzen müssen.... Zitat:
 Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM) Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.03.2014, 20:53
| #27 |
| | Goodgames Empire hallo Cosinus! Kannst du mit Exploit.Win32.M504-028GEN was anfangen? Danke |
|
04.03.2014, 21:09
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Goodgames Empire Unvollständige Angabe. Außerdem solltest du die Logs von MBAM und ESET posten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.03.2014, 22:57
| #29 |
| | Goodgames Empire Stimmt, sorry. MBAM Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.03.04.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16518 Ursel :: URSEL-PC [Administrator] Schutz: Deaktiviert 04.03.2014 22:47:13 mbam-log-2014-03-03 (17-10-54).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 228479 Laufzeit: 8 Minute(n), 58 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 13 C:\$RECYCLE.BIN\S-1-5-21-1019772088-3661694572-1671400686-1000\$R4TO6E6.exe (PUP.Optional.Bandoo.A) -> Keine Aktion durchgeführt. C:\Users\Ursel\AppData\Local\Temp\nscC118.exe (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt. C:\Users\Ursel\AppData\Local\Temp\nscC6E4.exe (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt. C:\Users\Ursel\AppData\Local\Temp\nsh8CC9.exe (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt. C:\Users\Ursel\AppData\Local\Temp\nsh8FD6.exe (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt. C:\Users\Ursel\AppData\Local\Temp\nsh9331.exe (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt. C:\Users\Ursel\AppData\Local\Temp\nsn3A37.exe (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt. C:\Users\Ursel\AppData\Local\Temp\nsxC406.exe (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt. C:\Users\Ursel\AppData\Local\Temp\is357113909\1156487_stp\JumpFlipSetup.exe (PUP.Optional.JumpFlip.A) -> Keine Aktion durchgeführt. C:\Users\Ursel\AppData\Local\Temp\is357113909\2125221_stp\rcpsetup_adppi15_adppi15.exe (PUP.Optional.RegCleanPro) -> Keine Aktion durchgeführt. C:\Users\Ursel\AppData\Local\Temp\is357113909\2125288_stp\Mobogenie_Setup_UN.exe (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt. C:\Users\Ursel\AppData\Local\Temp\is88410971\MyBabylonTB.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. C:\Users\Ursel\AppData\Local\Temp\nsh199C\SpSetup.exe (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt. (Ende) |
|
04.03.2014, 23:15
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Goodgames Empire Wieso Funde nicht entfernt? ESET Log noch nicht fertig? 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
Linear-Darstellung
