Internet langsam, und viel Werbung

ThomasPitten · 27.02.2014, 14:38

Hallo, Ich brauche Hilfe. Seit ca. zwei Wochen ist das Internet sehr langsam, und auf jeder Seite ist viel Werbung. Es öffnen sich fast bei jedem Link-klick neue Fenster mit Werbung. Das macht keinen Spaß mehr.
Kann mir da bitte jemand helfen??? Ich hab die OTL-Berichte, bekomme die aber nicht hochgeladen, weil zu groß???? Hab den Link dazu aus einem anderem Thread.

http://www.trojaner-board.de/136721-...l-werbung.html

Aber, ich bekommst nicht hochgeladen. Sonst mach ich`s nochmal neu.

Vielen Dank, Gruß, Thomas

schrauber · 27.02.2014, 15:13

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

ThomasPitten · 27.02.2014, 15:57

Hallo, hier die frst.txt.

Gruß, Thomas

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-02-2014 02
Ran by Thomas Pitten (administrator) on THOMASPITTEN-PC on 27-02-2014 14:59:50
Running from C:\Users\Thomas Pitten\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ITE Tech. Inc.) C:\Windows\system32\IRMonitor.exe
() C:\Program Files (x86)\Re-markit\Re-markit_wd.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(AOL LLC) C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Bandoo Media Inc.) C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Bandoo Media Inc.) C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
(Bandoo Media Inc.) C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(HP) C:\Windows\system32\HPSIsvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AxoNet Software GmbH) C:\Program Files\Windows Server\bin\LightsOutClientService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
() C:\Program Files (x86)\Re-markit\Re-markit154.exe
() C:\Windows\SysWOW64\scNKService_s.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WhsMcClient.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WSConnectorUpdate.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\LANConfigSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(深圳市普联技术有限公司) C:\Program Files (x86)\TP-LINK\MFP and Storage Server\MFP and Storage Server.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AxoNet Software GmbH) C:\Program Files\Windows Server\Bin\LightsOutClientGui.exe
(Logitech, Inc.) C:\Program Files\SetPoint\SetPoint.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
() C:\Program Files\SetPoint\x86\SetPoint32.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Deutsche Telekom AG, www.t-online.de) C:\Program Files (x86)\T-Online\T-Online_Software_6\eMail\Mail.exe
(Deutsche Telekom AG) C:\Program Files (x86)\T-Online\T-Online_Software_6\Basis-Software\Basis2\profilemgr.exe
(Deutsche Telekom AG) C:\Program Files (x86)\T-Online\T-Online_Software_6\Basis-Software\Basis2\kernel.exe
(Deutsche Telekom AG) C:\Program Files (x86)\T-Online\T-Online_Software_6\Basis-Software\Basis2\sc_watch.exe
(fun communications GmbH, hxxp://www.fun.de) C:\Program Files (x86)\T-Online\T-Online_Software_6\Notifier\Notifier.exe
(Deutsche Telekom AG, Marmiko IT-Solutions GmbH) C:\Program Files (x86)\Common Files\Marmiko Shared\MInfraIS\MInfraIS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_70_ActiveX.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\QuickSet.exe [3179288 2010-01-06] (Dell Inc.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-03-17] (Synaptics Incorporated)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-02-03] (Dell Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [Launchpad] - C:\Program Files\Windows Server\Bin\Launchpad.exe [1099360 2012-11-02] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-06-08] (Intel Corporation)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] - C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [HornetMonitor] - C:\Program Files (x86)\Common Files\Hornet\MntrHrnt.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DATAMNGR] - C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~2.EXE
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\RunOnce: [Launcher] - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-12] (Softthinks)
HKU\S-1-5-21-4087598786-887918800-69336566-1001\...\Run: [] - [X]
HKU\S-1-5-21-4087598786-887918800-69336566-1001\...\Run: [MFP and Storage Server] - C:\Program Files (x86)\TP-LINK\MFP and Storage Server\MFP and Storage Server.exe [2076672 2013-07-12] (深圳市普联技术有限公司)
HKU\S-1-5-21-4087598786-887918800-69336566-1001\...\MountPoints2: {03fdca38-5616-11e3-8963-f04da2b62686} - E:\AutoRun.exe
HKU\S-1-5-21-4087598786-887918800-69336566-1001\...\MountPoints2: {03fdca46-5616-11e3-8963-f04da2b62686} - E:\AutoRun.exe
HKU\S-1-5-21-4087598786-887918800-69336566-1001\...\MountPoints2: {0ebb5545-593a-11e3-97c1-c0cb38bac4ca} - E:\AutoRun.exe
HKU\S-1-5-21-4087598786-887918800-69336566-1001\...\MountPoints2: {236bf111-100b-11e0-a748-00038a000015} - E:\SISetup.exe
HKU\S-1-5-21-4087598786-887918800-69336566-1001\...\MountPoints2: {739d08c7-0014-11e0-ad86-806e6f6e6963} - D:\autorun.exe
AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL => C:\ProgramData\Wincert\win64cert.dll [8704 2013-11-04] ()
AppInit_DLLs:  c:\progra~2\movies~1\datamngr\x64\mgrldr.dll => C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll [23552 2014-02-05] ()
AppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL => C:\ProgramData\Wincert\win32cert.dll [7168 2013-11-04] ()
AppInit_DLLs-x32:  c:\progra~2\movies~1\datamngr\mgrldr.dll => C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll [19968 2014-02-05] ()
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Thomas Pitten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll [486400 2014-02-05] () <===== ATTENTION
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll [658944 2014-02-05] () <===== ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1392803730&from=amt&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&ts=1393410709
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392803730&from=amt&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&ts=1393410709
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&ts=1393410709
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1392803730&from=amt&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392803730&from=amt&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&ts=1393410709
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&ts=1393410709
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1392803730&from=amt&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1392803730&from=amt&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392803730&from=amt&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392803730&from=amt&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=559&systemid=406&v=a11465-115&apn_uid=3530775023254628&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392803730&from=amt&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392803730&from=amt&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=559&systemid=406&v=a11465-115&apn_uid=3530775023254628&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {847A0AF4-87A6-4375-BCB0-31ED5014D6B1} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Plugin for Media Finder - {AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} - C:\Users\Thomas Pitten\AppData\Roaming\Media Finder\Extensions\IEPlugin64.dll No File
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Search-Results Toolbar - {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll No File
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Search-Results Toolbar - {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} -  No File
DPF: HKLM {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM {B1953AD6-C50E-11D3-B020-00A0C9251384} hxxp://www.o2c.de/download/o2cplayer.cab
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{3D6708A6-EEDE-4F35-B2BC-9071B9D506A4}: [NameServer] 
Tcpip\..\Interfaces\{AFE0B683-5104-42AC-BC52-6085E81B88B5}: [NameServer]10.74.210.210 10.74.210.211

Chrome: 
=======
CHR HomePage: hxxp://www.awesomehp.com/?type=hp&ts=1392803730&from=amt&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B
CHR DefaultSearchKeyword: delta-homes
CHR DefaultSearchProvider: delta-homes
CHR DefaultSearchURL: hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&ts=1393410709&type=default&q={searchTerms}
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-29]
CHR Extension: (Google Drive) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-29]
CHR Extension: (YouTube) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-29]
CHR Extension: (Google-Suche) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-29]
CHR Extension: (Lightning Newtab) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2014-02-26]
CHR Extension: (Norton Identity Protection) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-11-29]
CHR Extension: (Google Wallet) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-29]
CHR Extension: (Extended Protection) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-26]
CHR Extension: (Google Mail) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-29]
CHR Extension: (Lightning speedDial) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkndmigholgfjlniaohblojbhgjbkakn [2014-02-19]
CHR HKLM-x32\...\Chrome\Extension: [dednnpigldgdbpgcdpfppmlcnnbjciel] - C:\Users\Thomas Pitten\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx [2014-02-19]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2014-02-26]
CHR HKLM-x32\...\Chrome\Extension: [lpmkgpnbiojfaoklbkpfneikocaobfai] - C:\Users\Thomas Pitten\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx [2014-02-26]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\Exts\Chrome.crx [2014-02-03]
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26]
CHR HKLM-x32\...\Chrome\Extension: [pkndmigholgfjlniaohblojbhgjbkakn] - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-02-19]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=sc&from=wpm0226&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&ts=1393410709

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 DatamngrCoordinator2; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [3450368 2014-02-05] (Bandoo Media Inc.)
R2 HealthAlertsSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [508016 2014-02-19] (Cherished Technololgy LIMITED)
S2 initMonitor; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2011-06-17] ()
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] ()
R2 LoClntService; C:\Program Files\Windows Server\bin\LightsOutClientService.exe [21152 2013-06-19] (AxoNet Software GmbH)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 NotificationsProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 providers_system; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 Re-markit; C:\Program Files (x86)\Re-markit\Re-markit154.exe [181248 2014-02-19] ()
R2 scNKService_S; C:\Windows\SysWOW64\scNKService_s.exe [172032 2007-10-24] ()
R2 ServiceProviderRegistry; C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe [41568 2012-11-02] (Microsoft Corporation)
R2 SqmProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [425104 2014-02-26] (Taiwan Shui Mu Chih Ching Technology Limited.)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5088256 2010-02-03] (Dell Inc.)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [501904 2014-02-26] (Cherished Technololgy LIMITED)
R2 WSS_ComputerBackupProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-02-23] (Symantec Corporation)
R3 EST_BusEnum; C:\Windows\System32\DRIVERS\GenBus.sys [29696 2009-10-06] ( )
R3 hpnuhst; C:\Windows\System32\DRIVERS\hpnuhst.sys [16384 2007-03-27] (Hewlett-Packard Development Company)
R3 HPNUHUB; C:\Windows\System32\DRIVERS\hpnuhub.sys [40448 2007-10-30] (Hewlett-Packard Development Company)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-23] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20140226.001\IDSvia64.sys [521944 2014-02-12] (Symantec Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2011-10-15] (ITE                      )
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-03-06] (Marvell Semiconductor, Inc.)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20140226.024\ENG64.SYS [126040 2014-02-23] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20140226.024\EX64.SYS [2099288 2014-02-23] (Symantec Corporation)
R3 NUServer64; C:\Windows\System32\DRIVERS\NUServer64.sys [254464 2011-10-27] (Elite Silicon Technology Inc.)
R3 NUS_Bus64; C:\Windows\System32\DRIVERS\NUS_Bus64.sys [34816 2011-10-14] (Elite Silicon Technology Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\0604010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\0604010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMDS64.SYS [451192 2011-08-15] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-06-28] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [43640 2011-11-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS [190072 2011-11-16] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS [405624 2011-11-16] (Symantec Corporation)
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 usbser; C:\Windows\SysWOW64\DRIVERS\usbser.sys [24192 2005-02-02] (Microsoft Corporation)
S3 XHASP; c:\windows\SysWOW64\drivers\XHASP.sys [259584 2010-12-20] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-27 14:59 - 2014-02-27 15:00 - 00031746 _____ () C:\Users\Thomas Pitten\Desktop\FRST.txt
2014-02-27 14:59 - 2014-02-27 14:59 - 00000000 ____D () C:\FRST
2014-02-27 14:58 - 2014-02-27 14:58 - 02155520 _____ (Farbar) C:\Users\Thomas Pitten\Desktop\FRST64.exe
2014-02-27 14:56 - 2014-02-27 14:56 - 00000488 _____ () C:\Users\Thomas Pitten\Desktop\defogger_disable.log
2014-02-27 14:56 - 2014-02-27 14:56 - 00000000 _____ () C:\Users\Thomas Pitten\defogger_reenable
2014-02-27 14:55 - 2014-02-27 14:55 - 00050477 _____ () C:\Users\Thomas Pitten\Desktop\Defogger.exe
2014-02-27 09:07 - 2014-02-27 09:07 - 00116220 _____ () C:\Users\Thomas Pitten\Desktop\Extras.Txt
2014-02-27 09:03 - 2014-02-27 09:03 - 00219938 _____ () C:\Users\Thomas Pitten\Desktop\OTL.Txt
2014-02-26 18:09 - 2014-02-26 18:09 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-02-26 11:34 - 2014-02-27 06:59 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2014-02-26 11:34 - 2014-02-26 11:34 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\WinZipper
2014-02-26 07:36 - 2014-01-09 03:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-26 07:36 - 2014-01-03 23:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-23 21:56 - 2014-02-23 21:56 - 00602112 _____ (OldTimer Tools) C:\Users\Thomas Pitten\Desktop\OTL.exe
2014-02-23 13:08 - 2014-02-23 13:08 - 00000000 ____D () C:\N360_BACKUP
2014-02-23 12:48 - 2014-02-23 12:48 - 00002088 _____ () C:\Users\Public\Desktop\mylife SiDiary.lnk
2014-02-22 21:33 - 2014-02-24 23:04 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\MFP and Storage Server
2014-02-22 21:24 - 2014-02-22 21:25 - 00275576 _____ () C:\Windows\Minidump\022214-198183-01.dmp
2014-02-22 20:51 - 2014-02-22 20:51 - 00002791 _____ () C:\Users\Public\Desktop\Launch MFP and Storage Server.exe.lnk
2014-02-22 20:51 - 2014-02-22 20:51 - 00000000 ____D () C:\Program Files (x86)\TP-LINK
2014-02-19 20:57 - 2014-02-19 20:57 - 00000000 ____D () C:\ProgramData\kinoma
2014-02-19 20:15 - 2014-02-19 20:15 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\kinoma
2014-02-19 20:14 - 2014-02-19 20:14 - 00002027 _____ () C:\Users\Public\Desktop\Reader for PC.lnk
2014-02-19 20:14 - 2014-02-19 20:14 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\Sony Corporation
2014-02-19 20:14 - 2014-02-19 20:14 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-02-19 20:10 - 2014-02-19 20:10 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\Sony Corporation
2014-02-19 20:10 - 2014-02-19 20:10 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-02-19 19:35 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-02-19 19:35 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-02-19 19:35 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-02-19 19:35 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-02-19 19:35 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-02-19 19:35 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-02-19 19:35 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-02-19 19:35 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-02-19 19:35 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-02-19 19:35 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-02-19 19:35 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-02-19 19:35 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-02-19 19:35 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-02-19 19:35 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-02-19 19:35 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-02-19 19:35 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-02-19 19:32 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-02-19 19:32 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-02-19 16:20 - 2014-02-19 16:20 - 00003322 _____ () C:\Windows\System32\Tasks\{F6226160-7453-40E2-B70F-1513B03F594E}
2014-02-19 10:58 - 2014-02-19 10:58 - 00000000 ____D () C:\ProgramData\IePluginService
2014-02-19 10:57 - 2014-02-26 11:31 - 00000000 ____D () C:\ProgramData\WPM
2014-02-19 10:57 - 2014-02-19 10:58 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-02-19 10:57 - 2014-02-19 10:57 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\SupTab
2014-02-19 10:57 - 2014-02-19 10:57 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\awesomehp
2014-02-19 10:55 - 2014-02-21 12:46 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\newnext.me
2014-02-19 10:55 - 2014-02-19 15:46 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\Mobogenie
2014-02-19 10:55 - 2014-02-19 10:56 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\cache
2014-02-19 10:55 - 2014-02-19 10:55 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\genienext
2014-02-19 10:55 - 2014-02-19 10:55 - 00000000 ____D () C:\Users\Thomas Pitten\.android
2014-02-19 10:55 - 2014-02-19 10:55 - 00000000 _____ () C:\Users\Thomas Pitten\daemonprocess.txt
2014-02-19 10:53 - 2014-02-27 10:54 - 00000386 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-02-19 10:53 - 2014-02-27 10:43 - 00000400 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-02-19 10:53 - 2014-02-19 16:20 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\Lollipop
2014-02-19 10:53 - 2014-02-19 10:53 - 00003064 _____ () C:\Windows\System32\Tasks\Re-markit Update
2014-02-19 10:53 - 2014-02-19 10:53 - 00002990 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-02-19 10:53 - 2014-02-19 10:53 - 00000000 ____D () C:\Program Files (x86)\Re-markit
2014-02-15 18:56 - 2014-02-27 15:00 - 00000000 ____D () C:\ProgramData\Datamngr
2014-02-14 00:52 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 00:52 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 13:03 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 13:03 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 13:03 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 13:03 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 13:03 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 13:03 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 13:03 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 13:03 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 13:03 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 13:03 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 13:03 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 13:03 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 13:03 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 13:03 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 13:03 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 13:03 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 13:03 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 13:03 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 13:03 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 13:03 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 13:03 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 13:03 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 13:03 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 13:03 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 13:03 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 13:03 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 13:03 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 13:03 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 13:03 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 13:03 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 13:03 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 13:03 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 13:03 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 13:03 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 13:03 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 13:03 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 13:03 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 13:03 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 13:03 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 09:04 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 09:04 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 09:04 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 09:04 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 09:04 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 09:04 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 09:04 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 09:04 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 09:04 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 09:04 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 09:04 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 09:04 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 09:04 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 09:04 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 09:04 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 09:04 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 09:04 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 09:04 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 09:04 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 09:04 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 09:04 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 09:04 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 09:04 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 09:04 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 09:04 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 09:04 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 09:04 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 09:04 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-13 08:38 - 2014-02-13 08:39 - 00272568 _____ () C:\Windows\Minidump\021314-105191-01.dmp
2014-02-01 13:26 - 2014-02-01 14:08 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\SiDiary
2014-02-01 13:23 - 2014-02-01 13:23 - 00000000 ____D () C:\Program Files (x86)\SINOVO
2014-01-30 21:51 - 2014-01-30 21:52 - 00392412 _____ () C:\Users\Thomas Pitten\Documents\613095-in-01-ml-Klingeltoene.zip
2014-01-30 20:55 - 2014-02-27 07:00 - 00000000 ____D () C:\ProgramData\LightsOut
2014-01-30 17:36 - 2014-01-30 19:34 - 00000000 ____D () C:\Users\Thomas Pitten\Documents\Nachtspeicher

==================== One Month Modified Files and Folders =======

2014-02-27 15:00 - 2014-02-27 14:59 - 00031746 _____ () C:\Users\Thomas Pitten\Desktop\FRST.txt
2014-02-27 15:00 - 2014-02-15 18:56 - 00000000 ____D () C:\ProgramData\Datamngr
2014-02-27 14:59 - 2014-02-27 14:59 - 00000000 ____D () C:\FRST
2014-02-27 14:58 - 2014-02-27 14:58 - 02155520 _____ (Farbar) C:\Users\Thomas Pitten\Desktop\FRST64.exe
2014-02-27 14:56 - 2014-02-27 14:56 - 00000488 _____ () C:\Users\Thomas Pitten\Desktop\defogger_disable.log
2014-02-27 14:56 - 2014-02-27 14:56 - 00000000 _____ () C:\Users\Thomas Pitten\defogger_reenable
2014-02-27 14:56 - 2010-12-14 18:45 - 00000000 ____D () C:\Users\Thomas Pitten
2014-02-27 14:55 - 2014-02-27 14:55 - 00050477 _____ () C:\Users\Thomas Pitten\Desktop\Defogger.exe
2014-02-27 14:55 - 2010-12-05 02:27 - 01245649 _____ () C:\Windows\WindowsUpdate.log
2014-02-27 14:26 - 2012-08-19 20:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-27 14:20 - 2011-01-01 17:11 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-27 13:47 - 2009-07-14 03:34 - 00000915 _____ () C:\Windows\win.ini
2014-02-27 10:54 - 2014-02-19 10:53 - 00000386 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-02-27 10:43 - 2014-02-19 10:53 - 00000400 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-02-27 09:07 - 2014-02-27 09:07 - 00116220 _____ () C:\Users\Thomas Pitten\Desktop\Extras.Txt
2014-02-27 09:03 - 2014-02-27 09:03 - 00219938 _____ () C:\Users\Thomas Pitten\Desktop\OTL.Txt
2014-02-27 07:13 - 2009-07-14 05:45 - 00013664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-27 07:13 - 2009-07-14 05:45 - 00013664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-27 07:09 - 2011-01-05 17:02 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\CrashDumps
2014-02-27 07:04 - 2013-01-13 11:53 - 00080115 _____ () C:\Windows\SysWOW64\scNKService_s.log
2014-02-27 07:01 - 2010-12-14 18:50 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\SoftThinks
2014-02-27 07:00 - 2014-01-30 20:55 - 00000000 ____D () C:\ProgramData\LightsOut
2014-02-27 07:00 - 2011-01-01 17:11 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-27 06:59 - 2014-02-26 11:34 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2014-02-27 06:59 - 2011-01-28 16:00 - 00000098 _____ () C:\monitor.log
2014-02-27 06:59 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-27 06:58 - 2009-07-14 05:51 - 03086704 _____ () C:\Windows\setupact.log
2014-02-26 18:09 - 2014-02-26 18:09 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-02-26 11:34 - 2014-02-26 11:34 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\WinZipper
2014-02-26 11:34 - 2011-02-19 22:03 - 00421008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2014-02-26 11:34 - 2011-02-18 23:40 - 00773776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2014-02-26 11:31 - 2014-02-19 10:57 - 00000000 ____D () C:\ProgramData\WPM
2014-02-26 09:37 - 2011-11-16 12:10 - 00000000 ____D () C:\Users\Thomas Pitten\Documents\Astrid
2014-02-24 23:04 - 2014-02-22 21:33 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\MFP and Storage Server
2014-02-24 08:59 - 2011-06-22 14:35 - 00000000 ____D () C:\Users\Thomas Pitten\Documents\Neuer Scan
2014-02-23 21:56 - 2014-02-23 21:56 - 00602112 _____ (OldTimer Tools) C:\Users\Thomas Pitten\Desktop\OTL.exe
2014-02-23 20:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-23 16:09 - 2010-12-05 04:15 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-02-23 16:09 - 2010-12-05 04:15 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-02-23 16:09 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-23 13:08 - 2014-02-23 13:08 - 00000000 ____D () C:\N360_BACKUP
2014-02-23 12:48 - 2014-02-23 12:48 - 00002088 _____ () C:\Users\Public\Desktop\mylife SiDiary.lnk
2014-02-22 21:25 - 2014-02-22 21:24 - 00275576 _____ () C:\Windows\Minidump\022214-198183-01.dmp
2014-02-22 21:24 - 2011-08-17 15:28 - 00000000 ____D () C:\Windows\Minidump
2014-02-22 21:24 - 2011-08-17 15:27 - 456063990 _____ () C:\Windows\MEMORY.DMP
2014-02-22 20:51 - 2014-02-22 20:51 - 00002791 _____ () C:\Users\Public\Desktop\Launch MFP and Storage Server.exe.lnk
2014-02-22 20:51 - 2014-02-22 20:51 - 00000000 ____D () C:\Program Files (x86)\TP-LINK
2014-02-22 20:51 - 2010-12-05 03:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-22 15:00 - 2010-12-05 03:27 - 00494082 _____ () C:\Windows\PFRO.log
2014-02-22 11:49 - 2010-12-05 03:34 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-02-21 22:57 - 2010-12-16 16:43 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\Skype
2014-02-21 12:46 - 2014-02-19 10:55 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\newnext.me
2014-02-21 09:27 - 2013-11-29 22:23 - 00002325 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-20 21:32 - 2012-08-19 20:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 21:32 - 2012-04-01 20:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-20 21:32 - 2011-06-11 12:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-19 21:43 - 2009-07-14 05:45 - 00420608 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-19 20:57 - 2014-02-19 20:57 - 00000000 ____D () C:\ProgramData\kinoma
2014-02-19 20:25 - 2013-08-27 23:17 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\LumacDaemon
2014-02-19 20:25 - 2010-12-14 18:45 - 00111496 _____ () C:\Users\Thomas Pitten\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-19 20:15 - 2014-02-19 20:15 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\kinoma
2014-02-19 20:14 - 2014-02-19 20:14 - 00002027 _____ () C:\Users\Public\Desktop\Reader for PC.lnk
2014-02-19 20:14 - 2014-02-19 20:14 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\Sony Corporation
2014-02-19 20:14 - 2014-02-19 20:14 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-02-19 20:10 - 2014-02-19 20:10 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\Sony Corporation
2014-02-19 20:10 - 2014-02-19 20:10 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-02-19 19:35 - 2010-12-05 03:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-19 19:35 - 2010-12-05 03:28 - 00000000 ____D () C:\ProgramData\Skype
2014-02-19 16:20 - 2014-02-19 16:20 - 00003322 _____ () C:\Windows\System32\Tasks\{F6226160-7453-40E2-B70F-1513B03F594E}
2014-02-19 16:20 - 2014-02-19 10:53 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\Lollipop
2014-02-19 15:46 - 2014-02-19 10:55 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\Mobogenie
2014-02-19 10:58 - 2014-02-19 10:58 - 00000000 ____D () C:\ProgramData\IePluginService
2014-02-19 10:58 - 2014-02-19 10:57 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-02-19 10:57 - 2014-02-19 10:57 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\SupTab
2014-02-19 10:57 - 2014-02-19 10:57 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\awesomehp
2014-02-19 10:57 - 2010-12-20 23:35 - 00001585 _____ () C:\Users\Thomas Pitten\Desktop\Internet Explorer.lnk
2014-02-19 10:57 - 2010-12-14 18:51 - 00001619 _____ () C:\Users\Thomas Pitten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-19 10:56 - 2014-02-19 10:55 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\cache
2014-02-19 10:55 - 2014-02-19 10:55 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\genienext
2014-02-19 10:55 - 2014-02-19 10:55 - 00000000 ____D () C:\Users\Thomas Pitten\.android
2014-02-19 10:55 - 2014-02-19 10:55 - 00000000 _____ () C:\Users\Thomas Pitten\daemonprocess.txt
2014-02-19 10:53 - 2014-02-19 10:53 - 00003064 _____ () C:\Windows\System32\Tasks\Re-markit Update
2014-02-19 10:53 - 2014-02-19 10:53 - 00002990 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-02-19 10:53 - 2014-02-19 10:53 - 00000000 ____D () C:\Program Files (x86)\Re-markit
2014-02-18 23:13 - 2013-08-16 13:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-18 23:00 - 2010-12-17 20:50 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-18 19:38 - 2012-02-24 05:26 - 00000000 ____D () C:\Users\Thomas Pitten\Documents\Bau Dokumente
2014-02-15 18:57 - 2012-12-30 21:53 - 00000000 ____D () C:\ProgramData\Wincert
2014-02-13 19:15 - 2011-01-01 17:11 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-13 19:15 - 2011-01-01 17:11 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-13 15:13 - 2013-01-13 11:55 - 00000000 ____D () C:\Program Files (x86)\HP Wireless Printer Adapter
2014-02-13 15:13 - 2012-10-20 19:52 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\mylife diabass pdmprint
2014-02-13 15:13 - 2011-12-31 13:00 - 00000000 ____D () C:\ProgramData\Netzmanager
2014-02-13 15:13 - 2010-12-21 10:40 - 00000000 ____D () C:\ProgramData\Norton
2014-02-13 15:13 - 2010-12-05 02:50 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-02-13 15:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-13 15:10 - 2013-11-26 21:57 - 00000000 ____D () C:\Program Files (x86)\T-Mobile
2014-02-13 13:39 - 2010-12-30 18:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-13 13:24 - 2010-12-21 12:56 - 01594964 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-13 08:39 - 2014-02-13 08:38 - 00272568 _____ () C:\Windows\Minidump\021314-105191-01.dmp
2014-02-06 13:16 - 2014-02-13 13:03 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-13 13:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-13 13:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-13 13:03 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-13 13:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-13 13:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-13 13:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-13 13:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-13 13:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-13 13:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-13 13:03 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-13 13:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-13 13:03 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-13 13:03 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-13 13:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-13 13:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-13 13:03 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-13 13:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-13 13:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 13:03 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-13 13:03 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-13 13:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 13:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-13 13:03 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-13 13:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-13 13:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-13 13:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-13 13:03 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-13 13:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-13 13:03 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-13 13:03 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-13 13:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 13:03 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 13:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-13 13:03 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-13 13:03 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-13 13:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-13 13:03 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-13 13:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 12:49 - 2014-01-08 22:58 - 00000000 ____D () C:\Users\Thomas Pitten\Documents\FaSi
2014-02-01 14:08 - 2014-02-01 13:26 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\SiDiary
2014-02-01 13:23 - 2014-02-01 13:23 - 00000000 ____D () C:\Program Files (x86)\SINOVO
2014-02-01 13:20 - 2010-12-16 17:54 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-02-01 13:05 - 2009-03-18 13:05 - 00000000 ____D () C:\Users\Thomas Pitten\Documents\Diabetes
2014-01-30 21:52 - 2014-01-30 21:51 - 00392412 _____ () C:\Users\Thomas Pitten\Documents\613095-in-01-ml-Klingeltoene.zip
2014-01-30 19:34 - 2014-01-30 17:36 - 00000000 ____D () C:\Users\Thomas Pitten\Documents\Nachtspeicher
2014-01-29 23:03 - 2010-10-28 16:39 - 00020480 ___SH () C:\Users\Thomas Pitten\Documents\Thumbs.db
2014-01-28 21:48 - 2006-11-13 18:54 - 00000000 ____D () C:\Users\Thomas Pitten\Documents\PDF-Files

Files to move or delete:
====================
C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll
C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll


Some content of TEMP:
====================
C:\Users\Thomas Pitten\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Thomas Pitten\AppData\Local\Temp\_is9F0C.exe
C:\Users\Thomas Pitten\AppData\Local\Temp\_isF4.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-01-16 21:25

==================== End Of Log ============================

--- --- ---

ThomasPitten · 27.02.2014, 16:03

Hallo, hier die Addition.txt.

Gruß, Thomas

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-02-2014 02
Ran by Thomas Pitten at 2014-02-27 15:01:49
Running from C:\Users\Thomas Pitten\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton 360 Online (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Online (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 Online (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 10 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX 64) (Version: 10.3.162.28 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
AIO_CDB_ProductContext (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
AMD APP SDK Runtime (Version: 2.5.709.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{8D0A0350-B509-B362-4827-63E4C6520E7B}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
AMD Media Foundation Decoders (Version: 1.0.60728.1742 - Advanced Micro Devices, Inc.) Hidden
AOL Deinstallation (HKLM-x32\...\AOL Deinstallation) (Version:  - )
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{74292F90-895A-4FC6-A692-9641532B1B63}) (Version: 3.5.28.322 - ArcSoft)
ATI AVIVO64 Codecs (Version: 11.6.0.50601 - ATI Technologies Inc.) Hidden
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2011.0728.1756.30366 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0728.1756.30366 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0728.1756.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.0728.1756.30366 - Advanced Micro Devices, Inc.) Hidden
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3823EC5A-1CA4-42CA-9D5B-F94ABD65410D}) (Version:  - Microsoft)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version:  - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.47 - Dell)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Driver Download Manager (HKCU\...\bd4d3a0508d364f5) (Version: 3.0.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
Dell Support Center (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Digital Photo Navigator 1.5 (HKLM-x32\...\{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}) (Version:  - )
DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.35 - Dell Inc.)
EPLAN Electric P8 1.9.5 (HKLM-x32\...\{E10A62BA-FDE9-409A-8CB4-3FFA0951228F}) (Version: 1.9.5.3231 - EPLAN Software & Service)
EPLAN License (HKLM-x32\...\{0100BD88-3990-431F-9175-AB60E31AFFDE}) (Version: 9.1.3 - EPLAN Software & Service)
Everio MediaBrowser (HKLM-x32\...\{5CA03ECF-B4A6-464B-9F5D-64D8B61B083F}) (Version: 1.00.013 - PIXELA)
eXplorist-Assistent (HKLM-x32\...\{92A40DC2-0ECD-4602-A79E-1DC53545C6EE}) (Version:  - )
F2400 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 82.0.188.000 - Hewlett-Packard) Hidden
FileZilla Client 3.5.3 (HKLM-x32\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
Free Audio Converter version 5.0.2.1125 (HKLM-x32\...\Free Audio Converter_is1) (Version:  - DVDVideoSoft Ltd.)
Free Studio version 5.3.1 (HKLM-x32\...\Free Studio_is1) (Version:  - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.9.40.602 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version:  - DVDVideoSoft Limited.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Hardlock Gerätetreiber (HKLM-x32\...\Hardlock Gerätetreiber) (Version:  - )
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version:  - )
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (HKLM\...\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}) (Version: 8.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HP Wireless Printer Adapter (HKLM-x32\...\{991C5595-5151-4D70-B6CC-90633AC69076}) (Version: 1.00.2000 - HP)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (x32 Version: 1.0.0.1 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HydraVision (x32 Version: 4.2.210.0 - Advanced Micro Devices, Inc.) Hidden
IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
iLivid (HKLM-x32\...\iLivid) (Version: 4.0.0.2901 - Bandoo Media Inc) <==== ATTENTION
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.4.1002 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.68.55 - Huawei Technologies Co.,Ltd)
Java 7 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417013FF}) (Version: 7.0.130 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416021FF}) (Version: 6.0.210 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
Lights-Out Client x64 (HKLM\...\{DA0D6B4B-EED6-4EE8-9ECF-0F7D83F5E0CE}) (Version: 1.5.4.2055 - AxoNet Software GmbH)
Lumac (HKLM-x32\...\InstallShield_{5DE11949-2B11-4F13-BAD5-1C237122CFDB}) (Version: 1.1.92.0 - Firstload)
Lumac (x32 Version: 1.1.92.0 - Firstload) Hidden
Magellan Communicator (HKLM-x32\...\InstallShield_{0FD5FD0B-4BA6-47A1-99C3-F8A964C3CCA5}) (Version: 1.08.011 - Magellan Navigation, Inc.)
Magellan Communicator (x32 Version: 1.08.011 - Magellan Navigation, Inc.) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Media Finder 1.0.9.27 (HKLM-x32\...\{6DA399FC-350F-41AC-8CA6-B9F8496753BE}_is1) (Version: 1.0.9.27 - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MFP and Storage Server (HKLM-x32\...\InstallShield_{3BE2E558-7264-44F0-8CD3-8281E02669F8}) (Version: 0.11.1027.0053 - TP-LINK)
MFP and Storage Server (Version: 0.11.1027.0053 - TP-LINK) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Default Manager (x32 Version: 2.2.114.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MVHShellExtension (HKLM\...\{48EE93F1-6CE8-4DC3-9EBB-71D860F09CEE}) (Version: 1.0.0 - MyVirtualHome)
mylife DIABASS (HKLM-x32\...\mylife DIABASS) (Version: 0 (Build 12.6.0.1) - mediaspects GmbH)
mylife SiDiary6 (HKLM-x32\...\{73C96D3B-F9D2-4A0C-81F7-FBED6C75CE77}) (Version: 6.0 - SINOVO Ltd. & Co. KG)
Nero 6 Demo (HKLM-x32\...\Nero - Burning Rom!UninstallKey) (Version:  - )
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 6.4.1.14 - Symantec Corporation)
o2c Player (HKLM-x32\...\o2c Player) (Version: 2.0.0.63 - ELECO Software GmbH)
Parrot Software Update Tool (HKLM-x32\...\Parrot Flash Update Wizard) (Version:  - )
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF24 Creator 5.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.5.0 - Dell Inc.)
RawPacketDriver (HKLM\...\{7E5BEF96-0293-442B-B344-62902D302522}) (Version: 5.5.1805 - PCAUSA)
Reader for PC (HKLM-x32\...\{71FB3127-E6B2-4058-ACEE-99813554FAB6}) (Version: 2.2.00.11270 - Sony Corporation)
Re-markit (HKLM-x32\...\2b35b537-7715-4a92-a2b5-d3a6ee41d39f) (Version:  - Re-markit Software) <==== ATTENTION
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
Roxio Burn (x32 Version: 1.01 - Roxio) Hidden
RWE Bau-Handbuch (HKLM-x32\...\RWE Bau-Handbuch) (Version:  - )
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Search-Results Toolbar (HKLM-x32\...\ilividtoolbarguid) (Version: 1.0.0.12 - APN LLC) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.0.1 - Synaptics Incorporated)
T-Online 6.0 (HKLM-x32\...\{B1275E23-717A-4D52-997A-1AD1E24BC7F3}) (Version:  - )
T-Online WLAN-Access Finder (HKLM-x32\...\{295C31E5-3F91-498E-9623-DA24D2FA2B6A}) (Version:  - )
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{59446CD0-D49A-4154-BDD5-59CB3B6F89AC}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FF62F7C1-9491-457C-BBAE-DBC6FD1DB968}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FF62F7C1-9491-457C-BBAE-DBC6FD1DB968}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{64D96F30-CF4C-4CCE-AAF2-F8909348BF35}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{BA61259D-63F0-4177-A0E1-E4064EC2B470}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BEA3259E-14B5-4D89-87FF-ED9F1D0D81C8}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{BE1D254A-E5CD-4E76-9BE8-7B2E5FDBA6AF}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DF33B92A-5381-4F03-AB54-2D67086B357E}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A82E26EF-680E-427D-B7D0-FD7997DDC217}) (Version:  - Microsoft)
USB to Serial Bridge Controller (x32 Version: 1.30.232.01 - Alcor Micro) Hidden
Viewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version:  - )
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1100 - Broadcom Corporation)
WildTangent-Spiele (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (03/24/2010 6.3.0.2501) (HKLM\...\AF09E130E2FD4D1BEFD1B9132AE624BAE0364719) (Version: 03/24/2010 6.3.0.2501 - Broadcom Corporation)
Windows Home Server 2011 Connector (HKLM\...\{C1E4D639-4A33-4314-809E-89BD0EF48522}) (Version: 6.1.8800.16400 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.29 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION

==================== Restore Points  =========================

20-02-2014 08:50:38 Windows Update
22-02-2014 19:50:20 Installiert MFP and Storage Server
23-02-2014 11:45:25 mylife SiDiary6 wird installiert
23-02-2014 21:41:25 OTL Restore Point - 23.02.2014 22:41:13
24-02-2014 09:26:12 OTL Restore Point - 24.02.2014 10:26:10
26-02-2014 07:49:46 Windows Update
27-02-2014 07:07:48 OTL Restore Point - 27.02.2014 08:07:43

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {09065D68-27AA-44BB-BBF0-11A1510A5059} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {16BC5F09-FB50-46E4-A79F-A73688EED7E3} - System32\Tasks\{6546E772-1C51-4B0F-952B-5A0D7CE13B9A} => C:\Program Files (x86)\Google\Google Earth\GoogleEarth.exe
Task: {1C906BC4-7420-412C-A656-C657250E5705} - System32\Tasks\{28520CE6-4925-4117-9D65-F66A56BEF929} => C:\Program Files (x86)\MyVirtualHome\MVHLauncher.exe
Task: {1C986609-5A34-441F-81AB-A8E47FF5AA21} - System32\Tasks\Microsoft\Windows\Windows Server\UploadCEIPData => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-11-02] (Microsoft Corporation)
Task: {21270056-909B-4D52-9328-C5BAED117DCC} - System32\Tasks\{E927E863-7E06-46F9-95CB-9094947C98BB} => C:\Program Files (x86)\MyVirtualHome\MVHLauncher.exe
Task: {24F6019E-01E6-44FB-8DC3-020DAFA8F05C} - System32\Tasks\{5CD7C483-6B82-4C54-91A7-CEB57A0BBB14} => C:\Program Files (x86)\T-Online\T-Online_Software_6\eMail\Mail.exe [2012-06-27] (Deutsche Telekom AG, www.t-online.de)
Task: {2985B7C8-6879-4CD6-A11E-0DC04192E71F} - System32\Tasks\{38515F5F-2491-487B-9CA1-527D7BF493EC} => C:\Program Files (x86)\IKEA HomePlanner\IKEA Home Planner.exe
Task: {2BE4EC8A-878A-4DCE-8E6A-507C333510A8} - System32\Tasks\irMonitor => C:\Windows\system32\IRMonitor.exe [2011-10-15] (ITE Tech. Inc.)
Task: {2C9154D1-9EB7-4DAC-92C2-436D37F55F63} - System32\Tasks\{28DAF1C4-B902-4063-B305-30D17B3F54D6} => C:\Program Files (x86)\Google\Google Earth\GoogleEarth.exe
Task: {323E0178-C418-4E30-BA75-4E1AC3A599E9} - System32\Tasks\{43F3EF2E-C631-4B1C-85A5-F807151FD54E} => C:\Program Files (x86)\AOL 9.0 VR\aol.exe [2007-06-21] (AOL, LLC.)
Task: {3FDA5DB2-8106-461E-BE93-163EBEEDC3D6} - System32\Tasks\Re-markit Update => C:\Program Files (x86)\Re-markit\ReMarkit_up.exe [2014-02-19] () <==== ATTENTION
Task: {4118FC86-BACA-4731-9865-F3E4E259708F} - System32\Tasks\Microsoft\Windows\Windows Server\Backup => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-11-02] (Microsoft Corporation)
Task: {4CDDDC45-3EC9-4A19-A7C2-4EC61A45A3CE} - System32\Tasks\{03FDF71B-FA5F-4147-BC91-6802A94209C2} => C:\Program Files (x86)\AOL 9.0 VR\aol.exe [2007-06-21] (AOL, LLC.)
Task: {5169D866-14E0-43BC-A45D-A671DA639B93} - System32\Tasks\Microsoft\Windows\Windows Server\RenewClientCertificate => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-11-02] (Microsoft Corporation)
Task: {528F91B2-1D73-42EB-9854-490884D604C6} - System32\Tasks\{3E57FA26-A0B7-47BB-B9D1-1D5474C9E4AF} => C:\Program Files (x86)\AOL 9.0 VR\aol.exe [2007-06-21] (AOL, LLC.)
Task: {5657EE9C-A829-4FC5-8DA5-5F39C9D87518} - System32\Tasks\{CC8FC6F9-12BC-422E-A8EB-35924FEFC9F9} => C:\Program Files (x86)\Google\Google Earth\GoogleEarth.exe
Task: {5E92D5D6-265B-4A84-8669-397C312F6F73} - System32\Tasks\{9CD042EF-AC04-4FD2-87C9-7106267F1A9E} => C:\Program Files (x86)\AOL 9.0 VR\aol.exe [2007-06-21] (AOL, LLC.)
Task: {61754230-3282-4081-B581-5A0989FDE421} - System32\Tasks\{A763FE36-34C0-4725-BF0B-3261A47C3AE6} => C:\Program Files (x86)\AOL 9.0 VR\aol.exe [2007-06-21] (AOL, LLC.)
Task: {62C0D856-4534-4BAB-A191-20CAFFB5DFEC} - System32\Tasks\{3D28E2B6-F521-4B07-BB0F-95E226C8F656} => C:\Program Files (x86)\MyVirtualHome\MVHLauncher.exe
Task: {6D804FD0-EDBD-479A-8C41-A6FAE64545A9} - System32\Tasks\{7F56B46E-FA08-42C7-8DDF-8073768507C4} => C:\Program Files (x86)\T-Online\T-Online_Software_6\eMail\Mail.exe [2012-06-27] (Deutsche Telekom AG, www.t-online.de)
Task: {71448443-7E0F-4FEA-827A-2D34FCB44F20} - System32\Tasks\{86631F82-DC3F-4E2D-8897-7E7E78F4649C} => C:\Program Files (x86)\MyVirtualHome\MVHLauncher.exe
Task: {77239233-12AA-447D-87F8-94C555B03665} - System32\Tasks\{96CEF4CC-234D-473E-ACED-A2DA1DB4B6C1} => C:\Program Files (x86)\MyVirtualHome\MVHLauncher.exe
Task: {782A2237-A25B-4596-A5A3-6C3A3A1C1CE0} - System32\Tasks\{64754FBF-50AC-470B-90EF-60F1539C07B0} => C:\Program Files (x86)\IKEA HomePlanner\IKEA Home Planner.exe
Task: {7B59955D-A387-4643-8898-7503944436AA} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation)
Task: {7BB77EB0-53A1-436C-B159-07E9C0BE9A4A} - System32\Tasks\{8DEA0E7B-7168-4591-A54F-D493792CEE49} => C:\Program Files (x86)\AOL 9.0 VR\aol.exe [2007-06-21] (AOL, LLC.)
Task: {826413DB-FB32-4360-8028-B7B248E4FA50} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {8B24AB1B-BB8D-488A-9C05-FD61E16C2D75} - System32\Tasks\Microsoft\Windows\Windows Server\Alert Evaluations => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-11-02] (Microsoft Corporation)
Task: {8F3824AC-1B97-4A4B-96E7-D975725FB7EB} - System32\Tasks\Microsoft\Windows\Windows Server\SaveCEIPData => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-11-02] (Microsoft Corporation)
Task: {95BFCDC2-19D2-4EAC-AA1C-06F08D8A0507} - System32\Tasks\Microsoft\Windows\Windows Server\InstallAddIns => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-11-02] (Microsoft Corporation)
Task: {A433F4AE-EA87-4FD8-AA61-637A8D16AC38} - System32\Tasks\{97FB70A3-F13C-41F9-9977-5BC5215239B8} => C:\Program Files (x86)\IKEA HomePlanner\IKEA Home Planner.exe
Task: {A47ECB18-A93F-43C1-8444-CFB6D01B3393} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-01] (Google Inc.)
Task: {AC9FFCC2-18EC-46B7-9880-CD4BE65D190F} - System32\Tasks\{6149BF0C-55C2-45CC-AFA6-5370A4ECA1C4} => C:\Program Files (x86)\AOL 9.0 VR\aol.exe [2007-06-21] (AOL, LLC.)
Task: {B6D2B78E-F4BD-4FFB-AE43-F9603E949A28} - System32\Tasks\{B6B57230-DB50-40AE-B278-E7ADE64B5996} => C:\Program Files (x86)\AOL 9.0 VR\aol.exe [2007-06-21] (AOL, LLC.)
Task: {B81F3B16-5707-4192-9BB1-C191B0E56D7D} - System32\Tasks\Microsoft\Windows\Windows Server\Health Definition Updates => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-11-02] (Microsoft Corporation)
Task: {BD5F991A-5575-4700-8284-D5CE18F08232} - System32\Tasks\Microsoft\Windows\Windows Server\Backup_On_Idle => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-11-02] (Microsoft Corporation)
Task: {BD69CDD8-2F33-43E4-831C-757B6E1A7877} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-01] (Google Inc.)
Task: {BF6104B7-AEA0-407B-AC2F-3401C9F19478} - System32\Tasks\{2D327179-9694-4417-B6C7-31A6F6D875BF} => C:\Program Files (x86)\T-Online\T-Online_Software_6\eMail\Mail.exe [2012-06-27] (Deutsche Telekom AG, www.t-online.de)
Task: {C2C42D63-E3F5-455D-95F3-DBD19708D366} - System32\Tasks\Re-markit_wd => C:\Program Files (x86)\Re-markit\Re-markit_wd.exe [2014-02-19] () <==== ATTENTION
Task: {C622B6F7-3779-436F-8423-E46B5F55CB46} - System32\Tasks\{2E855015-D53D-46F2-ABF8-2C5EE4A3386A} => C:\Program Files (x86)\AOL 9.0 VR\aol.exe [2007-06-21] (AOL, LLC.)
Task: {C8BB0C7B-AEEC-4AD8-B763-1340E9B1E9EB} - System32\Tasks\{49051792-9E3F-42C2-A9BB-D202F9BD9806} => C:\Program Files (x86)\MyVirtualHome\MVHLauncher.exe
Task: {D596EEC5-DE6E-4CCB-B0F8-CA968EAE688B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated)
Task: {E7887F93-E0E0-410D-95BA-4C68BD4F1B4E} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {E8C54EA8-8B1B-46F1-9E01-CC5497D5D599} - System32\Tasks\{1B4359AF-68A7-4DF4-ABAC-D1F8FDBFCED1} => C:\Users\Thomas Pitten\AppData\Local\Temp\IKEA Küchenplaner-Installer.exe <==== ATTENTION
Task: {EE5210BA-540C-4314-8FE2-86F438D4494A} - System32\Tasks\{48D32040-120B-4806-968A-AA45B52C71CA} => C:\Program Files (x86)\T-Online\T-Online_Software_6\eMail\Mail.exe [2012-06-27] (Deutsche Telekom AG, www.t-online.de)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit\ReMarkit_up.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit\Re-markit_wd.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-02-15 18:57 - 2014-02-05 18:36 - 00658944 _____ () C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll
2014-01-06 20:22 - 2012-08-31 15:03 - 00288768 _____ () C:\Windows\System32\HP1100LM.DLL
2010-12-25 10:50 - 2012-08-31 15:02 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2010-12-25 10:48 - 2012-08-31 15:03 - 03034112 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\hp1100su.dll
2010-12-25 10:48 - 2012-08-31 15:02 - 01038336 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HP1100GC.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-02-19 10:53 - 2014-02-19 10:53 - 00093184 _____ () C:\Program Files (x86)\Re-markit\Re-markit_wd.exe
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2013-11-26 21:59 - 2011-06-17 12:04 - 00224096 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2010-10-19 08:31 - 2010-10-19 08:31 - 00205312 _____ () C:\Program Files\Netzmanager\NMInfraIS2\driver64\SoftplugLib.DLL
2014-02-19 10:53 - 2014-02-19 10:53 - 00181248 _____ () C:\Program Files (x86)\Re-markit\Re-markit154.exe
2007-10-24 20:06 - 2007-10-24 20:06 - 00172032 _____ () C:\Windows\SysWOW64\scNKService_s.exe
2010-12-05 03:34 - 2010-08-12 01:19 - 00781536 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
2011-01-05 17:00 - 2009-07-20 12:35 - 00018960 _____ () C:\Program Files\SetPoint\khalwrapper.dll
2011-01-05 17:00 - 2009-07-20 04:00 - 00077824 _____ () C:\Program Files\SetPoint\x86\SetPoint32.exe
2011-07-28 16:55 - 2011-07-28 16:55 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-03-14 13:21 - 2011-03-14 13:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-02-15 18:57 - 2014-02-05 18:36 - 00023552 _____ () C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll
2014-02-26 11:34 - 2014-02-26 11:33 - 00612496 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll
2014-02-15 18:57 - 2014-02-05 18:36 - 00486400 _____ () C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll
2014-02-15 18:57 - 2014-02-05 18:36 - 00019968 _____ () C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll
2013-11-26 21:59 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2013-11-26 21:59 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2013-11-26 21:59 - 2010-05-05 09:47 - 02415104 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2013-11-26 21:59 - 2010-02-10 15:10 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2012-01-08 14:41 - 2012-01-08 14:41 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2010-12-05 03:34 - 2010-08-12 01:19 - 00056544 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STCoreXml.dll
2010-12-05 03:34 - 2010-08-12 01:19 - 00113888 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2010-12-05 03:34 - 2010-08-12 01:19 - 00126176 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2010-12-05 03:34 - 2010-08-12 01:19 - 01121504 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll
2010-12-05 03:34 - 2010-08-12 01:19 - 00077024 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
2010-12-05 03:34 - 2010-08-12 01:19 - 00232672 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
2010-12-05 03:34 - 2010-08-12 01:19 - 00072928 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
2010-12-05 03:34 - 2010-08-12 01:19 - 00109792 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
2010-12-05 03:34 - 2010-08-12 01:19 - 00119008 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
2013-07-12 16:00 - 2013-07-12 16:00 - 00249856 _____ () C:\Program Files (x86)\TP-LINK\MFP and Storage Server\DCPDLL.dll
2013-07-12 16:00 - 2013-07-12 16:00 - 00090112 _____ () C:\Program Files (x86)\TP-LINK\MFP and Storage Server\ESTLogDLL.dll
2013-07-12 16:00 - 2013-07-12 16:00 - 00487424 _____ () C:\Program Files (x86)\TP-LINK\MFP and Storage Server\PSMDLL.dll
2013-07-12 16:00 - 2013-07-12 16:00 - 00106496 _____ () C:\Program Files (x86)\TP-LINK\MFP and Storage Server\UNTPDLL.dll
2011-01-28 16:28 - 2007-04-19 09:33 - 00035584 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uPiApi.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2011-01-28 16:28 - 2008-11-26 16:59 - 00131584 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\AbilisWinUsb.dll
2011-01-28 16:28 - 2008-10-22 16:01 - 00200704 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\VendorCmdRW.dll
2014-02-13 20:35 - 2014-02-13 20:35 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\2b6cfcda2d134768a7313df94cfcc1ee\IsdiInterop.ni.dll
2010-12-05 03:06 - 2010-06-08 17:44 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2011-12-31 12:59 - 2011-02-15 14:05 - 00143360 _____ () C:\Program Files (x86)\T-Online\T-Online_Software_6\eMail\LIBEXPAT.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2011-12-31 12:59 - 2005-07-20 13:34 - 00700497 ____N () C:\Program Files (x86)\T-Online\T-Online_Software_6\Notifier\libcurl.dll
2011-12-31 12:59 - 2004-04-16 16:45 - 00143360 ____N () C:\Program Files (x86)\T-Online\T-Online_Software_6\Notifier\libexpat.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MBCameraMonitor.lnk => C:\Windows\pss\MBCameraMonitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Thomas Pitten^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk => C:\Windows\pss\Dell Dock.lnk.Startup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: MDS_Menu => "C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
MSCONFIG\startupreg: Olympus ib => "C:\Program Files (x86)\Olympus\ib\olycamdetect.exe" /Startup
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\pdf24\pdf24.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/27/2014 07:58:49 AM) (Source: Application Hang) (User: )
Description: Programm Launchpad.exe, Version 6.1.8800.16400 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 10ac

Startzeit: 01cf338172bf0868

Endzeit: 43

Anwendungspfad: C:\Program Files\Windows Server\Bin\Launchpad.exe

Berichts-ID:

Error: (02/27/2014 07:58:49 AM) (Source: Application Hang) (User: )
Description: Programm NokiaSuite.exe, Version 3.8.48.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2054

Startzeit: 01cf3381b2f8f372

Endzeit: 38

Anwendungspfad: C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe

Berichts-ID:

Error: (02/27/2014 07:09:10 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Notifier.exe, Version: 6.4.0.2, Zeitstempel: 0x45a38d1f
Name des fehlerhaften Moduls: funSip.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x47b561e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0358b023
ID des fehlerhaften Prozesses: 0x1ba8
Startzeit der fehlerhaften Anwendung: 0xNotifier.exe0
Pfad der fehlerhaften Anwendung: Notifier.exe1
Pfad des fehlerhaften Moduls: Notifier.exe2
Berichtskennung: Notifier.exe3

Error: (02/27/2014 07:02:16 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ACDaemon.exe, Version: 1.1.0.49, Zeitstempel: 0x4cc808ec
Name des fehlerhaften Moduls: ACDaemon.exe, Version: 1.1.0.49, Zeitstempel: 0x4cc808ec
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001af76
ID des fehlerhaften Prozesses: 0x18f8
Startzeit der fehlerhaften Anwendung: 0xACDaemon.exe0
Pfad der fehlerhaften Anwendung: ACDaemon.exe1
Pfad des fehlerhaften Moduls: ACDaemon.exe2
Berichtskennung: ACDaemon.exe3

Error: (02/27/2014 06:54:10 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit154.exe, Version: 1.154.0.0, Zeitstempel: 0x5301f767
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xda0
Startzeit der fehlerhaften Anwendung: 0xRe-markit154.exe0
Pfad der fehlerhaften Anwendung: Re-markit154.exe1
Pfad des fehlerhaften Moduls: Re-markit154.exe2
Berichtskennung: Re-markit154.exe3

Error: (02/26/2014 09:35:20 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {d7437aa6-336e-4065-8492-86b4ba4e0d77}

Error: (02/26/2014 05:30:48 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Notifier.exe, Version: 6.4.0.2, Zeitstempel: 0x45a38d1f
Name des fehlerhaften Moduls: funSip.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x47b561e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x035eb023
ID des fehlerhaften Prozesses: 0x10650
Startzeit der fehlerhaften Anwendung: 0xNotifier.exe0
Pfad der fehlerhaften Anwendung: Notifier.exe1
Pfad des fehlerhaften Moduls: Notifier.exe2
Berichtskennung: Notifier.exe3

Error: (02/26/2014 04:37:07 PM) (Source: Application Hang) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.16518 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 10320

Startzeit: 01cf3307b0b4b291

Endzeit: 13

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Berichts-ID:

Error: (02/26/2014 01:21:34 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Notifier.exe, Version: 6.4.0.2, Zeitstempel: 0x45a38d1f
Name des fehlerhaften Moduls: funSip.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x47b561e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x037eb023
ID des fehlerhaften Prozesses: 0x9cf0
Startzeit der fehlerhaften Anwendung: 0xNotifier.exe0
Pfad der fehlerhaften Anwendung: Notifier.exe1
Pfad des fehlerhaften Moduls: Notifier.exe2
Berichtskennung: Notifier.exe3

Error: (02/26/2014 11:06:51 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2
Name des fehlerhaften Moduls: IEBHO.dll, Version: 5.0.0.11465, Zeitstempel: 0x52f272e0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000487a9
ID des fehlerhaften Prozesses: 0x3f4c
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3


System errors:
=============
Error: (02/27/2014 02:33:35 PM) (Source: DCOM) (User: ThomasPitten-PC)
Description: AnwendungsspezifischLokalAktivierung{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}ThomasPitten-PCThomas PittenS-1-5-21-4087598786-887918800-69336566-1001LocalHost (unter Verwendung von LRPC)

Error: (02/27/2014 02:24:12 PM) (Source: DCOM) (User: ThomasPitten-PC)
Description: AnwendungsspezifischLokalAktivierung{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}ThomasPitten-PCThomas PittenS-1-5-21-4087598786-887918800-69336566-1001LocalHost (unter Verwendung von LRPC)

Error: (02/27/2014 02:23:51 PM) (Source: DCOM) (User: ThomasPitten-PC)
Description: AnwendungsspezifischLokalAktivierung{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}ThomasPitten-PCThomas PittenS-1-5-21-4087598786-887918800-69336566-1001LocalHost (unter Verwendung von LRPC)

Error: (02/27/2014 07:37:02 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (02/27/2014 07:37:02 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (02/27/2014 07:33:23 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (02/27/2014 07:33:23 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (02/27/2014 07:25:18 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (02/27/2014 07:25:18 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (02/27/2014 07:16:18 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.


Microsoft Office Sessions:
=========================
Error: (02/27/2014 07:58:49 AM) (Source: Application Hang)(User: )
Description: Launchpad.exe6.1.8800.1640010ac01cf338172bf086843C:\Program Files\Windows Server\Bin\Launchpad.exe

Error: (02/27/2014 07:58:49 AM) (Source: Application Hang)(User: )
Description: NokiaSuite.exe3.8.48.0205401cf3381b2f8f37238C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe

Error: (02/27/2014 07:09:10 AM) (Source: Application Error)(User: )
Description: Notifier.exe6.4.0.245a38d1ffunSip.dll_unloaded0.0.0.047b561e7c00000050358b0231ba801cf3381e02ed5d9C:\PROGRA~2\T-Online\T-ONLI~1\Notifier\Notifier.exefunSip.dllabe06505-9f75-11e3-a907-00038a000015

Error: (02/27/2014 07:02:16 AM) (Source: Application Error)(User: )
Description: ACDaemon.exe1.1.0.494cc808ecACDaemon.exe1.1.0.494cc808ecc00000050001af7618f801cf33817453b257C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exeC:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exeb556cb39-9f74-11e3-a907-00038a000015

Error: (02/27/2014 06:54:10 AM) (Source: Application Error)(User: )
Description: Re-markit154.exe1.154.0.05301f767KERNELBASE.dll6.1.7601.1822951fb1116e06d73630000c41fda001cf32cd365246f9C:\Program Files (x86)\Re-markit\Re-markit154.exeC:\Windows\syswow64\KERNELBASE.dll933cc92c-9f73-11e3-9493-00038a000015

Error: (02/26/2014 09:35:20 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {d7437aa6-336e-4065-8492-86b4ba4e0d77}

Error: (02/26/2014 05:30:48 PM) (Source: Application Error)(User: )
Description: Notifier.exe6.4.0.245a38d1ffunSip.dll_unloaded0.0.0.047b561e7c0000005035eb0231065001cf3308e3faba7eC:\PROGRA~2\T-Online\T-ONLI~1\Notifier\Notifier.exefunSip.dll58c4b2c5-9f03-11e3-9493-00038a000015

Error: (02/26/2014 04:37:07 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.165181032001cf3307b0b4b29113C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (02/26/2014 01:21:34 PM) (Source: Application Error)(User: )
Description: Notifier.exe6.4.0.245a38d1ffunSip.dll_unloaded0.0.0.047b561e7c0000005037eb0239cf001cf32e9a54414d3C:\PROGRA~2\T-Online\T-ONLI~1\Notifier\Notifier.exefunSip.dll87bd2657-9ee0-11e3-9493-00038a000015

Error: (02/26/2014 11:06:51 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1651852f347b2IEBHO.dll5.0.0.1146552f272e0c0000005000487a93f4c01cf32d864ca888fC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\Movies Toolbar\Datamngr\IEBHO.dllb5bab462-9ecd-11e3-9493-00038a000015


==================== Memory info =========================== 

Percentage of memory in use: 64%
Total physical RAM: 3958.68 MB
Available physical RAM: 1407.57 MB
Total Pagefile: 7915.55 MB
Available Pagefile: 4477.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:169.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: B7CFF39C)

Partition: GPT Partition Type.

==================== End Of Log ============================

Hier ist noch das defogger_disable.log.

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:56 on 27/02/2014 (Thomas Pitten)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

Und gmer.log

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-02-27 15:46:13
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950032 rev.D005 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\THOMAS~1\AppData\Local\Temp\afkiypoc.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528                                                                                                                        fffff80003bba000 45 bytes [01, 00, 00, 00, 00, 00, 00, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575                                                                                                                        fffff80003bba02f 16 bytes {ADD [RAX], AL; ADD EAX, ESP; CMP EAX, 0xfffffffffff8a019; CALL QWORD [RBX+0x61]}

---- User code sections - GMER 2.1 ----

.text     C:\ProgramData\IePluginService\PluginService.exe[1588] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                            0000000074ff1465 2 bytes [FF, 74]
.text     C:\ProgramData\IePluginService\PluginService.exe[1588] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                           0000000074ff14bb 2 bytes [FF, 74]
.text     ...                                                                                                                                                                                       * 2
.text     C:\ProgramData\WPM\wprotectmanager.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                      0000000074ff1465 2 bytes [FF, 74]
.text     C:\ProgramData\WPM\wprotectmanager.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                     0000000074ff14bb 2 bytes [FF, 74]
.text     ...                                                                                                                                                                                       * 2
.text     C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                            0000000074ff1465 2 bytes [FF, 74]
.text     C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                           0000000074ff14bb 2 bytes [FF, 74]
.text     ...                                                                                                                                                                                       * 2
.text     C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe[2576] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69                                                                     0000000074ff1465 2 bytes [FF, 74]
.text     C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe[2576] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155                                                                    0000000074ff14bb 2 bytes [FF, 74]
.text     ...                                                                                                                                                                                       * 2
.text     C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                      0000000074ff1465 2 bytes [FF, 74]
.text     C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                     0000000074ff14bb 2 bytes [FF, 74]
.text     ...                                                                                                                                                                                       * 2
.text     C:\Program Files (x86)\Re-markit\Re-markit154.exe[3720] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                           0000000074ff1465 2 bytes [FF, 74]
.text     C:\Program Files (x86)\Re-markit\Re-markit154.exe[3720] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                          0000000074ff14bb 2 bytes [FF, 74]
.text     ...                                                                                                                                                                                       * 2
.text     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[8036] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                              0000000074ff1465 2 bytes [FF, 74]
.text     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[8036] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                             0000000074ff14bb 2 bytes [FF, 74]
.text     ...                                                                                                                                                                                       * 2

---- User IAT/EAT - GMER 2.1 ----

IAT       C:\Program Files\Windows Server\Bin\SharedServiceHost.exe[4304] @ C:\Program Files\Windows Server\Bin\TaskScheduler.Interop.dll[mscoree.dll!_CorDllMain]                                  [a530] 

---- Threads - GMER 2.1 ----

Thread    C:\Windows\SysWOW64\ntdll.dll [3048:3052]                                                                                                                                                 000000000003288e
Thread    C:\Windows\SysWOW64\ntdll.dll [3784:2764]                                                                                                                                                 00000000012e0d9a
---- Processes - GMER 2.1 ----

Library   C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe [2332](2013-11-26 20:59:26)                         000000006fbc0000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe [2332](2013-11-26 20:59:26)                   000000006e940000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe [2332](2013-11-26 20:59:26)                          000000006a1c0000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe [2332](2013-11-26 20:59:26)                       000000006ff00000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe [80136](2013-11-26 20:59:26)                    000000006fbc0000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe [80136](2013-11-26 20:59:26)              000000006e940000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe [80136](2013-11-26 20:59:26)                     000000006a1c0000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\QtGui4.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe [80136](2013-11-26 20:59:26)                      0000000065100000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe [80136](2013-11-26 20:59:26)                  000000006ff00000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\plugins\imageformats\qgif4.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe [80136](2014-01-25 20:57:06)  0000000068f00000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\plugins\imageformats\qico4.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe [80136](2014-01-25 20:57:06)  000000006bdc0000

---- Registry - GMER 2.1 ----

Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0cb38bac4ca                                                                                                               
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0cb38bac4ca@00121c2057de                                                                                                  0x36 0x89 0x91 0xF8 ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0cb38bac4ca@00121c5a21b8                                                                                                  0xF5 0xA2 0x75 0x97 ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0cb38bac4ca@143605ea775b                                                                                                  0xC7 0x0C 0xD4 0x23 ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0cb38bac4ca@b0358dda638f                                                                                                  0x2F 0x32 0x18 0xA8 ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\SRTSP@Start                                                                                                                                        1
Reg       HKLM\SYSTEM\CurrentControlSet\services\SRTSP                                                                                                                                              
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0cb38bac4ca (not active ControlSet)                                                                                           
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0cb38bac4ca@00121c2057de                                                                                                      0x36 0x89 0x91 0xF8 ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0cb38bac4ca@00121c5a21b8                                                                                                      0xF5 0xA2 0x75 0x97 ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0cb38bac4ca@143605ea775b                                                                                                      0xC7 0x0C 0xD4 0x23 ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0cb38bac4ca@b0358dda638f                                                                                                      0x2F 0x32 0x18 0xA8 ...

---- EOF - GMER 2.1 ----

schrauber · 28.02.2014, 19:46

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

ThomasPitten · 01.03.2014, 09:22

Hallo, das sieht schon viel besser aus....

Code:

ATTFilter

ComboFix 14-02-24.02 - Thomas Pitten 28.02.2014  23:17:26.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3959.1197 [GMT 1:00]
ausgeführt von:: c:\users\Thomas Pitten\Desktop\ComboFix.exe
AV: Norton 360 Online *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 Online *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 Online *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Search Results Toolbar\Datamngr
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\css\new-tab.css
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_amazon.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_ebay.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_facebook.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_fantastigames.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_ftalk.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_youtube.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\IDR_WEBSTORE_ICON.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\imesh_logo_128.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\new-tab.html
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\analytics.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\constant.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\default-config.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\jquery.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\localStorage.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\new-tab.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\preferences.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\manifest.json
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\OurLocalPage.html
c:\program files (x86)\Search Results Toolbar\Datamngr\del_DM_DLL_nsw98E2.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\del_DM_LL_nsw98E2.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\del_IEBHO_nsw98E2.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\del_mg_nsw98E2.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\__searchresultsDx.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\__searchresultstb.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\as_guid.dat
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\custom.js
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\about.xml
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\custom.js
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\dtxpanel.xul
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\dtxpaneltransparent.xul
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\dtxpanelwin.xul
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\dtxprefwin.xul
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\dtxtransparentwin.xul
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\dtxwin.xul
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\emailnotifierproviders.xml
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\external.js
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\neterror.xhtml
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\rsspreview.html
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\rsswin.xml
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\rsswin.xsl
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\wmpstreamer.html
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\modules\datastore.jsm
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\modules\nsDragAndDrop.js
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\neterror.xhtml
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\preferences.xml
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\template.xml
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\toolbar.htm
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\toolbar.xul
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\vmncode.js
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\vmnrsswin.xml
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_icon.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_iconFF.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_iconPressed.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_iconPressedFF.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_pref_icon.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\thumbs\tb_thumb_icon.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\widget.jsw
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\widget.jsww
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\widget.xml
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-buffering.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-connecting.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-ico.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-playing.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-stopped.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta.ico
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\tb_icon.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\widget.jsw
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\widget.xml
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\data\search\engines.xml
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\data\search\search.xsl
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\data\weather\icons.xml
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\lib\en.js
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\locale.js
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\toolbar\de.js
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\toolbar\en.js
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\toolbar\es.js
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\toolbar\fr.js
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\toolbar\it.js
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\blip.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\bluelite.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\bluesky.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn-search-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn-search.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn-settings-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn-settings.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn-widgets-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn-widgets.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn_settings.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\custom.css
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\dailymotion.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\divider.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\ebay.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\facebook.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\find-videos.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\grey.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\icon_games.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\images.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\add.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\alexabutton.css
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\aol.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\arrow-dn.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\arrow-right-disabled.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\arrow-right.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\arrow-up.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btn-divider.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btn-end.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btn-mdl.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btn-mdl_ff.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btn-start.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btnover-divider.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btnover-end.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btnover-mdl.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btnover-start.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\blank.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btn-widgets-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btn-widgets.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btn_slider.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btnback-down-vista.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btnback-vista.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btnleft-down-vista.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btnleft-vista.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btnright-down-vista.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btnright-vista.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\button-splitter-down-vista.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\button-splitter-vista.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\button-splitter.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\checkmark.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\chevron.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\collapse.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\debugbar\debug.html
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\dtx-test.css
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\dtx.css
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\edit-back-hot.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\edit-back.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\expand.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\found.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\gmail.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\highlight.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\highlight_blue.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\highlight_cyan.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\highlight_lime.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\highlight_magenta.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\highlight_yellow.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\hotmail.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\imap.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\lastsearch-thumb-back.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\launchers.css
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\loadingMid.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\lock.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\logo-separator.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\mailcom.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menu_bg-basic.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menu_separator_bar.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menu_separator_white.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitem-splitter.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemback-down-vista.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemback-vista.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemleft-down-vista.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemleft-vista.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemleft.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemright-down-vista.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemright-vista.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\minus.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\modify.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\move.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\movetarget.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\css\panels.css
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\css\popupAbout.css
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\css\popupGames.css
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\css\popupWidgets.css
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\css\dialog.css
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\bg.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\btn-search.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\btn-wide-close.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\default.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\tab-off-l.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\tab-off-r.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\tab-on-l.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\tab-on-r.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\transparent.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\ttlbar-left.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\ttlbar-mdl.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\ttlbar-right.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\win-btm-left.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\win-btm-mdl.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\win-btm-right.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\win-left.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\win-right.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\main.html
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\main.html.bak
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\scripts\defscript.js
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\scripts\defscript.js.bak
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\footer.htm
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\gamecategory.xsl
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\gameData.js
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\gameList.xsl
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\gametype.xsl
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\arrow-dn.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\arrow-sml.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\arrow-up.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\bg-btnover.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-addtoolbar-left.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-back.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-close-grey.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-drag.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-mdl-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-mdl.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-moredetails.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-next-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-next.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-play-left-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-play-left.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-previous-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-previous.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-right-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-try-left-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-try-left.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\bullet-orange.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\gamethumb-on.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-calendar.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-dollar.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-download.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-joystick24.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-news24.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-play.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-tags.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\icon-Add.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\icon-download.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\icon-Info.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\icon-play.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\icon-shop.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\menul-bgon.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\menul-bgover.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scroll-bg.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scroll-topwin.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollb-disable.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollb-down.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollb-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollb.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollt-disable.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollt-down.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollt-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollt.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\star_x_grey.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\star_x_orange.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\throbber.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\view-detailed-on.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\view-detailed-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\view-thumb-on.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\view-thumb-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\widgets.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\initHTML.html
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\popupGames.html
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\popupHTML.html
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\popupWidgets.html
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\scroll.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\plus.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\pop.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\radio.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\reload.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\remove.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\rename.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\resize-box.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\rss.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\rsschannelback.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\RSSLogo.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\rsstabdivider.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\scroll-left.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\scroll-right.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\search-go.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\search.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\separator.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\text-ellipsis.xml
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\throbber.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\toolbarsplitter.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\transparent_1px.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_02.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_03.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_04.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_06.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_07.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_08.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_09.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_10.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_11.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_12.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_13.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_14.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_15.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_16.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_18.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_19.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_20.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_21.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\btn-close-grey.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\btn-close-greyover.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\close-hot.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\close-normal.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\loadingMid.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\paneltemplate.html
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\proxy.html
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\template.html
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\template.html.bak
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\template.xml
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\templateFF.html
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\throbber.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton.css
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons\na-t.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons\na.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons\weather.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\yahoo.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lichen.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\logo-about.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\logo-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\logo-separator.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\logo.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\menuseparatorback.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\metacafe.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\modify-save.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\modify.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\modifyhot.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\namespacetoolbar.css
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options-search.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options\options-main.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options\options-search.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options\options-weather.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options\options-weather.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options\options-widgets.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\orange.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\search-over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\search_icon.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\searchbar\searchbar-background-left.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\searchbar\searchbar-background-middle.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\searchbar\searchbar-background-right.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\setting_stb_16x.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\settings.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\settings_stb_19x.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\settings_stb_19x_over.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin-bluelite.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin-bluesky.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin-grey.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin-lichen.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin-orange.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin-yellow.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin.xml
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\sv.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\throbber.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\toolbarsplitter.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\TRUSTe_about.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\tv.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\twitter.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\veoh.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\video.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\vimeo.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\vmn.css
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\web.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\websearch.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\yellow.gif
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\youtube.png
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\components\windowmediator.js
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\install.ico
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\manifest.xml
c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\uninstall.exe
c:\program files (x86)\Search Results Toolbar\Datamngr\x64\del_BHO_nsw98E2.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\x64\del_DM_DLL_nsw98E2.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\x64\del_DM_LL_nsw98E2.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\x64\del_mg_nsw98E2.dll
c:\programdata\IePluginService
c:\programdata\IePluginService\PluginService.exe
c:\programdata\Wincert\WIN32C~1.DLL
c:\users\Thomas Pitten\AppData\Local\lollipop
c:\users\Thomas Pitten\WINDOWS
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_IePluginService
-------\Service_IePluginService
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-02-01 bis 2014-03-01  ))))))))))))))))))))))))))))))
.
.
2014-02-28 23:31 . 2014-02-28 23:31	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-02-27 13:59 . 2014-02-27 14:04	--------	d-----w-	C:\FRST
2014-02-26 10:34 . 2014-02-28 23:34	--------	d-----w-	c:\program files (x86)\WinZipper
2014-02-26 10:34 . 2014-02-26 10:34	--------	d-----w-	c:\users\Thomas Pitten\AppData\Roaming\WinZipper
2014-02-26 06:36 . 2014-01-09 02:22	5694464	----a-w-	c:\windows\SysWow64\mstscax.dll
2014-02-26 06:36 . 2014-01-03 22:44	6574592	----a-w-	c:\windows\system32\mstscax.dll
2014-02-23 12:08 . 2014-02-23 12:08	--------	d-----w-	C:\N360_BACKUP
2014-02-22 20:33 . 2014-02-24 22:04	--------	d-----w-	c:\users\Thomas Pitten\AppData\Roaming\MFP and Storage Server
2014-02-22 19:51 . 2014-02-22 19:51	--------	d-----w-	c:\program files (x86)\TP-LINK
2014-02-19 19:57 . 2014-02-19 19:57	--------	d-----w-	c:\programdata\kinoma
2014-02-19 19:15 . 2014-02-19 19:15	--------	d-----w-	c:\users\Thomas Pitten\AppData\Local\kinoma
2014-02-19 19:14 . 2014-02-19 19:14	--------	d-----w-	c:\users\Thomas Pitten\AppData\Local\Sony Corporation
2014-02-19 19:14 . 2014-02-19 19:14	--------	d-----w-	c:\program files (x86)\Sony
2014-02-19 19:14 . 2014-02-19 19:14	--------	d-----w-	c:\program files (x86)\Common Files\Sony Shared
2014-02-19 19:10 . 2014-02-19 19:10	--------	d-----w-	c:\users\Thomas Pitten\AppData\Roaming\Sony Corporation
2014-02-19 19:10 . 2014-02-19 19:10	--------	d-----w-	c:\programdata\Sony Corporation
2014-02-19 18:32 . 2013-09-25 02:23	1030144	----a-w-	c:\windows\system32\TSWorkspace.dll
2014-02-19 18:32 . 2013-09-25 01:57	792576	----a-w-	c:\windows\SysWow64\TSWorkspace.dll
2014-02-19 09:57 . 2014-02-19 09:58	--------	d-----w-	c:\program files (x86)\SupTab
2014-02-19 09:57 . 2014-02-19 09:57	--------	d-----w-	c:\users\Thomas Pitten\AppData\Roaming\SupTab
2014-02-19 09:57 . 2014-02-26 10:31	--------	d-----w-	c:\programdata\WPM
2014-02-19 09:57 . 2014-02-19 09:57	--------	d-----w-	c:\users\Thomas Pitten\AppData\Roaming\awesomehp
2014-02-19 09:55 . 2014-02-19 09:55	--------	d-----w-	c:\users\Thomas Pitten\.android
2014-02-19 09:55 . 2014-02-19 09:56	--------	d-----w-	c:\users\Thomas Pitten\AppData\Local\cache
2014-02-19 09:55 . 2014-02-21 11:46	--------	d-----w-	c:\users\Thomas Pitten\AppData\Roaming\newnext.me
2014-02-19 09:55 . 2014-02-19 14:46	--------	d-----w-	c:\users\Thomas Pitten\AppData\Local\Mobogenie
2014-02-19 09:55 . 2014-02-19 09:55	--------	d-----w-	c:\users\Thomas Pitten\AppData\Local\genienext
2014-02-19 09:53 . 2014-02-19 09:53	--------	d-----w-	c:\program files (x86)\Re-markit
2014-02-15 17:56 . 2014-03-01 07:49	--------	d-----w-	c:\programdata\Datamngr
2014-02-13 23:52 . 2013-12-21 09:53	548864	----a-w-	c:\windows\system32\vbscript.dll
2014-02-13 23:52 . 2013-12-21 08:56	454656	----a-w-	c:\windows\SysWow64\vbscript.dll
2014-02-13 08:04 . 2013-12-06 02:30	1882112	----a-w-	c:\windows\system32\msxml3.dll
2014-02-01 12:26 . 2014-02-01 13:08	--------	d-----w-	c:\users\Thomas Pitten\AppData\Local\SiDiary
2014-02-01 12:23 . 2014-02-01 12:23	--------	d-----w-	c:\program files (x86)\SINOVO
2014-01-30 19:55 . 2014-02-28 23:35	--------	d-----w-	c:\programdata\LightsOut
2014-01-30 19:55 . 2014-01-30 19:55	1045504	----a-w-	c:\programdata\Microsoft\Windows Server\Data\DownloadCache\LightsOutVailClientInstallx64.msi
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-26 10:34 . 2011-02-19 21:03	421008	----a-w-	c:\windows\SysWow64\msvcp100.dll
2014-02-26 10:34 . 2011-02-18 22:40	773776	----a-w-	c:\windows\SysWow64\msvcr100.dll
2014-02-20 20:32 . 2012-04-01 19:38	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-20 20:32 . 2011-06-11 11:37	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-18 22:00 . 2010-12-17 19:50	88567024	----a-w-	c:\windows\system32\MRT.exe
2014-01-13 12:22 . 2014-01-03 21:58	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2014-01-13 12:21 . 2014-01-02 18:14	42168	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2014-01-10 21:10 . 2014-01-03 21:51	42168	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2014-01-10 21:10 . 2014-01-03 21:50	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-01-06 16:37 . 2014-01-02 18:14	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2014-01-06 16:37 . 2014-01-06 16:37	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-12-29 11:02 . 2013-12-29 11:02	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-29 11:02 . 2013-12-29 11:02	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-12-29 11:02 . 2013-12-29 11:02	942592	----a-w-	c:\windows\system32\jsIntl.dll
2013-12-29 11:02 . 2013-12-29 11:02	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-12-29 11:02 . 2013-12-29 11:02	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2013-12-29 11:02 . 2013-12-29 11:02	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2013-12-29 11:02 . 2013-12-29 11:02	84992	----a-w-	c:\windows\system32\mshtmled.dll
2013-12-29 11:02 . 2013-12-29 11:02	83968	----a-w-	c:\windows\system32\MshtmlDac.dll
2013-12-29 11:02 . 2013-12-29 11:02	81408	----a-w-	c:\windows\system32\icardie.dll
2013-12-29 11:02 . 2013-12-29 11:02	774144	----a-w-	c:\windows\system32\jscript.dll
2013-12-29 11:02 . 2013-12-29 11:02	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-12-29 11:02 . 2013-12-29 11:02	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-29 11:02 . 2013-12-29 11:02	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-29 11:02 . 2013-12-29 11:02	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2013-12-29 11:02 . 2013-12-29 11:02	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-12-29 11:02 . 2013-12-29 11:02	62464	----a-w-	c:\windows\system32\pngfilt.dll
2013-12-29 11:02 . 2013-12-29 11:02	61952	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2013-12-29 11:02 . 2013-12-29 11:02	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2013-12-29 11:02 . 2013-12-29 11:02	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-12-29 11:02 . 2013-12-29 11:02	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-12-29 11:02 . 2013-12-29 11:02	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-12-29 11:02 . 2013-12-29 11:02	48128	----a-w-	c:\windows\system32\imgutil.dll
2013-12-29 11:02 . 2013-12-29 11:02	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2013-12-29 11:02 . 2013-12-29 11:02	413696	----a-w-	c:\windows\system32\html.iec
2013-12-29 11:02 . 2013-12-29 11:02	40448	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-29 11:02 . 2013-12-29 11:02	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-12-29 11:02 . 2013-12-29 11:02	34816	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-29 11:02 . 2013-12-29 11:02	337408	----a-w-	c:\windows\SysWow64\html.iec
2013-12-29 11:02 . 2013-12-29 11:02	30208	----a-w-	c:\windows\system32\licmgr10.dll
2013-12-29 11:02 . 2013-12-29 11:02	296960	----a-w-	c:\windows\system32\dxtrans.dll
2013-12-29 11:02 . 2013-12-29 11:02	263376	----a-w-	c:\windows\system32\iedkcs32.dll
2013-12-29 11:02 . 2013-12-29 11:02	247808	----a-w-	c:\windows\system32\msls31.dll
2013-12-29 11:02 . 2013-12-29 11:02	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-12-29 11:02 . 2013-12-29 11:02	243200	----a-w-	c:\windows\system32\webcheck.dll
2013-12-29 11:02 . 2013-12-29 11:02	235520	----a-w-	c:\windows\system32\url.dll
2013-12-29 11:02 . 2013-12-29 11:02	235008	----a-w-	c:\windows\system32\elshyph.dll
2013-12-29 11:02 . 2013-12-29 11:02	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2013-12-29 11:02 . 2013-12-29 11:02	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-12-29 11:02 . 2013-12-29 11:02	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-12-29 11:02 . 2013-12-29 11:02	147968	----a-w-	c:\windows\system32\occache.dll
2013-12-29 11:02 . 2013-12-29 11:02	143872	----a-w-	c:\windows\system32\wextract.exe
2013-12-29 11:02 . 2013-12-29 11:02	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2013-12-29 11:02 . 2013-12-29 11:02	13824	----a-w-	c:\windows\system32\mshta.exe
2013-12-29 11:02 . 2013-12-29 11:02	135680	----a-w-	c:\windows\system32\iepeers.dll
2013-12-29 11:02 . 2013-12-29 11:02	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2013-12-29 11:02 . 2013-12-29 11:02	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2013-12-29 11:02 . 2013-12-29 11:02	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-12-29 11:02 . 2013-12-29 11:02	1228800	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-12-29 11:02 . 2013-12-29 11:02	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-12-29 11:02 . 2013-12-29 11:02	105984	----a-w-	c:\windows\system32\iesysprep.dll
2013-12-29 11:02 . 2013-12-29 11:02	1051136	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-12-29 11:02 . 2013-12-29 11:02	101376	----a-w-	c:\windows\system32\inseng.dll
2013-12-18 20:09 . 2014-01-17 12:31	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
2014-02-19 07:45	513136	----a-w-	c:\program files (x86)\SupTab\SupTab.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MFP and Storage Server"="c:\program files (x86)\TP-LINK\MFP and Storage Server\MFP and Storage Server.exe" [2013-07-12 2076672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"HPUsageTrackingLEDM"="c:\program files (x86)\HP\HP UT LEDM\bin\hppusg.exe" [2009-08-04 30264]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [2010-08-12 163040]
.
c:\users\Thomas Pitten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Netzmanager.lnk - c:\program files\Netzmanager\netzmanager.exe /Autostart [2012-7-20 14134784]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29 1082656]
Lights-Out Client.lnk - c:\program files\Windows Server\Bin\LightsOutClientGui.exe [2013-6-19 262304]
SetPoint.lnk - c:\program files\SetPoint\SetPoint.exe [2011-1-5 1207312]
TMMonitor.lnk - c:\program files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2011-1-28 258048]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun [2010-5-28 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 initMonitor;Windows Server-Initialisierungsdienst;c:\program files\Windows Server\Bin\SharedServiceHost.exe;c:\program files\Windows Server\Bin\SharedServiceHost.exe [x]
R2 Internet Manager. RunOuc;Internet Manager. OUC;c:\program files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe;c:\program files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [x]
R2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys;c:\windows\SYSNATIVE\Drivers\mvusbews.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 NUServer64;Network USB Server Device ;c:\windows\system32\DRIVERS\NUServer64.sys;c:\windows\SYSNATIVE\DRIVERS\NUServer64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 XHASP;XHASP;c:\windows\system32\drivers\XHASP.sys;c:\windows\SYSNATIVE\drivers\XHASP.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0604010.00E\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\0604010.00E\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0604010.00E\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\0604010.00E\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20140214.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [x]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\0604010.00E\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20140227.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20140227.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\0604010.00E\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\0604010.00E\SYMNETS.SYS [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 aksdf;aksdf;c:\windows\system32\DRIVERS\aksdf.sys;c:\windows\SYSNATIVE\DRIVERS\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 arXfrSvc;TV-Archivübertragungsdienst für Windows Server Media Center;c:\program files\Windows Server\Bin\Microsoft.HomeServer.Archive.TransferService.exe;c:\program files\Windows Server\Bin\Microsoft.HomeServer.Archive.TransferService.exe [x]
S2 DatamngrCoordinator2;Datamngr Coordinator;c:\program files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe;c:\program files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x]
S2 HealthAlertsSvc;Integritätsdienst von Windows Server;c:\program files\Windows Server\Bin\SharedServiceHost.exe;c:\program files\Windows Server\Bin\SharedServiceHost.exe [x]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe;c:\windows\SYSNATIVE\HPSIsvc.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 LANConfig;Windows Server-LAN-Konfiguration;c:\program files\Windows Server\Bin\LANConfigSvc.exe;c:\program files\Windows Server\Bin\LANConfigSvc.exe [x]
S2 LoClntService;Lights-Out Client Service;c:\program files\Windows Server\bin\LightsOutClientService.exe;c:\program files\Windows Server\bin\LightsOutClientService.exe [x]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe;c:\program files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe [x]
S2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe  [x]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 NotificationsProviderSvc;Windows Server-Anbieterdienst für Benachrichtigungen;c:\program files\Windows Server\Bin\SharedServiceHost.exe;c:\program files\Windows Server\Bin\SharedServiceHost.exe [x]
S2 providers_system;Windows Server-Downloaddienst;c:\program files\Windows Server\Bin\SharedServiceHost.exe;c:\program files\Windows Server\Bin\SharedServiceHost.exe [x]
S2 Re-markit;Re-markit;c:\program files (x86)\Re-markit\Re-markit154.exe;c:\program files (x86)\Re-markit\Re-markit154.exe [x]
S2 scNKService_S;scNKService_S;c:\windows\SysWOW64\scNKService_s.exe;c:\windows\SysWOW64\scNKService_s.exe [x]
S2 ServiceProviderRegistry;Dienstanbieterregistrierung von Windows Server;c:\program files\Windows Server\Bin\ProviderRegistryService.exe;c:\program files\Windows Server\Bin\ProviderRegistryService.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 SqmProviderSvc;SQM-Dienst von Windows Server;c:\program files\Windows Server\Bin\SharedServiceHost.exe;c:\program files\Windows Server\Bin\SharedServiceHost.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WhsMcClient;Windows Server Media Center-Clientdienst;c:\program files\Windows Server\Bin\WhsMcClient.exe;c:\program files\Windows Server\Bin\WhsMcClient.exe [x]
S2 winzipersvc;WinZiper service;c:\program files (x86)\WinZipper\winzipersvc.exe;c:\program files (x86)\WinZipper\winzipersvc.exe [x]
S2 Wpm;Wpm Service;c:\programdata\WPM\wprotectmanager.exe;c:\programdata\WPM\wprotectmanager.exe [x]
S2 WSConnectorUpdate;Windows Server-Connector-Update;c:\program files\Windows Server\Bin\WSConnectorUpdate.exe;c:\program files\Windows Server\Bin\WSConnectorUpdate.exe [x]
S2 WSS_ComputerBackupProviderSvc;Windows Server-Anbieterdienst für die Clientcomputersicherung;c:\program files\Windows Server\Bin\SharedServiceHost.exe;c:\program files\Windows Server\Bin\SharedServiceHost.exe [x]
S3 BackupReader;BackupReader;c:\windows\system32\DRIVERS\BackupReader.sys;c:\windows\SYSNATIVE\DRIVERS\BackupReader.sys [x]
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys;c:\windows\SYSNATIVE\DRIVERS\bcmvwl64.sys [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 EST_BusEnum;Network USB Device Bus;c:\windows\system32\DRIVERS\GenBus.sys;c:\windows\SYSNATIVE\DRIVERS\GenBus.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 hpnuhst;HP NUSB Host;c:\windows\system32\DRIVERS\hpnuhst.sys;c:\windows\SYSNATIVE\DRIVERS\hpnuhst.sys [x]
S3 HPNUHUB;HP NUSB Hub;c:\windows\system32\DRIVERS\hpnuhub.sys;c:\windows\SYSNATIVE\DRIVERS\hpnuhub.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 NUS_Bus64;Network USB Server Bus ;c:\windows\system32\DRIVERS\NUS_Bus64.sys;c:\windows\SYSNATIVE\DRIVERS\NUS_Bus64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-21 08:21	1150280	----a-w-	c:\program files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-03-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 20:32]
.
2014-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-01 16:11]
.
2014-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-01 16:11]
.
2014-03-01 c:\windows\Tasks\Re-markit Update.job
- c:\program files (x86)\Re-markit\ReMarkit_up.exe [2014-02-19 09:53]
.
2014-03-01 c:\windows\Tasks\Re-markit_wd.job
- c:\program files (x86)\Re-markit\Re-markit_wd.exe [2014-02-19 09:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-06-18 487424]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2010-02-03 5712896]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392803730&from=amt&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&q={searchTerms}
mDefault_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&ts=1393410709
mStart Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&ts=1393410709
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1392803730&from=amt&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&q={searchTerms}
uInternet Settings,ProxyServer = http=127.0.0.1:13828
mSearchAssistant = hxxp://start.facemoods.com/?a=stonicde&s={searchTerms}&f=4
IE: {{9FB232C5-6909-4F81-99B4-BAB4998940F2}
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{AFE0B683-5104-42AC-BC52-6085E81B88B5}: NameServer = 10.74.210.210 10.74.210.211
.
.
------- Dateityp-Verknüpfung -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{f34c9277-6577-4dff-b2d7-7d58092f272f} - c:\progra~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll
Toolbar-{f34c9277-6577-4dff-b2d7-7d58092f272f} - c:\progra~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-HornetMonitor - c:\program files (x86)\Common Files\Hornet\MntrHrnt.exe
Wow6432Node-HKLM-Run-DATAMNGR - c:\progra~2\SEARCH~1\Datamngr\DATAMN~2.EXE
Wow6432Node-HKLM-Run-mobilegeni daemon - c:\program files (x86)\Mobogenie\DaemonProcess.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} - c:\users\Thomas Pitten\AppData\Roaming\Media Finder\Extensions\IEPlugin64.dll
Toolbar-10 - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-Launchpad - c:\program files (x86)\Windows Server\Bin\Launchpad.exe
AddRemove-Hardlock Gerätetreiber - c:\windows\system32\UNWISE.EXE
AddRemove-IePlugins - c:\programdata\IePluginService\PluginService.exe
AddRemove-ilividtoolbarguid - c:\progra~2\SEARCH~1\Datamngr\SRTOOL~1\uninstall.exe
AddRemove-RWE Bau-Handbuch - c:\windows\System32\UNWISE.EXE
AddRemove-{6DA399FC-350F-41AC-8CA6-B9F8496753BE}_is1 - c:\program files (x86)\Media Finder\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\6.4.1.14\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
c:\programdata\Internet Manager\OnlineUpdate\ouc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\IRMonitor.exe
c:\program files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe
c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-03-01  08:57:08 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-03-01 07:57
.
Vor Suchlauf: 15 Verzeichnis(se), 184.090.279.936 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 183.303.032.832 Bytes frei
.
- - End Of File - - B695F99848E6F37FF1D3142B2B876F25

schrauber · 02.03.2014, 07:37

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

ThomasPitten · 03.03.2014, 14:25

Hallo, hier das log von malwarebytes:

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.02.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Thomas Pitten :: THOMASPITTEN-PC [Administrator]

Schutz: Aktiviert

02.03.2014 21:38:04
mbam-log-2014-03-02 (21-38-04).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 231742
Laufzeit: 12 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 6
C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager) -> 1572 -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (PUP.Optional.Bandoo.A) -> 1912 -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (PUP.Optional.Bandoo.A) -> 2044 -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe (PUP.Optional.Bandoo.A) -> 15248 -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit\Re-markit154.exe (PUP.Optional.ReMarkit.A) -> 20412 -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit\Re-markit_wd.exe (PUP.Optional.ReMarkIt.A) -> 14816 -> Keine Aktion durchgeführt.

Infizierte Speichermodule: 1
C:\Program Files (x86)\SupTab\SupTab.dll (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.

Infizierte Registrierungsschlüssel: 27
HKLM\SYSTEM\CurrentControlSet\Services\Wpm (PUP.Optional.WpManager) -> Keine Aktion durchgeführt.
HKLM\SYSTEM\CurrentControlSet\Services\DatamngrCoordinator2 (PUP.Optional.Bandoo.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} (PUP.Optional.Datamngr.A) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} (PUP.Optional.Datamngr.A) -> Keine Aktion durchgeführt.
HKCR\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC} (PUP.Optional.Datamngr.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} (PUP.Optional.Datamngr.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{f34c9277-6577-4dff-b2d7-7d58092f272f} (PUP.Optional.Datamngr.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Optional.Datamngr.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Optional.Datamngr.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Optional.Datamngr.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Optional.Datamngr.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SupTab (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
HKCR\SearchQUIEHelper.DNSGuard (PUP.Optional.SearchQu) -> Keine Aktion durchgeführt.
HKCR\SearchQUIEHelper.DNSGuard.1 (PUP.Optional.SearchQu) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\DATAMNGR (PUP.Optional.MoviesToolbar.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo (PUP.Optional.Elex.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Google\Chrome\Extensions\pkndmigholgfjlniaohblojbhgjbkakn (PUP.Optional.NewTab.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Keine Aktion durchgeführt.
HKLM\SYSTEM\CurrentControlSet\Services\Re-markit (PUP.Optional.ReMarkit.A) -> Keine Aktion durchgeführt.
HKLM\Software\awesomehpSoftware (PUP.Optional.Awesomehp.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\2b35b537-7715-4a92-a2b5-d3a6ee41d39f (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 5
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Optional.Datamngr.A) -> Daten: Search-Results Toolbar -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{f34c9277-6577-4dff-b2d7-7d58092f272f} (PUP.Optional.Datamngr.A) -> Daten:  -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Datamngr|uninstallstring (PUP.Optional.MoviesToolbar.A) -> Daten: C:\Program Files (x86)\Movies Toolbar\Datamngr\uninstall.exe -> Keine Aktion durchgeführt.
HKLM\SYSTEM\CurrentControlSet\Services\Wpm|ImagePath (PUP.Optional.WpManager.A) -> Daten: C:\ProgramData\WPM\wprotectmanager.exe -service -> Keine Aktion durchgeführt.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Daten: http=127.0.0.1:13828 -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (PUP.Optional.Awesomehp.A) -> Bösartig: (hxxp://www.awesomehp.com/web/?type=ds&ts=1392803730&from=amt&uid=ST9500325AS_5VEE9R3BXXXX5VEE9R3B&q={searchTerms}) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|DefaultScope (PUP.Optional.Qone8) -> Bösartig: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}) Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 32
C:\Users\Thomas Pitten\AppData\Roaming\awesomehp (PUP.Optional.Awesomehp.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Roaming\awesomehp\images (PUP.Optional.Awesomehp.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\js (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\en-US (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\es-419 (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\es-ES (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\fr-BE (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\fr-CA (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\fr-CH (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\fr-FR (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\fr-LU (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\it-CH (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\it-IT (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\pl (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\pt-BR (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\ru (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\ru-MO (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\tr-TR (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\vi-VI (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\zh-CN (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\zh-TW (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Datamngr (PUP.Optional.Datamngr.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr (PUP.Optional.MoviesToolbar.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\x64 (PUP.Optional.MoviesToolbar.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.

Infizierte Dateien: 138
C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (PUP.Optional.Bandoo.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe (PUP.Optional.Bandoo.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\SupTab.dll (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\IEBHO.dll (PUP.Optional.Datamngr.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Roaming\SupTab\SupTab.dll (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.
C:\Windows\Tasks\Re-markit Update.job (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
C:\Windows\Tasks\Re-markit_wd.job (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx (PUP.Optional.NewTab.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Roaming\awesomehp\67.json (PUP.Optional.Awesomehp.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Roaming\awesomehp\uninstallDlg.xml (PUP.Optional.Awesomehp.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Roaming\awesomehp\UninstallManager.exe (PUP.Optional.Awesomehp.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Roaming\awesomehp\images\bg1.png (PUP.Optional.Awesomehp.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Roaming\awesomehp\images\button1.png (PUP.Optional.Awesomehp.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Roaming\awesomehp\images\checked.png (PUP.Optional.Awesomehp.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Roaming\awesomehp\images\close.png (PUP.Optional.Awesomehp.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Roaming\awesomehp\images\min.png (PUP.Optional.Awesomehp.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Roaming\awesomehp\images\Thumbs.db (PUP.Optional.Awesomehp.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Roaming\awesomehp\images\unchecked.png (PUP.Optional.Awesomehp.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\install.data (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\BHOEnabler.exe (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\uninstall.exe (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\indexIE.html (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\indexIE8.html (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\style.css (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\ver.txt (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\default_logo.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\icon128.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\icon16.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\icon48.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\loading.gif (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\0.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\1.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\10.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\11.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\12.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\13.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\14.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\15.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\16.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\17.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\18.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\19.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\2.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\20.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\21.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\22.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\23.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\24.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\25.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\26.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\27.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\28.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\29.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\3.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\30.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\31.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\32.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\33.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\34.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\35.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\36.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\37.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\38.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\39.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\4.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\40.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\41.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\42.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\43.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\44.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\45.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\46.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\47.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\5.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\6.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\7.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\8.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\img\weather\9.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\js\background.js (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\js\ga.js (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\js\jquery-base.js (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\js\js.js (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\js\xagainit.js (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx (PUP.Optional.NewTab.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Wincert\win64cert.dll (PUP.Optional.Datamngr.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Wincert\win32prop.dll (PUP.Optional.Datamngr.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Wincert\win64prop.dll (PUP.Optional.Datamngr.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Datamngr\coordinator.cfg (PUP.Optional.Datamngr.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Datamngr\general.cfg (PUP.Optional.Datamngr.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Datamngr\S-1-5-21-4087598786-887918800-69336566-1001.cfg (PUP.Optional.Datamngr.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit\Re-markit154.exe (PUP.Optional.ReMarkit.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll (PUP.Optional.MoviesToolbar.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\Datamngr.dll (PUP.Optional.MoviesToolbar.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\del_DM_LL_nsr5C77.dll (PUP.Optional.MoviesToolbar.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\favicon.ico (PUP.Optional.MoviesToolbar.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\Helper.dll (PUP.Optional.MoviesToolbar.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\Internet Explorer Settings.exe (PUP.Optional.MoviesToolbar.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll (PUP.Optional.MoviesToolbar.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\Uninstall.exe (PUP.Optional.MoviesToolbar.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll (PUP.Optional.MoviesToolbar.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\Datamngr.dll (PUP.Optional.MoviesToolbar.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\del_DM_LL_nsr5C77.dll (PUP.Optional.MoviesToolbar.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\IEBHO.dll (PUP.Optional.MoviesToolbar.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\Internet Explorer Settings.exe (PUP.Optional.MoviesToolbar.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll (PUP.Optional.MoviesToolbar.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.
C:\Users\Thomas Pitten\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit\154.dat (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit\a.db (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit\b.db (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit\Re-markit154.bin (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit\Re-markit154.ini (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit\Re-markit_wd.exe (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit\ReMarkit_up.exe (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit\Uninstall.exe (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.

(Ende)

Und das von AdwCleaner:

Code:

ATTFilter

# AdwCleaner v3.020 - Bericht erstellt am 03/03/2014 um 11:31:57
# Aktualisiert 27/02/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Thomas Pitten - THOMASPITTEN-PC
# Gestartet von : C:\Users\Thomas Pitten\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : winzipersvc

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\ProgramData\Viewpoint
Ordner Gelöscht : C:\ProgramData\wincert
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Ordner Gelöscht : C:\Program Files (x86)\Movies Toolbar
Ordner Gelöscht : C:\Program Files (x86)\Search Results Toolbar
Ordner Gelöscht : C:\Program Files (x86)\Viewpoint
Ordner Gelöscht : C:\Program Files (x86)\WinZipper
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Plasmoo
Ordner Gelöscht : C:\Users\Thomas Pitten\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Thomas Pitten\AppData\Local\iLivid
Ordner Gelöscht : C:\Users\Thomas Pitten\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Thomas Pitten\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Thomas Pitten\AppData\LocalLow\facemoods.com
Ordner Gelöscht : C:\Users\Thomas Pitten\AppData\LocalLow\ilividtoolbarguid
Ordner Gelöscht : C:\Users\Thomas Pitten\AppData\LocalLow\searchresultstb
Ordner Gelöscht : C:\Users\Thomas Pitten\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Thomas Pitten\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Thomas Pitten\AppData\Roaming\WinZipper
Ordner Gelöscht : C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkndmigholgfjlniaohblojbhgjbkakn
Datei Gelöscht : C:\Users\Thomas Pitten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrchstonicde.xml

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Thomas Pitten\Desktop\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Thomas Pitten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Thomas Pitten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Thomas Pitten\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Thomas Pitten\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_jahreskalender-2012-fur-excel_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_jahreskalender-2012-fur-excel_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_myvirtualhome_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_myvirtualhome_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{0C58B7D1-D415-492B-A149-E976156BD3B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A8E5842E-102B-4289-9D57-3B3F5B5E15D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Schlüssel Gelöscht : HKCU\Software\APN DTX
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\ilividtoolbarguid
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ilividtoolbarguid
Schlüssel Gelöscht : HKLM\Software\delta-homesSoftware
Schlüssel Gelöscht : HKLM\Software\hdcode
Schlüssel Gelöscht : HKLM\Software\iLividSRTB
Schlüssel Gelöscht : HKLM\Software\MetaStream
Schlüssel Gelöscht : HKLM\Software\supTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\V9
Schlüssel Gelöscht : HKLM\Software\Viewpoint
Schlüssel Gelöscht : HKLM\Software\winzipersvc
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6DA399FC-350F-41AC-8CA6-B9F8496753BE}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilividtoolbarguid
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16518

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v33.0.1750.117

[ Datei : C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage
Gelöscht : search_url
Gelöscht : keyword

*************************

AdwCleaner[R0].txt - [13659 octets] - [03/03/2014 11:27:37]
AdwCleaner[S0].txt - [11677 octets] - [03/03/2014 11:31:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11738 octets] ##########

Und das von Junkware Removal:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Thomas Pitten on 03.03.2014 at 12:00:21,09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{847A0AF4-87A6-4375-BCB0-31ED5014D6B1}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Thomas Pitten\appdata\locallow\datamngr"
Successfully deleted: [Empty Folder] C:\Users\Thomas Pitten\appdata\local\{0194E156-DC20-425F-8ABD-C261C2F9F06D}
Successfully deleted: [Empty Folder] C:\Users\Thomas Pitten\appdata\local\{301C5D61-777D-4DDB-A0BE-C0C8385C0CA9}
Successfully deleted: [Empty Folder] C:\Users\Thomas Pitten\appdata\local\{304800BB-78E7-450C-AF5E-7C48DDFA1546}
Successfully deleted: [Empty Folder] C:\Users\Thomas Pitten\appdata\local\{8780417A-654D-4F51-B6E4-6A339921F8F5}
Successfully deleted: [Empty Folder] C:\Users\Thomas Pitten\appdata\local\{D0AAB0B7-E4DC-4FD6-8EAF-82DFCE70B675}
Successfully deleted: [Empty Folder] C:\Users\Thomas Pitten\appdata\local\{DE360972-EC8A-4EC0-9203-975F2CE83276}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.03.2014 at 12:29:40,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Und das frische FRST:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-03-2014
Ran by Thomas Pitten (administrator) on THOMASPITTEN-PC on 03-03-2014 14:08:31
Running from C:\Users\Thomas Pitten\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
(AMD) C:\Windows\system32\atieclxx.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(AOL LLC) C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(HP) C:\Windows\system32\HPSIsvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AxoNet Software GmbH) C:\Program Files\Windows Server\bin\LightsOutClientService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
() C:\Windows\SysWOW64\scNKService_s.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WhsMcClient.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WSConnectorUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\LANConfigSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\Microsoft.HomeServer.Archive.TransferService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\Launchpad.exe
(深圳市普联技术有限公司) C:\Program Files (x86)\TP-LINK\MFP and Storage Server\MFP and Storage Server.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(AxoNet Software GmbH) C:\Program Files\Windows Server\Bin\LightsOutClientGui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(ITE Tech. Inc.) C:\Windows\system32\IRMonitor.exe
(Logitech, Inc.) C:\Program Files\SetPoint\SetPoint.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\SetPoint\x86\SetPoint32.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-03-17] (Synaptics Incorporated)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-02-03] (Dell Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [Launchpad] - C:\Program Files\Windows Server\Bin\Launchpad.exe [1099360 2012-11-02] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-06-08] (Intel Corporation)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] - C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Launcher] - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-12] (Softthinks)
HKU\S-1-5-21-4087598786-887918800-69336566-1001\...\Run: [MFP and Storage Server] - C:\Program Files (x86)\TP-LINK\MFP and Storage Server\MFP and Storage Server.exe [2076672 2013-07-12] (深圳市普联技术有限公司)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Thomas Pitten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} -  No File
DPF: HKLM {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM {B1953AD6-C50E-11D3-B020-00A0C9251384} hxxp://www.o2c.de/download/o2cplayer.cab
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{3D6708A6-EEDE-4F35-B2BC-9071B9D506A4}: [NameServer] 
Tcpip\..\Interfaces\{AFE0B683-5104-42AC-BC52-6085E81B88B5}: [NameServer]10.74.210.210 10.74.210.211

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: delta-homes
CHR DefaultSearchURL: hxxp://www.google.com
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-29]
CHR Extension: (Google Drive) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-29]
CHR Extension: (YouTube) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-29]
CHR Extension: (Google-Suche) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-29]
CHR Extension: (Norton Identity Protection) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-11-29]
CHR Extension: (Google Wallet) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-29]
CHR Extension: (Extended Protection) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-26]
CHR Extension: (Google Mail) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-29]
CHR Extension: (Lightning speedDial) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkndmigholgfjlniaohblojbhgjbkakn [2014-02-19]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\Exts\Chrome.crx [2014-02-03]
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26]

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 HealthAlertsSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 initMonitor; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2011-06-17] ()
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] ()
R2 LoClntService; C:\Program Files\Windows Server\bin\LightsOutClientService.exe [21152 2013-06-19] (AxoNet Software GmbH)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 NotificationsProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 providers_system; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 scNKService_S; C:\Windows\SysWOW64\scNKService_s.exe [172032 2007-10-24] ()
R2 ServiceProviderRegistry; C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe [41568 2012-11-02] (Microsoft Corporation)
R2 SqmProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5088256 2010-02-03] (Dell Inc.)
R2 WSS_ComputerBackupProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-02-23] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-02-23] (Symantec Corporation)
R3 EST_BusEnum; C:\Windows\System32\DRIVERS\GenBus.sys [29696 2009-10-06] ( )
R3 hpnuhst; C:\Windows\System32\DRIVERS\hpnuhst.sys [16384 2007-03-27] (Hewlett-Packard Development Company)
R3 HPNUHUB; C:\Windows\System32\DRIVERS\hpnuhub.sys [40448 2007-10-30] (Hewlett-Packard Development Company)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-23] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20140228.002\IDSvia64.sys [521944 2014-02-12] (Symantec Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2011-10-15] (ITE                      )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-03-06] (Marvell Semiconductor, Inc.)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20140302.024\ENG64.SYS [126040 2014-02-23] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20140302.024\EX64.SYS [2099288 2014-02-23] (Symantec Corporation)
R3 NUServer64; C:\Windows\System32\DRIVERS\NUServer64.sys [254464 2011-10-27] (Elite Silicon Technology Inc.)
R3 NUS_Bus64; C:\Windows\System32\DRIVERS\NUS_Bus64.sys [34816 2011-10-14] (Elite Silicon Technology Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\0604010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\0604010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMDS64.SYS [451192 2011-08-15] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-06-28] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [43640 2011-11-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS [190072 2011-11-16] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS [405624 2011-11-16] (Symantec Corporation)
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 usbser; C:\Windows\SysWOW64\DRIVERS\usbser.sys [24192 2005-02-02] (Microsoft Corporation)
S3 XHASP; c:\windows\SysWOW64\drivers\XHASP.sys [259584 2010-12-20] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-03 14:08 - 2014-03-03 14:08 - 00000000 ____D () C:\Users\Thomas Pitten\Desktop\FRST-OlderVersion
2014-03-03 12:29 - 2014-03-03 12:29 - 00001549 _____ () C:\Users\Thomas Pitten\Desktop\JRT.txt
2014-03-03 12:00 - 2014-03-03 12:00 - 00000000 ____D () C:\Windows\ERUNT
2014-03-03 11:58 - 2014-03-03 11:58 - 01037734 _____ (Thisisu) C:\Users\Thomas Pitten\Desktop\JRT.exe
2014-03-03 11:56 - 2014-03-03 11:56 - 00011871 _____ () C:\Users\Thomas Pitten\Desktop\AdwCleaner[S0].txt
2014-03-03 11:27 - 2014-03-03 11:32 - 00000000 ____D () C:\AdwCleaner
2014-03-03 11:23 - 2014-03-03 11:23 - 01244192 _____ () C:\Users\Thomas Pitten\Desktop\adwcleaner.exe
2014-03-03 11:13 - 2014-03-03 11:13 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-03-02 21:34 - 2014-03-02 21:34 - 00001067 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-02 21:34 - 2014-03-02 21:34 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\Malwarebytes
2014-03-02 21:34 - 2014-03-02 21:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 21:34 - 2014-03-02 21:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-02 21:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-02 21:32 - 2014-03-02 21:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Thomas Pitten\Desktop\mbam-setup-1.75.0.1300.exe
2014-03-01 08:57 - 2014-03-01 08:57 - 00082408 _____ () C:\ComboFix.txt
2014-02-28 23:13 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-28 23:13 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-28 23:13 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-28 23:13 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-28 23:13 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-28 23:13 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-28 23:13 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-28 23:13 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-28 23:10 - 2014-03-01 08:57 - 00000000 ____D () C:\Qoobox
2014-02-28 23:10 - 2014-03-01 08:52 - 00000000 ____D () C:\Windows\erdnt
2014-02-28 23:07 - 2014-02-28 23:07 - 05185084 ____R (Swearware) C:\Users\Thomas Pitten\Desktop\ComboFix.exe
2014-02-28 16:09 - 2014-02-28 16:10 - 00609928 _____ () C:\Windows\Minidump\022814-179042-01.dmp
2014-02-27 15:46 - 2014-02-27 15:46 - 00011291 _____ () C:\Users\Thomas Pitten\Desktop\gmer.log
2014-02-27 15:08 - 2014-02-27 15:08 - 00380416 _____ () C:\Users\Thomas Pitten\Downloads\Gmer-19357.exe
2014-02-27 15:08 - 2014-02-27 15:08 - 00380416 _____ () C:\Users\Thomas Pitten\Desktop\Gmer-19357.exe
2014-02-27 15:01 - 2014-02-27 15:04 - 00058621 _____ () C:\Users\Thomas Pitten\Desktop\Addition.txt
2014-02-27 14:59 - 2014-03-03 14:08 - 00022243 _____ () C:\Users\Thomas Pitten\Desktop\FRST.txt
2014-02-27 14:59 - 2014-03-03 14:08 - 00000000 ____D () C:\FRST
2014-02-27 14:58 - 2014-03-03 14:08 - 02156544 _____ (Farbar) C:\Users\Thomas Pitten\Desktop\FRST64.exe
2014-02-27 14:56 - 2014-02-27 14:56 - 00000488 _____ () C:\Users\Thomas Pitten\Desktop\defogger_disable.log
2014-02-27 14:56 - 2014-02-27 14:56 - 00000000 _____ () C:\Users\Thomas Pitten\defogger_reenable
2014-02-27 14:55 - 2014-02-27 14:55 - 00050477 _____ () C:\Users\Thomas Pitten\Desktop\Defogger.exe
2014-02-27 09:07 - 2014-02-27 09:07 - 00116220 _____ () C:\Users\Thomas Pitten\Desktop\Extras.Txt
2014-02-27 09:03 - 2014-02-27 09:03 - 00219938 _____ () C:\Users\Thomas Pitten\Desktop\OTL.Txt
2014-02-26 07:36 - 2014-01-09 03:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-26 07:36 - 2014-01-03 23:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-23 21:56 - 2014-02-23 21:56 - 00602112 _____ (OldTimer Tools) C:\Users\Thomas Pitten\Desktop\OTL.exe
2014-02-23 13:08 - 2014-02-23 13:08 - 00000000 ____D () C:\N360_BACKUP
2014-02-23 12:48 - 2014-02-23 12:48 - 00002088 _____ () C:\Users\Public\Desktop\mylife SiDiary.lnk
2014-02-22 21:33 - 2014-02-24 23:04 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\MFP and Storage Server
2014-02-22 21:24 - 2014-02-22 21:25 - 00275576 _____ () C:\Windows\Minidump\022214-198183-01.dmp
2014-02-22 20:51 - 2014-02-22 20:51 - 00002791 _____ () C:\Users\Public\Desktop\Launch MFP and Storage Server.exe.lnk
2014-02-22 20:51 - 2014-02-22 20:51 - 00000000 ____D () C:\Program Files (x86)\TP-LINK
2014-02-19 20:57 - 2014-02-19 20:57 - 00000000 ____D () C:\ProgramData\kinoma
2014-02-19 20:15 - 2014-02-19 20:15 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\kinoma
2014-02-19 20:14 - 2014-02-19 20:14 - 00002027 _____ () C:\Users\Public\Desktop\Reader for PC.lnk
2014-02-19 20:14 - 2014-02-19 20:14 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\Sony Corporation
2014-02-19 20:14 - 2014-02-19 20:14 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-02-19 20:10 - 2014-02-19 20:10 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\Sony Corporation
2014-02-19 20:10 - 2014-02-19 20:10 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-02-19 19:35 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-02-19 19:35 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-02-19 19:35 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-02-19 19:35 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-02-19 19:35 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-02-19 19:35 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-02-19 19:35 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-02-19 19:35 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-02-19 19:35 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-02-19 19:35 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-02-19 19:35 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-02-19 19:35 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-02-19 19:35 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-02-19 19:35 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-02-19 19:35 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-02-19 19:35 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-02-19 19:32 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-02-19 19:32 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-02-19 16:20 - 2014-02-19 16:20 - 00003322 _____ () C:\Windows\System32\Tasks\{F6226160-7453-40E2-B70F-1513B03F594E}
2014-02-19 10:55 - 2014-02-19 10:56 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\cache
2014-02-19 10:55 - 2014-02-19 10:55 - 00000000 ____D () C:\Users\Thomas Pitten\.android
2014-02-19 10:55 - 2014-02-19 10:55 - 00000000 _____ () C:\Users\Thomas Pitten\daemonprocess.txt
2014-02-14 00:52 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 00:52 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 13:03 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 13:03 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 13:03 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 13:03 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 13:03 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 13:03 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 13:03 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 13:03 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 13:03 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 13:03 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 13:03 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 13:03 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 13:03 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 13:03 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 13:03 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 13:03 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 13:03 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 13:03 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 13:03 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 13:03 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 13:03 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 13:03 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 13:03 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 13:03 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 13:03 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 13:03 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 13:03 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 13:03 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 13:03 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 13:03 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 13:03 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 13:03 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 13:03 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 13:03 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 13:03 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 13:03 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 13:03 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 13:03 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 13:03 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 09:04 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 09:04 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 09:04 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 09:04 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 09:04 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 09:04 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 09:04 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 09:04 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 09:04 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 09:04 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 09:04 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 09:04 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 09:04 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 09:04 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 09:04 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 09:04 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 09:04 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 09:04 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 09:04 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 09:04 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 09:04 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 09:04 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 09:04 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 09:04 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 09:04 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 09:04 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 09:04 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 09:04 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-13 08:38 - 2014-02-13 08:39 - 00272568 _____ () C:\Windows\Minidump\021314-105191-01.dmp
2014-02-01 13:26 - 2014-02-01 14:08 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\SiDiary
2014-02-01 13:23 - 2014-02-01 13:23 - 00000000 ____D () C:\Program Files (x86)\SINOVO

==================== One Month Modified Files and Folders =======

2014-03-03 14:09 - 2014-02-27 14:59 - 00022243 _____ () C:\Users\Thomas Pitten\Desktop\FRST.txt
2014-03-03 14:08 - 2014-03-03 14:08 - 00000000 ____D () C:\Users\Thomas Pitten\Desktop\FRST-OlderVersion
2014-03-03 14:08 - 2014-02-27 14:59 - 00000000 ____D () C:\FRST
2014-03-03 14:08 - 2014-02-27 14:58 - 02156544 _____ (Farbar) C:\Users\Thomas Pitten\Desktop\FRST64.exe
2014-03-03 13:26 - 2012-08-19 20:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-03 13:20 - 2011-01-01 17:11 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-03 12:29 - 2014-03-03 12:29 - 00001549 _____ () C:\Users\Thomas Pitten\Desktop\JRT.txt
2014-03-03 12:19 - 2009-07-14 03:34 - 00000915 _____ () C:\Windows\win.ini
2014-03-03 12:00 - 2014-03-03 12:00 - 00000000 ____D () C:\Windows\ERUNT
2014-03-03 11:59 - 2011-01-05 17:02 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\CrashDumps
2014-03-03 11:58 - 2014-03-03 11:58 - 01037734 _____ (Thisisu) C:\Users\Thomas Pitten\Desktop\JRT.exe
2014-03-03 11:56 - 2014-03-03 11:56 - 00011871 _____ () C:\Users\Thomas Pitten\Desktop\AdwCleaner[S0].txt
2014-03-03 11:51 - 2013-01-13 11:53 - 00082050 _____ () C:\Windows\SysWOW64\scNKService_s.log
2014-03-03 11:51 - 2011-01-28 16:00 - 00000048 _____ () C:\monitor.log
2014-03-03 11:51 - 2011-01-01 17:11 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-03 11:51 - 2010-12-14 18:50 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\SoftThinks
2014-03-03 11:46 - 2009-07-14 05:45 - 00013664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-03 11:46 - 2009-07-14 05:45 - 00013664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-03 11:45 - 2010-12-05 02:27 - 01413198 _____ () C:\Windows\WindowsUpdate.log
2014-03-03 11:37 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-03 11:36 - 2009-07-14 05:51 - 03087143 _____ () C:\Windows\setupact.log
2014-03-03 11:32 - 2014-03-03 11:27 - 00000000 ____D () C:\AdwCleaner
2014-03-03 11:32 - 2013-11-29 22:23 - 00001236 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-03 11:32 - 2010-12-20 23:35 - 00000983 _____ () C:\Users\Thomas Pitten\Desktop\Internet Explorer.lnk
2014-03-03 11:32 - 2010-12-14 18:51 - 00001013 _____ () C:\Users\Thomas Pitten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-03 11:23 - 2014-03-03 11:23 - 01244192 _____ () C:\Users\Thomas Pitten\Desktop\adwcleaner.exe
2014-03-03 11:13 - 2014-03-03 11:13 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-03-03 11:13 - 2014-01-30 20:55 - 00000000 ____D () C:\ProgramData\LightsOut
2014-03-02 22:08 - 2010-12-05 03:27 - 00529798 _____ () C:\Windows\PFRO.log
2014-03-02 21:34 - 2014-03-02 21:34 - 00001067 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-02 21:34 - 2014-03-02 21:34 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\Malwarebytes
2014-03-02 21:34 - 2014-03-02 21:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 21:34 - 2014-03-02 21:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-02 21:32 - 2014-03-02 21:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Thomas Pitten\Desktop\mbam-setup-1.75.0.1300.exe
2014-03-01 08:57 - 2014-03-01 08:57 - 00082408 _____ () C:\ComboFix.txt
2014-03-01 08:57 - 2014-02-28 23:10 - 00000000 ____D () C:\Qoobox
2014-03-01 08:57 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-03-01 08:52 - 2014-02-28 23:10 - 00000000 ____D () C:\Windows\erdnt
2014-03-01 08:49 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-01 00:32 - 2009-07-14 03:34 - 93847552 _____ () C:\Windows\system32\config\software.bak
2014-03-01 00:32 - 2009-07-14 03:34 - 30670848 _____ () C:\Windows\system32\config\system.bak
2014-03-01 00:32 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\default.bak
2014-03-01 00:32 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-03-01 00:32 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2014-03-01 00:30 - 2010-12-14 18:45 - 00000000 ____D () C:\Users\Thomas Pitten
2014-02-28 23:07 - 2014-02-28 23:07 - 05185084 ____R (Swearware) C:\Users\Thomas Pitten\Desktop\ComboFix.exe
2014-02-28 16:10 - 2014-02-28 16:09 - 00609928 _____ () C:\Windows\Minidump\022814-179042-01.dmp
2014-02-28 16:09 - 2011-08-17 15:28 - 00000000 ____D () C:\Windows\Minidump
2014-02-28 16:08 - 2011-08-17 15:27 - 670209494 _____ () C:\Windows\MEMORY.DMP
2014-02-27 15:46 - 2014-02-27 15:46 - 00011291 _____ () C:\Users\Thomas Pitten\Desktop\gmer.log
2014-02-27 15:08 - 2014-02-27 15:08 - 00380416 _____ () C:\Users\Thomas Pitten\Downloads\Gmer-19357.exe
2014-02-27 15:08 - 2014-02-27 15:08 - 00380416 _____ () C:\Users\Thomas Pitten\Desktop\Gmer-19357.exe
2014-02-27 15:04 - 2014-02-27 15:01 - 00058621 _____ () C:\Users\Thomas Pitten\Desktop\Addition.txt
2014-02-27 14:56 - 2014-02-27 14:56 - 00000488 _____ () C:\Users\Thomas Pitten\Desktop\defogger_disable.log
2014-02-27 14:56 - 2014-02-27 14:56 - 00000000 _____ () C:\Users\Thomas Pitten\defogger_reenable
2014-02-27 14:55 - 2014-02-27 14:55 - 00050477 _____ () C:\Users\Thomas Pitten\Desktop\Defogger.exe
2014-02-27 09:07 - 2014-02-27 09:07 - 00116220 _____ () C:\Users\Thomas Pitten\Desktop\Extras.Txt
2014-02-27 09:03 - 2014-02-27 09:03 - 00219938 _____ () C:\Users\Thomas Pitten\Desktop\OTL.Txt
2014-02-26 11:34 - 2011-02-19 22:03 - 00421008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2014-02-26 11:34 - 2011-02-18 23:40 - 00773776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2014-02-26 09:37 - 2011-11-16 12:10 - 00000000 ____D () C:\Users\Thomas Pitten\Documents\Astrid
2014-02-24 23:04 - 2014-02-22 21:33 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\MFP and Storage Server
2014-02-24 08:59 - 2011-06-22 14:35 - 00000000 ____D () C:\Users\Thomas Pitten\Documents\Neuer Scan
2014-02-23 21:56 - 2014-02-23 21:56 - 00602112 _____ (OldTimer Tools) C:\Users\Thomas Pitten\Desktop\OTL.exe
2014-02-23 20:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-23 16:09 - 2010-12-05 04:15 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-02-23 16:09 - 2010-12-05 04:15 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-02-23 16:09 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-23 13:08 - 2014-02-23 13:08 - 00000000 ____D () C:\N360_BACKUP
2014-02-23 12:48 - 2014-02-23 12:48 - 00002088 _____ () C:\Users\Public\Desktop\mylife SiDiary.lnk
2014-02-22 21:25 - 2014-02-22 21:24 - 00275576 _____ () C:\Windows\Minidump\022214-198183-01.dmp
2014-02-22 20:51 - 2014-02-22 20:51 - 00002791 _____ () C:\Users\Public\Desktop\Launch MFP and Storage Server.exe.lnk
2014-02-22 20:51 - 2014-02-22 20:51 - 00000000 ____D () C:\Program Files (x86)\TP-LINK
2014-02-22 20:51 - 2010-12-05 03:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-22 11:49 - 2010-12-05 03:34 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-02-21 22:57 - 2010-12-16 16:43 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\Skype
2014-02-20 21:32 - 2012-08-19 20:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 21:32 - 2012-04-01 20:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-20 21:32 - 2011-06-11 12:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-19 21:43 - 2009-07-14 05:45 - 00420608 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-19 20:57 - 2014-02-19 20:57 - 00000000 ____D () C:\ProgramData\kinoma
2014-02-19 20:25 - 2013-08-27 23:17 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\LumacDaemon
2014-02-19 20:25 - 2010-12-14 18:45 - 00111496 _____ () C:\Users\Thomas Pitten\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-19 20:15 - 2014-02-19 20:15 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\kinoma
2014-02-19 20:14 - 2014-02-19 20:14 - 00002027 _____ () C:\Users\Public\Desktop\Reader for PC.lnk
2014-02-19 20:14 - 2014-02-19 20:14 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\Sony Corporation
2014-02-19 20:14 - 2014-02-19 20:14 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-02-19 20:10 - 2014-02-19 20:10 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\Sony Corporation
2014-02-19 20:10 - 2014-02-19 20:10 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-02-19 19:35 - 2010-12-05 03:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-19 19:35 - 2010-12-05 03:28 - 00000000 ____D () C:\ProgramData\Skype
2014-02-19 16:20 - 2014-02-19 16:20 - 00003322 _____ () C:\Windows\System32\Tasks\{F6226160-7453-40E2-B70F-1513B03F594E}
2014-02-19 10:56 - 2014-02-19 10:55 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\cache
2014-02-19 10:55 - 2014-02-19 10:55 - 00000000 ____D () C:\Users\Thomas Pitten\.android
2014-02-19 10:55 - 2014-02-19 10:55 - 00000000 _____ () C:\Users\Thomas Pitten\daemonprocess.txt
2014-02-18 23:13 - 2013-08-16 13:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-18 23:00 - 2010-12-17 20:50 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-18 19:38 - 2012-02-24 05:26 - 00000000 ____D () C:\Users\Thomas Pitten\Documents\Bau Dokumente
2014-02-13 19:15 - 2011-01-01 17:11 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-13 19:15 - 2011-01-01 17:11 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-13 15:13 - 2013-01-13 11:55 - 00000000 ____D () C:\Program Files (x86)\HP Wireless Printer Adapter
2014-02-13 15:13 - 2012-10-20 19:52 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\mylife diabass pdmprint
2014-02-13 15:13 - 2011-12-31 13:00 - 00000000 ____D () C:\ProgramData\Netzmanager
2014-02-13 15:13 - 2010-12-21 10:40 - 00000000 ____D () C:\ProgramData\Norton
2014-02-13 15:13 - 2010-12-05 02:50 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-02-13 15:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-13 15:10 - 2013-11-26 21:57 - 00000000 ____D () C:\Program Files (x86)\T-Mobile
2014-02-13 13:39 - 2010-12-30 18:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-13 13:24 - 2010-12-21 12:56 - 01594964 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-13 08:39 - 2014-02-13 08:38 - 00272568 _____ () C:\Windows\Minidump\021314-105191-01.dmp
2014-02-06 13:16 - 2014-02-13 13:03 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-13 13:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-13 13:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-13 13:03 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-13 13:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-13 13:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-13 13:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-13 13:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-13 13:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-13 13:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-13 13:03 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-13 13:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-13 13:03 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-13 13:03 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-13 13:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-13 13:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-13 13:03 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-13 13:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-13 13:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 13:03 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-13 13:03 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-13 13:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 13:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-13 13:03 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-13 13:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-13 13:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-13 13:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-13 13:03 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-13 13:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-13 13:03 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-13 13:03 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-13 13:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 13:03 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 13:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-13 13:03 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-13 13:03 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-13 13:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-13 13:03 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-13 13:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 12:49 - 2014-01-08 22:58 - 00000000 ____D () C:\Users\Thomas Pitten\Documents\FaSi
2014-02-01 14:08 - 2014-02-01 13:26 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\SiDiary
2014-02-01 13:23 - 2014-02-01 13:23 - 00000000 ____D () C:\Program Files (x86)\SINOVO
2014-02-01 13:20 - 2010-12-16 17:54 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-02-01 13:05 - 2009-03-18 13:05 - 00000000 ____D () C:\Users\Thomas Pitten\Documents\Diabetes

Some content of TEMP:
====================
C:\Users\Thomas Pitten\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-01-16 21:25

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 04.03.2014, 11:33

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

ThomasPitten · 05.03.2014, 10:45

Hallo,
ja vielen Dank, läuft wieder einwandfrei. Hätte sonst voll den Anfall bekommen, so kann man ja nicht surfen.

Gruß, Thomas

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.79  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Norton 360 Online   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 51  
  Adobe Flash Player 12.0.0.70 Flash Player out of Date!  
 Adobe Reader 10.1.9 Adobe Reader out of Date!  
 Google Chrome 33.0.1750.117  
 Google Chrome 33.0.1750.146  
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 OnlineUpdate ouc.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-03-2014
Ran by Thomas Pitten (administrator) on THOMASPITTEN-PC on 05-03-2014 10:08:34
Running from C:\Users\Thomas Pitten\Desktop\PC Clean
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(HP) C:\Windows\system32\HPSIsvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
() C:\ProgramData\OnlineUpdate\ouc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AxoNet Software GmbH) C:\Program Files\Windows Server\bin\LightsOutClientService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
() C:\Windows\SysWOW64\scNKService_s.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WhsMcClient.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WSConnectorUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\LANConfigSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\Launchpad.exe
(深圳市普联技术有限公司) C:\Program Files (x86)\TP-LINK\MFP and Storage Server\MFP and Storage Server.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AxoNet Software GmbH) C:\Program Files\Windows Server\Bin\LightsOutClientGui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Logitech, Inc.) C:\Program Files\SetPoint\SetPoint.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
() C:\Program Files\SetPoint\x86\SetPoint32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\Microsoft.HomeServer.Archive.TransferService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_70_ActiveX.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-03-17] (Synaptics Incorporated)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-02-03] (Dell Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [Launchpad] - C:\Program Files\Windows Server\Bin\Launchpad.exe [1099360 2012-11-02] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-06-08] (Intel Corporation)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] - C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Launcher] - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-12] (Softthinks)
HKU\S-1-5-21-4087598786-887918800-69336566-1001\...\Run: [MFP and Storage Server] - C:\Program Files (x86)\TP-LINK\MFP and Storage Server\MFP and Storage Server.exe [2076672 2013-07-12] (深圳市普联技术有限公司)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Thomas Pitten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} -  No File
DPF: HKLM {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM {B1953AD6-C50E-11D3-B020-00A0C9251384} hxxp://www.o2c.de/download/o2cplayer.cab
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{3D6708A6-EEDE-4F35-B2BC-9071B9D506A4}: [NameServer] 
Tcpip\..\Interfaces\{AFE0B683-5104-42AC-BC52-6085E81B88B5}: [NameServer]10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{DE52DE9D-7E11-467F-AB83-6531C0520361}: [NameServer]192.168.1.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: delta-homes
CHR DefaultSearchURL: hxxp://www.google.com
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-29]
CHR Extension: (Google Drive) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-29]
CHR Extension: (YouTube) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-29]
CHR Extension: (Google-Suche) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-29]
CHR Extension: (Norton Identity Protection) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-11-29]
CHR Extension: (Google Wallet) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-29]
CHR Extension: (Extended Protection) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-26]
CHR Extension: (Google Mail) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-29]
CHR Extension: (Lightning speedDial) - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkndmigholgfjlniaohblojbhgjbkakn [2014-02-19]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\Exts\Chrome.crx [2014-02-03]
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\Thomas Pitten\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26]

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 HealthAlertsSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 initMonitor; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2011-06-17] ()
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] ()
R2 LoClntService; C:\Program Files\Windows Server\bin\LightsOutClientService.exe [21152 2013-06-19] (AxoNet Software GmbH)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 NotificationsProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 providers_system; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 scNKService_S; C:\Windows\SysWOW64\scNKService_s.exe [172032 2007-10-24] ()
R2 ServiceProviderRegistry; C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe [41568 2012-11-02] (Microsoft Corporation)
R2 SqmProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5088256 2010-02-03] (Dell Inc.)
R2 WSS_ComputerBackupProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-02-23] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-02-23] (Symantec Corporation)
R3 EST_BusEnum; C:\Windows\System32\DRIVERS\GenBus.sys [29696 2009-10-06] ( )
R3 hpnuhst; C:\Windows\System32\DRIVERS\hpnuhst.sys [16384 2007-03-27] (Hewlett-Packard Development Company)
R3 HPNUHUB; C:\Windows\System32\DRIVERS\hpnuhub.sys [40448 2007-10-30] (Hewlett-Packard Development Company)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-23] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20140303.001\IDSvia64.sys [521944 2014-02-12] (Symantec Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2011-10-15] (ITE                      )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-03-06] (Marvell Semiconductor, Inc.)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20140304.018\ENG64.SYS [126040 2014-02-23] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20140304.018\EX64.SYS [2099288 2014-02-23] (Symantec Corporation)
R3 NUServer64; C:\Windows\System32\DRIVERS\NUServer64.sys [254464 2011-10-27] (Elite Silicon Technology Inc.)
R3 NUS_Bus64; C:\Windows\System32\DRIVERS\NUS_Bus64.sys [34816 2011-10-14] (Elite Silicon Technology Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\0604010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\0604010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMDS64.SYS [451192 2011-08-15] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-06-28] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [43640 2011-11-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS [190072 2011-11-16] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS [405624 2011-11-16] (Symantec Corporation)
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 usbser; C:\Windows\SysWOW64\DRIVERS\usbser.sys [24192 2005-02-02] (Microsoft Corporation)
S3 XHASP; c:\windows\SysWOW64\drivers\XHASP.sys [259584 2010-12-20] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-05 10:06 - 2014-03-05 10:08 - 00000000 ____D () C:\Users\Thomas Pitten\Desktop\PC Clean
2014-03-04 16:31 - 2014-03-04 16:31 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-03 19:48 - 2014-03-03 19:48 - 00000002 _____ () C:\Windows\msoffice.ini
2014-03-03 12:00 - 2014-03-03 12:00 - 00000000 ____D () C:\Windows\ERUNT
2014-03-03 11:27 - 2014-03-03 11:32 - 00000000 ____D () C:\AdwCleaner
2014-03-03 11:13 - 2014-03-05 07:43 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-03-02 21:34 - 2014-03-02 21:34 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\Malwarebytes
2014-03-02 21:34 - 2014-03-02 21:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 21:34 - 2014-03-02 21:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-02 21:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-01 08:57 - 2014-03-01 08:57 - 00082408 _____ () C:\ComboFix.txt
2014-02-28 23:13 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-28 23:13 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-28 23:13 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-28 23:13 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-28 23:13 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-28 23:13 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-28 23:13 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-28 23:13 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-28 23:10 - 2014-03-01 08:57 - 00000000 ____D () C:\Qoobox
2014-02-28 23:10 - 2014-03-01 08:52 - 00000000 ____D () C:\Windows\erdnt
2014-02-28 16:09 - 2014-02-28 16:10 - 00609928 _____ () C:\Windows\Minidump\022814-179042-01.dmp
2014-02-27 15:08 - 2014-02-27 15:08 - 00380416 _____ () C:\Users\Thomas Pitten\Downloads\Gmer-19357.exe
2014-02-27 14:59 - 2014-03-05 10:08 - 00000000 ____D () C:\FRST
2014-02-27 14:56 - 2014-02-27 14:56 - 00000000 _____ () C:\Users\Thomas Pitten\defogger_reenable
2014-02-26 07:36 - 2014-01-09 03:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-26 07:36 - 2014-01-03 23:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-23 13:08 - 2014-02-23 13:08 - 00000000 ____D () C:\N360_BACKUP
2014-02-23 12:48 - 2014-02-23 12:48 - 00002088 _____ () C:\Users\Public\Desktop\mylife SiDiary.lnk
2014-02-22 21:33 - 2014-02-24 23:04 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\MFP and Storage Server
2014-02-22 21:24 - 2014-02-22 21:25 - 00275576 _____ () C:\Windows\Minidump\022214-198183-01.dmp
2014-02-22 20:51 - 2014-02-22 20:51 - 00002791 _____ () C:\Users\Public\Desktop\Launch MFP and Storage Server.exe.lnk
2014-02-22 20:51 - 2014-02-22 20:51 - 00000000 ____D () C:\Program Files (x86)\TP-LINK
2014-02-19 20:57 - 2014-02-19 20:57 - 00000000 ____D () C:\ProgramData\kinoma
2014-02-19 20:15 - 2014-02-19 20:15 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\kinoma
2014-02-19 20:14 - 2014-02-19 20:14 - 00002027 _____ () C:\Users\Public\Desktop\Reader for PC.lnk
2014-02-19 20:14 - 2014-02-19 20:14 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\Sony Corporation
2014-02-19 20:14 - 2014-02-19 20:14 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-02-19 20:10 - 2014-02-19 20:10 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\Sony Corporation
2014-02-19 20:10 - 2014-02-19 20:10 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-02-19 19:35 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-02-19 19:35 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-02-19 19:35 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-02-19 19:35 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-02-19 19:35 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-02-19 19:35 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-02-19 19:35 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-02-19 19:35 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-02-19 19:35 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-02-19 19:35 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-02-19 19:35 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-02-19 19:35 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-02-19 19:35 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-02-19 19:35 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-02-19 19:35 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-02-19 19:35 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-02-19 19:32 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-02-19 19:32 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-02-19 16:20 - 2014-02-19 16:20 - 00003322 _____ () C:\Windows\System32\Tasks\{F6226160-7453-40E2-B70F-1513B03F594E}
2014-02-19 10:55 - 2014-02-19 10:56 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\cache
2014-02-19 10:55 - 2014-02-19 10:55 - 00000000 ____D () C:\Users\Thomas Pitten\.android
2014-02-19 10:55 - 2014-02-19 10:55 - 00000000 _____ () C:\Users\Thomas Pitten\daemonprocess.txt
2014-02-14 00:52 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 00:52 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 13:03 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 13:03 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 13:03 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 13:03 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 13:03 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 13:03 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 13:03 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 13:03 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 13:03 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 13:03 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 13:03 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 13:03 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 13:03 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 13:03 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 13:03 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 13:03 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 13:03 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 13:03 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 13:03 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 13:03 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 13:03 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 13:03 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 13:03 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 13:03 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 13:03 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 13:03 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 13:03 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 13:03 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 13:03 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 13:03 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 13:03 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 13:03 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 13:03 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 13:03 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 13:03 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 13:03 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 13:03 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 13:03 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 13:03 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 09:04 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 09:04 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 09:04 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 09:04 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 09:04 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 09:04 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 09:04 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 09:04 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 09:04 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 09:04 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 09:04 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 09:04 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 09:04 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 09:04 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 09:04 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 09:04 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 09:04 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 09:04 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 09:04 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 09:04 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 09:04 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 09:04 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 09:04 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 09:04 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 09:04 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 09:04 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 09:04 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 09:04 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-13 08:38 - 2014-02-13 08:39 - 00272568 _____ () C:\Windows\Minidump\021314-105191-01.dmp

==================== One Month Modified Files and Folders =======

2014-03-05 10:08 - 2014-03-05 10:06 - 00000000 ____D () C:\Users\Thomas Pitten\Desktop\PC Clean
2014-03-05 10:08 - 2014-02-27 14:59 - 00000000 ____D () C:\FRST
2014-03-05 09:29 - 2009-07-14 05:51 - 03094889 _____ () C:\Windows\setupact.log
2014-03-05 09:29 - 2009-07-14 03:34 - 00000795 _____ () C:\Windows\win.ini
2014-03-05 09:26 - 2012-08-19 20:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-05 09:20 - 2011-01-01 17:11 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-05 08:57 - 2011-01-05 17:02 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\CrashDumps
2014-03-05 08:26 - 2010-12-05 02:27 - 01538321 _____ () C:\Windows\WindowsUpdate.log
2014-03-05 07:43 - 2014-03-03 11:13 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-03-05 00:00 - 2014-01-30 20:55 - 00000000 ____D () C:\ProgramData\LightsOut
2014-03-04 22:28 - 2010-12-16 16:43 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\Skype
2014-03-04 22:15 - 2009-07-14 05:45 - 00013664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-04 22:15 - 2009-07-14 05:45 - 00013664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-04 22:07 - 2013-01-13 11:53 - 00083943 _____ () C:\Windows\SysWOW64\scNKService_s.log
2014-03-04 22:06 - 2010-12-14 18:50 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\SoftThinks
2014-03-04 22:05 - 2013-12-24 12:26 - 00000000 ____D () C:\ProgramData\OnlineUpdate
2014-03-04 22:05 - 2011-01-01 17:11 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-04 22:04 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-04 21:44 - 2011-01-28 16:00 - 00000098 _____ () C:\monitor.log
2014-03-04 16:31 - 2014-03-04 16:31 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-04 16:31 - 2010-12-05 04:15 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-03-04 16:31 - 2010-12-05 04:15 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-03-04 16:31 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-04 08:44 - 2013-11-29 22:23 - 00002137 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-03 21:19 - 2006-11-13 18:54 - 00000000 ____D () C:\Users\Thomas Pitten\Documents\Excel-Dokumente
2014-03-03 20:05 - 2010-12-05 03:27 - 00534530 _____ () C:\Windows\PFRO.log
2014-03-03 20:02 - 2010-12-16 15:59 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\AOL
2014-03-03 19:51 - 2010-12-16 15:58 - 00000000 ____D () C:\Program Files (x86)\AOL
2014-03-03 19:49 - 2010-12-16 16:00 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\AOL
2014-03-03 19:48 - 2014-03-03 19:48 - 00000002 _____ () C:\Windows\msoffice.ini
2014-03-03 12:00 - 2014-03-03 12:00 - 00000000 ____D () C:\Windows\ERUNT
2014-03-03 11:32 - 2014-03-03 11:27 - 00000000 ____D () C:\AdwCleaner
2014-03-03 11:32 - 2010-12-20 23:35 - 00000983 _____ () C:\Users\Thomas Pitten\Desktop\Internet Explorer.lnk
2014-03-03 11:32 - 2010-12-14 18:51 - 00001013 _____ () C:\Users\Thomas Pitten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-02 21:34 - 2014-03-02 21:34 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\Malwarebytes
2014-03-02 21:34 - 2014-03-02 21:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 21:34 - 2014-03-02 21:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-01 08:57 - 2014-03-01 08:57 - 00082408 _____ () C:\ComboFix.txt
2014-03-01 08:57 - 2014-02-28 23:10 - 00000000 ____D () C:\Qoobox
2014-03-01 08:57 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-03-01 08:52 - 2014-02-28 23:10 - 00000000 ____D () C:\Windows\erdnt
2014-03-01 08:49 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-01 00:32 - 2009-07-14 03:34 - 93847552 _____ () C:\Windows\system32\config\software.bak
2014-03-01 00:32 - 2009-07-14 03:34 - 30670848 _____ () C:\Windows\system32\config\system.bak
2014-03-01 00:32 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\default.bak
2014-03-01 00:32 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-03-01 00:32 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2014-03-01 00:30 - 2010-12-14 18:45 - 00000000 ____D () C:\Users\Thomas Pitten
2014-02-28 16:10 - 2014-02-28 16:09 - 00609928 _____ () C:\Windows\Minidump\022814-179042-01.dmp
2014-02-28 16:09 - 2011-08-17 15:28 - 00000000 ____D () C:\Windows\Minidump
2014-02-28 16:08 - 2011-08-17 15:27 - 670209494 _____ () C:\Windows\MEMORY.DMP
2014-02-27 15:08 - 2014-02-27 15:08 - 00380416 _____ () C:\Users\Thomas Pitten\Downloads\Gmer-19357.exe
2014-02-27 14:56 - 2014-02-27 14:56 - 00000000 _____ () C:\Users\Thomas Pitten\defogger_reenable
2014-02-26 11:34 - 2011-02-19 22:03 - 00421008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2014-02-26 11:34 - 2011-02-18 23:40 - 00773776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2014-02-26 09:37 - 2011-11-16 12:10 - 00000000 ____D () C:\Users\Thomas Pitten\Documents\Astrid
2014-02-24 23:04 - 2014-02-22 21:33 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\MFP and Storage Server
2014-02-24 08:59 - 2011-06-22 14:35 - 00000000 ____D () C:\Users\Thomas Pitten\Documents\Neuer Scan
2014-02-23 20:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-23 13:08 - 2014-02-23 13:08 - 00000000 ____D () C:\N360_BACKUP
2014-02-23 12:48 - 2014-02-23 12:48 - 00002088 _____ () C:\Users\Public\Desktop\mylife SiDiary.lnk
2014-02-22 21:25 - 2014-02-22 21:24 - 00275576 _____ () C:\Windows\Minidump\022214-198183-01.dmp
2014-02-22 20:51 - 2014-02-22 20:51 - 00002791 _____ () C:\Users\Public\Desktop\Launch MFP and Storage Server.exe.lnk
2014-02-22 20:51 - 2014-02-22 20:51 - 00000000 ____D () C:\Program Files (x86)\TP-LINK
2014-02-22 20:51 - 2010-12-05 03:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-22 11:49 - 2010-12-05 03:34 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-02-20 21:32 - 2012-08-19 20:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 21:32 - 2012-04-01 20:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-20 21:32 - 2011-06-11 12:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-19 21:43 - 2009-07-14 05:45 - 00420608 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-19 20:57 - 2014-02-19 20:57 - 00000000 ____D () C:\ProgramData\kinoma
2014-02-19 20:25 - 2013-08-27 23:17 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\LumacDaemon
2014-02-19 20:25 - 2010-12-14 18:45 - 00111496 _____ () C:\Users\Thomas Pitten\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-19 20:15 - 2014-02-19 20:15 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\kinoma
2014-02-19 20:14 - 2014-02-19 20:14 - 00002027 _____ () C:\Users\Public\Desktop\Reader for PC.lnk
2014-02-19 20:14 - 2014-02-19 20:14 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\Sony Corporation
2014-02-19 20:14 - 2014-02-19 20:14 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-02-19 20:10 - 2014-02-19 20:10 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\Sony Corporation
2014-02-19 20:10 - 2014-02-19 20:10 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-02-19 19:35 - 2010-12-05 03:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-19 19:35 - 2010-12-05 03:28 - 00000000 ____D () C:\ProgramData\Skype
2014-02-19 16:20 - 2014-02-19 16:20 - 00003322 _____ () C:\Windows\System32\Tasks\{F6226160-7453-40E2-B70F-1513B03F594E}
2014-02-19 10:56 - 2014-02-19 10:55 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Local\cache
2014-02-19 10:55 - 2014-02-19 10:55 - 00000000 ____D () C:\Users\Thomas Pitten\.android
2014-02-19 10:55 - 2014-02-19 10:55 - 00000000 _____ () C:\Users\Thomas Pitten\daemonprocess.txt
2014-02-18 23:13 - 2013-08-16 13:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-18 23:00 - 2010-12-17 20:50 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-18 19:38 - 2012-02-24 05:26 - 00000000 ____D () C:\Users\Thomas Pitten\Documents\Bau Dokumente
2014-02-13 19:15 - 2011-01-01 17:11 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-13 19:15 - 2011-01-01 17:11 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-13 15:13 - 2013-01-13 11:55 - 00000000 ____D () C:\Program Files (x86)\HP Wireless Printer Adapter
2014-02-13 15:13 - 2012-10-20 19:52 - 00000000 ____D () C:\Users\Thomas Pitten\AppData\Roaming\mylife diabass pdmprint
2014-02-13 15:13 - 2011-12-31 13:00 - 00000000 ____D () C:\ProgramData\Netzmanager
2014-02-13 15:13 - 2010-12-21 10:40 - 00000000 ____D () C:\ProgramData\Norton
2014-02-13 15:13 - 2010-12-05 02:50 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-02-13 15:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-13 15:10 - 2013-11-26 21:57 - 00000000 ____D () C:\Program Files (x86)\T-Mobile
2014-02-13 13:39 - 2010-12-30 18:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-13 13:24 - 2010-12-21 12:56 - 01594964 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-13 08:39 - 2014-02-13 08:38 - 00272568 _____ () C:\Windows\Minidump\021314-105191-01.dmp
2014-02-06 13:16 - 2014-02-13 13:03 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-13 13:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-13 13:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-13 13:03 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-13 13:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-13 13:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-13 13:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-13 13:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-13 13:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-13 13:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-13 13:03 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-13 13:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-13 13:03 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-13 13:03 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-13 13:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-13 13:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-13 13:03 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-13 13:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-13 13:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 13:03 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-13 13:03 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-13 13:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 13:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-13 13:03 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-13 13:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-13 13:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-13 13:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-13 13:03 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-13 13:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-13 13:03 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-13 13:03 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-13 13:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 13:03 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 13:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-13 13:03 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-13 13:03 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-13 13:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-13 13:03 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-13 13:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 12:49 - 2014-01-08 22:58 - 00000000 ____D () C:\Users\Thomas Pitten\Documents\FaSi

Some content of TEMP:
====================
C:\Users\Thomas Pitten\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Thomas Pitten\AppData\Local\Temp\Quarantine.exe
C:\Users\Thomas Pitten\AppData\Local\Temp\uninst.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-01-16 21:25

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 06.03.2014, 09:47

Adobe updaten.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

ThomasPitten · 08.03.2014, 11:52

Hallo Schrauber,

alles erledigt. Rechner läuft wieder 1a.
Vielen Dank.

Gruß, Thomas

schrauber · 09.03.2014, 07:26

Gern Geschehen

09.03.2014, 07:26	#13
schrauber /// the machine /// TB-Ausbilder	Internet langsam, und viel Werbung Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Internet langsam, und viel Werbung

Plagegeister aller Art und deren Bekämpfung: Internet langsam, und viel Werbung