| |
| |||||||
Log-Analyse und Auswertung: WINDOWS 7, 64bit - Werbefenster poppen auf - ständige Aufforderung Java o.ä. Updates zu machenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
24.03.2014, 17:57
| #1 |
| |  WINDOWS 7, 64bit - Werbefenster poppen auf - ständige Aufforderung Java o.ä. Updates zu machen Hallo! Seit einiger Zeit werde ich mit Werbeanzeigen regelrecht zugebombt und im Text erscheinen einzelne Wörter doppelt grün unterstrichen. Beim Darüberfahren öffnen sich kleine Werbefenster. Sobald ich einen neuen Tab öffne geht ein leeres Fenster auf, welches mich zu interyield weiterleitet. Außerdem steht oft Ads by Buzzit da,obwohl ich Pop-ups eigentlich geblockt habe. Ich habe unter Systemsteuerung schon einiges entfernt, dass sich irgendwie am 26.02. scheinbar selbst installiert hat, aber es ist wohl doch nicht verschwunden! Was kann ich tun und warum zeigt Norton 360° nichts an? Muss ich da noch etwas an meinen Einstellungen ändern? Ich habe bei euch schon ein wenig geschnüffelt und mir FRST 64 runtergeladen. Hier ist das Ergebniß: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Sternschnuppe (administrator) on RUMPELKAMMER on 24-03-2014 17:47:48
Running from J:\Hörbücher
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Buzz-it-soft\Buzz-it_wd.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Buzz-it-soft\Buzz-it155.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
() C:\Program Files\IB Updater\ExtensionUpdaterService.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2011-12-23] (IDT, Inc.)
HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2011-12-23] (Hewlett-Packard )
HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [EPSON Stylus DX3800 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIACE.EXE [98304 2005-02-08] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291096 2011-12-05] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] - c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-12] (PDF Complete Inc)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-12] (Hewlett-Packard)
HKU\S-1-5-21-93671772-2379690000-1990322554-1000\...\Run: [IncrediMail] - C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [367168 2013-01-24] (IncrediMail, Ltd.)
HKU\S-1-5-21-93671772-2379690000-1990322554-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20588704 2013-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-93671772-2379690000-1990322554-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-93671772-2379690000-1990322554-1000\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\Sternschnuppe\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-93671772-2379690000-1990322554-1000\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-02-11] (AMD)
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3323878&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP62DA7751-F4DA-4708-8777-B94675373D37&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM - {975EC1F3-19EA-448A-A407-7B1A68C9F353} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {975EC1F3-19EA-448A-A407-7B1A68C9F353} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3323878&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP62DA7751-F4DA-4708-8777-B94675373D37&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3323878&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP62DA7751-F4DA-4708-8777-B94675373D37&q={searchTerms}&SSPV=
SearchScopes: HKCU - {45F761FE-B2E0-425E-8DD0-86E363068F44} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=^U3&apn_dtid=^YYYYYY^YY^DE&apn_uid=4C89A030-8D9D-4096-88DC-D487BD2CAA4E&apn_sauid=441A43D9-4F97-43BC-AD6E-B48845F5B0DA
SearchScopes: HKCU - {975EC1F3-19EA-448A-A407-7B1A68C9F353} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: IB Updater - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension64.dll ()
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: IB Updater - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll ()
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Ask.com
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll No File
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\1-hs-sceneto.undefined.undefined
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\amazonde-hrbuch-shop-bcher.xml
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\chefkochde.xml
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\holidaycheck.xml
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\hs-sceneto.undefined.undefined
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\weltbildde--.xml
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\youtube-videosuche.undefined.undefined
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\youtube.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\youtubeunblocker@unblocker.yt [2014-03-21]
FF Extension: Forecastfox - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2012-12-03]
FF Extension: Add to Search Bar - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\add-to-searchbox@maltekraus.de.xpi [2012-12-03]
FF Extension: MEGA - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\firefox@mega.co.nz.xpi [2014-01-16]
FF Extension: Facebook Blocker - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\info@skymeissner.com.xpi [2013-07-29]
FF Extension: Personas Plus - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\personas@christopher.beard.xpi [2012-12-03]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-03-21]
FF Extension: Adblock Plus - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-03]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF Extension: IB Updater - C:\Program Files\IB Updater\Firefox [2012-12-03]
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF Extension: IB Updater - C:\Program Files\IB Updater\Firefox [2012-12-03]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF [2013-10-09]
FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
==================== Services (Whitelisted) =================
R2 Buzz-it; C:\Program Files (x86)\Buzz-it-soft\Buzz-it155.exe [192512 2014-02-26] ()
S2 CLKMSVC10_38F51D56; c:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-02-25] (CyberLink)
R2 IB Updater; C:\Program Files\IB Updater\ExtensionUpdaterService.exe [188760 2012-11-20] ()
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)
==================== Drivers (Whitelisted) ====================
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2013-04-10] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-25] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20140321.001\IDSvia64.sys [524504 2014-03-06] (Symantec Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2013-04-10] ()
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20140324.001\ENG64.SYS [126040 2013-11-25] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20140324.001\EX64.SYS [2099288 2013-11-25] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-07-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-24 17:20 - 2014-03-24 17:47 - 00000000 ____D () C:\FRST
2014-03-23 14:01 - 2014-03-23 14:01 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\Islands5_realore_bigfishgames_de
2014-03-23 13:55 - 2014-03-23 13:55 - 00001159 _____ () C:\Users\Public\Desktop\Island Tribe 5.lnk
2014-03-23 13:47 - 2014-03-23 13:49 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\NPE
2014-03-15 14:06 - 2014-03-15 14:06 - 00001331 _____ () C:\Users\Sternschnuppe\Desktop\Minecraft CHEAT EDiTiON by BlackTBK.lnk
2014-03-13 15:48 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 15:48 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 15:48 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 15:48 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 15:48 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 15:48 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 15:48 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 15:48 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 15:48 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 15:48 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 15:48 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 15:48 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 15:48 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 15:48 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 15:48 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 15:48 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 15:48 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 15:48 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 15:48 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 15:48 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 15:48 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 15:48 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 15:48 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 15:48 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 15:48 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 15:48 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 15:48 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 15:48 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 15:48 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 15:48 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 15:48 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 15:48 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 15:48 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 15:48 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 15:48 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 15:48 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 15:48 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 15:48 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 15:48 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 15:48 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 15:48 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 15:48 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 15:48 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 15:48 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 15:47 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 15:47 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 15:47 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 15:47 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-01 14:06 - 2014-03-01 14:06 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\Program Files\iTunes
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\Program Files\iPod
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-26 19:57 - 2014-03-24 16:48 - 00000400 _____ () C:\Windows\Tasks\Buzz-it Update.job
2014-02-26 19:57 - 2014-03-24 16:48 - 00000394 _____ () C:\Windows\Tasks\Buzz-it_wd.job
2014-02-26 19:57 - 2014-03-04 21:28 - 00000000 ____D () C:\Program Files (x86)\Buzz-it-soft
2014-02-26 19:57 - 2014-02-26 19:57 - 00003064 _____ () C:\Windows\System32\Tasks\Buzz-it Update
2014-02-26 19:57 - 2014-02-26 19:57 - 00002998 _____ () C:\Windows\System32\Tasks\Buzz-it_wd
2014-02-26 19:55 - 2014-02-28 16:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-26 19:55 - 2014-02-26 21:09 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-26 19:54 - 2014-02-26 19:54 - 21703480 _____ (Mozilla) C:\Users\Sternschnuppe\Downloads\Firefox Setup 22.0.exe
2014-02-26 19:53 - 2014-02-16 17:56 - 00000426 _____ () C:\AVScanner.ini
2014-02-26 19:47 - 2014-03-24 16:48 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\newnext.me
2014-02-26 19:47 - 2014-02-26 19:57 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\VOPackage
2014-02-26 19:47 - 2014-02-26 19:51 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\Systweak
2014-02-26 19:47 - 2014-02-26 19:48 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\Mobogenie
2014-02-26 19:47 - 2014-02-26 19:48 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\Documents\Mobogenie
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\genienext
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\cache
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\.android
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 _____ () C:\Users\Sternschnuppe\daemonprocess.txt
2014-02-26 19:47 - 2013-08-22 18:36 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
==================== One Month Modified Files and Folders =======
2014-03-24 17:47 - 2014-03-24 17:20 - 00000000 ____D () C:\FRST
2014-03-24 17:13 - 2012-12-03 19:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-24 16:57 - 2012-12-03 19:05 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6DF3B6D9-F082-432F-BF4B-152FA2C45AA8}
2014-03-24 16:55 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-24 16:55 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-24 16:51 - 2013-07-02 13:24 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-24 16:51 - 2012-12-03 18:19 - 01714960 _____ () C:\Windows\WindowsUpdate.log
2014-03-24 16:48 - 2014-02-26 19:57 - 00000400 _____ () C:\Windows\Tasks\Buzz-it Update.job
2014-03-24 16:48 - 2014-02-26 19:57 - 00000394 _____ () C:\Windows\Tasks\Buzz-it_wd.job
2014-03-24 16:48 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\newnext.me
2014-03-24 16:48 - 2014-01-02 20:00 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-24 16:48 - 2013-07-02 13:24 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-24 16:48 - 2012-05-16 01:37 - 00000000 ____D () C:\ProgramData\PDFC
2014-03-24 16:47 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-24 16:47 - 2009-07-14 05:51 - 00122272 _____ () C:\Windows\setupact.log
2014-03-24 11:17 - 2014-02-10 11:17 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\FileAdvisor
2014-03-24 11:17 - 2014-02-09 11:17 - 00000000 ____D () C:\Program Files (x86)\File Type Advisor
2014-03-23 14:01 - 2014-03-23 14:01 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\Islands5_realore_bigfishgames_de
2014-03-23 13:55 - 2014-03-23 13:55 - 00001159 _____ () C:\Users\Public\Desktop\Island Tribe 5.lnk
2014-03-23 13:55 - 2012-12-04 10:08 - 00000000 ____D () C:\Program Files (x86)\Spiele
2014-03-23 13:49 - 2014-03-23 13:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\NPE
2014-03-23 13:48 - 2012-05-16 01:40 - 00000000 ____D () C:\ProgramData\Norton
2014-03-23 11:55 - 2012-05-16 01:05 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-03-23 11:55 - 2012-05-16 01:05 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-03-23 11:55 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-23 11:42 - 2010-11-21 04:47 - 00791058 _____ () C:\Windows\PFRO.log
2014-03-21 10:53 - 2012-12-05 16:13 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\vlc
2014-03-20 17:10 - 2012-12-03 22:00 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-03-20 13:27 - 2012-12-05 15:24 - 00003234 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForSternschnuppe
2014-03-20 13:27 - 2012-12-05 15:24 - 00000364 _____ () C:\Windows\Tasks\HPCeeScheduleForSternschnuppe.job
2014-03-19 15:08 - 2012-12-27 09:17 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-19 15:08 - 2012-12-05 15:23 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-18 12:20 - 2013-08-14 22:44 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 12:16 - 2012-12-03 19:11 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-16 15:52 - 2013-08-16 13:30 - 00043520 _____ () C:\Windows\SysWOW64\CmdLineExt03.dll
2014-03-15 14:07 - 2013-12-23 17:06 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\.minecraft
2014-03-15 14:06 - 2014-03-15 14:06 - 00001331 _____ () C:\Users\Sternschnuppe\Desktop\Minecraft CHEAT EDiTiON by BlackTBK.lnk
2014-03-14 12:45 - 2013-03-13 19:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 12:45 - 2013-03-13 19:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 12:45 - 2009-07-14 05:45 - 00435280 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 20:39 - 2014-01-09 22:18 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 20:13 - 2012-12-03 19:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 20:13 - 2012-12-03 19:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 20:13 - 2012-05-16 01:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-09 18:13 - 2014-02-02 16:47 - 00000336 _____ () C:\Users\Sternschnuppe\Desktop\KNeuNam.ini
2014-03-05 15:20 - 2012-12-04 10:34 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\CrashDumps
2014-03-05 12:43 - 2013-11-17 12:28 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-03-05 10:19 - 2013-11-16 12:25 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\Skype
2014-03-04 21:32 - 2013-11-16 12:25 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-04 21:32 - 2013-11-16 12:25 - 00000000 ____D () C:\ProgramData\Skype
2014-03-04 21:28 - 2014-02-26 19:57 - 00000000 ____D () C:\Program Files (x86)\Buzz-it-soft
2014-03-01 19:17 - 2011-02-11 18:15 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-01 14:06 - 2014-03-01 14:06 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\Program Files\iTunes
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\Program Files\iPod
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-01 07:05 - 2014-03-13 15:48 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-13 15:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-13 15:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-13 15:48 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-13 15:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-13 15:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-13 15:48 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-13 15:48 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-13 15:48 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-13 15:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-13 15:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-13 15:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-13 15:48 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-13 15:48 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-13 15:48 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-13 15:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-13 15:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-13 15:48 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-13 15:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-13 15:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 15:48 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-13 15:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 15:48 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-13 15:48 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-13 15:48 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-13 15:48 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-13 15:48 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-13 15:48 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-13 15:48 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-13 15:48 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-13 15:48 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 15:48 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 15:48 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 15:48 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 15:48 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 15:48 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 15:48 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 15:48 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 15:48 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 15:48 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 16:43 - 2014-02-26 19:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-26 21:09 - 2014-02-26 19:55 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-26 21:09 - 2014-02-14 18:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-26 19:57 - 2014-02-26 19:57 - 00003064 _____ () C:\Windows\System32\Tasks\Buzz-it Update
2014-02-26 19:57 - 2014-02-26 19:57 - 00002998 _____ () C:\Windows\System32\Tasks\Buzz-it_wd
2014-02-26 19:57 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\VOPackage
2014-02-26 19:54 - 2014-02-26 19:54 - 21703480 _____ (Mozilla) C:\Users\Sternschnuppe\Downloads\Firefox Setup 22.0.exe
2014-02-26 19:51 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\Systweak
2014-02-26 19:51 - 2012-12-03 19:05 - 00000000 ___RD () C:\Users\Sternschnuppe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-26 19:48 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\Mobogenie
2014-02-26 19:48 - 2014-02-26 19:47 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\Documents\Mobogenie
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\genienext
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\cache
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\.android
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 _____ () C:\Users\Sternschnuppe\daemonprocess.txt
2014-02-26 19:47 - 2012-12-03 18:20 - 00000000 ____D () C:\Users\Sternschnuppe
Some content of TEMP:
====================
C:\Users\Sternschnuppe\AppData\Local\Temp\uninstall.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-22 18:29
==================== End Of Log ============================
--- --- --- Ich hoffe, es hilft mir jemand. Vielen Dank schon mal. Geändert von hobbitine (24.03.2014 um 18:19 Uhr) |
| Themen zu WINDOWS 7, 64bit - Werbefenster poppen auf - ständige Aufforderung Java o.ä. Updates zu machen |
| canon, doppelt, entfernt, installiert, mobogenie, mobogenie entfernen, neue, nextlive, norton, norton 360°, pop-ups, pum.bad.proxy, pup.optional.buzzit.a, pup.optional.conduit.a, pup.optional.ibupdater, pup.optional.installcore.a, pup.optional.nextlive.a, pup.optional.pcperformer.a, pup.optional.searchprotect.a, pup.optional.sweetpacks.a, pup.optional.vbates, systemsteuerung, verschwunden, warum, wildtangent games, windows 7, ändern |
Baum-Darstellung