| |
| |||||||
Log-Analyse und Auswertung: AdWare-verseuchter PC - Hauptproblem: "MyPCBackup"Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
24.05.2014, 15:38
| #1 |
 |  AdWare-verseuchter PC - Hauptproblem: "MyPCBackup" Hallo zusammen! Mein PC ist adware-verseucht, obwohl ich eine aktuelle Version von Kaspersky Internet Security benutze. Ich versuche eine möglichst genaue Symptombeschreibung zu geben: - Es tauchen normale Werbe-Popups auf. - Es tauchen ständig Pop-ups auf: "Reminder - Your Computer Is Not Backed Up, Backup Your Files Online Today". Diese Pop-ups schalten sich auch über Vollbild-Anwendungen drüber und sehen so aus:  - Es tauchen auch solche Werbe-Popups auf, die kein neues Browser-Fenster/-Tab öffnen, sondern in das aktuelle Browser-Fenster eingegliedert werden. Die haben ein graues Kästchen zum Schließen; meist öffnet sich, wenn man das anklickt, aber trotzdem ein neuer Tab, z.B. zu "srv123.com". - Manchmal wählt mitten beim Browsen, während man auf einer Seite ist, der Browser plötzlich eine andere Seite an, ohne dass man irgendetwas Dahingehendes gemacht hätte. - Nun ganz aktuell dazugekommen: Scheinbar wahllos sind einzelne Wörter blau doppelt unterstrichen und wenn man mit dem Cursor darüberfährt, öffnet sich ein Fenster mit einem link, den man dann leicht aus Versehen anklickt. - Es scheint Probleme mit Java bzw. mit dem Browserbetrieb zu geben: Wenn ich mich auf meiner "Do-It-Yourself-Homepage" von 1&1 einloggen will, kann ich die nicht, wie üblich, im Browser editieren, es passiert dann einfach gar nichts. Wenn ich z.B. auf mediathek.zdf.de Videos gucken will, kann ich die nicht mehr auf Vollbild einstellen, was vorher immer ging. Natürlich habe ich auch schon die drei Schritte unternommen (defogger, FRST, GMER). 1. defogger: Ich benutze "VirtualCloneDrive", um mir ein virtuelles DVD-Laufwerk zu erstellen. Obwohl ich defogger benutzt habe, ist das immer noch da. Auch der Versuch, das manuell zu deaktivieren, schlug fehl; ebenso der Versuch, über den TaskManager die Anwendung zu beenden. (Ich vermute aber nicht, dass VirtualCloneDrive Ursache der Probleme ist, weil ich das schon mehrere Jahre störungsfrei benutze.) 2. FRST: siehe logs weiter unten. 3. GMER: Beim ersten Versuch, GMER laufen zu lassen (vorsichtshalber unter zufälligem Namen), brach das Programm irgendwann ab mit der Standard-Windows-Fehlermeldung "venn5r04.exe funktioniert nicht mehr". Ich habe es dann noch mal angeklickt. Zunächst lief es, doch dann kam die Fehlermeldung "In Laufwerk\Device\Harddisk1\DR1 liegt kein Datenträger", mit den Optionen "Abbruch - Wiederholen - Weiter". Da das VirtualCloneDrive-DVD-Laufwerk noch angezeigt wurde, habe ich dann versucht, defogger noch mal laufenzulassen und VirtualCloneDrive von Hand abzustellen - Fehlanzeige. So habe ich irgendwann auf "Abbruch" geklickt - und zu meinem Erstaunen arbeitete das Programm dann weiter! Leider konnte ich keine GMER-Log-Datei speichern, denn beim Klick auf "Copy" kam die Meldung, dass dafür nicht ausreichend Speicher zur Verfügung stehe, und bei "Save" passierte gar nichts. Vielleicht auch wichtig: Nachdem ich GMER hatte laufen lassen, wollte ich meine Kaspersky Internet Security wieder starten. Das klappte aber nicht, ich musste dafür den PC neu starten, dann ging es wieder. Ich finde es klasse, dass es sowas wie trojaner-board.de gibt, und bin dankbar für jede Hilfe. LG Felix --- Hier nun die Logs von defogger defogger_disable by jpshortstuff (23.02.10.1) Log created at 11:49 on 24/05/2014 (Wermutstropfen) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- und FRST: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:23-05-2014
Ran by Wermutstropfen (administrator) on WERMUT-LAPTOP on 24-05-2014 10:15:52
Running from C:\Users\Wermutstropfen\Desktop
Platform: Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Reimage®) C:\Program Files\AntiToolbar\ReiGuard.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Just Develop It) C:\Program Files\MyPC Backup\BackupStack.exe
() C:\Program Files\LPT\srpts.exe
() C:\Program Files\Mobogenie\MgAssist.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
() C:\Program Files\002\yewimmxqbs32.exe
(The Privoxy team - www.privoxy.org) C:\Program Files\MSR\Privoxy\privoxy.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(Simpo Technologies) C:\Program Files\Simpo PDF Creator Lite\SpcLiteSrv.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_TATIHFE.EXE
() C:\Users\Wermutstropfen\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
() C:\Users\Wermutstropfen\AppData\Roaming\InetStat\inetstat.exe
(Smartbar) C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\Smartbar.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(MyPCBackup.com) C:\Program Files\MyPC Backup\MyPC Backup.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(OpenOffice.org) C:\Program Files\OpenOffice\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice\program\soffice.bin
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Disc Soft Ltd) C:\Program Files\DAEMONTools\DiscSoftBusService.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\ssvagent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1410344 2008-12-05] (Synaptics, Inc.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Simpo PDF Creator Lite Server] => C:\Program Files\Simpo PDF Creator Lite\SpcLiteSrv.exe [101376 2010-08-18] (Simpo Technologies)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-06-20] (RealNetworks, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [VirtualDrive] => C:\Program Files\FarStone\VirtualDrive\VDTask.exe [682584 2011-12-20] (FarStone Technology Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-766344687-1236243651-3856011510-1000\...\Run: [Wisdom-soft AutoScreenRecorder 3.1 Pro] => 0
HKU\S-1-5-21-766344687-1236243651-3856011510-1000\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMONTools\DTAgent.exe [3088448 2013-03-06] (Disc Soft Ltd)
HKU\S-1-5-21-766344687-1236243651-3856011510-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIHFE.EXE [220800 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-766344687-1236243651-3856011510-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-766344687-1236243651-3856011510-1000\...\Run: [Amazon Cloud Player] => C:\Users\Wermutstropfen\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-766344687-1236243651-3856011510-1000\...\Run: [InetStat] => C:\Users\Wermutstropfen\AppData\Roaming\InetStat\inetstat.exe [1259488 2014-05-03] ()
HKU\S-1-5-21-766344687-1236243651-3856011510-1000\...\Run: [Browser Infrastructure Helper] => C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\Smartbar.exe [28192 2014-04-23] (Smartbar)
HKU\S-1-5-21-766344687-1236243651-3856011510-1000\...\MountPoints2: F - F:\Setup.Now.exe
HKU\S-1-5-21-766344687-1236243651-3856011510-1000\...\MountPoints2: G - G:\Setup.Now.exe
HKU\S-1-5-21-766344687-1236243651-3856011510-1000\...\MountPoints2: {0af0b57a-7276-11e1-b9e2-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-766344687-1236243651-3856011510-1000\...\MountPoints2: {47c7e9e6-cd41-11e2-906f-001f16b5725e} - G:\Setup.Now.exe
HKU\S-1-5-21-766344687-1236243651-3856011510-1000\...\MountPoints2: {8992083c-1efb-11e3-a79b-001f16b5725e} - F:\Setup.Now.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Wermutstropfen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Wermutstropfen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5ixMQS9ihB1Ua3VJwNpKMcOyJQg76gqfE9JsSeOBgl-Z-aP37PfuY79jBXtuZsK9D5kM7B9-73OP1MzrFFj5SbN5KFkHYPpcDPvglWHbLxqzFgi5C-3-b-1TLodsbRww,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB02BDD745910CD01
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page =
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1399137443&from=irs&uid=WDCXWD1600BPVT-00JJ5T0_WD-WXB1E81HTXP9HTXP9&i=psd&t=341f36e62
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5ixMQS9ihB1Ua3VJwNpKMcOyJQg76gqfE9JsSeOBgl-Z-aP37PfuY79jBXtuZsK9D5kM7B9-73OP1MzrFFj5SbN5KFkHYPpcDPvglWHbLxqzFgi5C-3-b-1TLodsbRww,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1399137443&from=irs&uid=WDCXWD1600BPVT-00JJ5T0_WD-WXB1E81HTXP9HTXP9&i=psd&t=341f36e62
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1399137443&from=irs&uid=WDCXWD1600BPVT-00JJ5T0_WD-WXB1E81HTXP9HTXP9&i=psd&t=341f36e62
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.v9.com/web/?type=ds&ts=1399137443&from=irs&uid=WDCXWD1600BPVT-00JJ5T0_WD-WXB1E81HTXP9HTXP9&i=psd&t=341f36e62&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.v9.com/web/?type=ds&ts=1399137443&from=irs&uid=WDCXWD1600BPVT-00JJ5T0_WD-WXB1E81HTXP9HTXP9&i=psd&t=341f36e62&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.v9.com/?type=sc&ts=1399137443&from=irs&uid=WDCXWD1600BPVT-00JJ5T0_WD-WXB1E81HTXP9HTXP9&i=psd&t=341f36e62
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5ixMQS9ihB1Ua3VJwNpKMcOyJQg76gqfE9JsSeOBgl-Z-aP37PfuY79jBXtuZsK9D5kM7B9-73OP1MzrFFj5SbN5KFkHYPpcDPvglWHbLxqzFgi5C-3-b-1TLodsbRww,&q={searchTerms}
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5ixMQS9ihB1Ua3VJwNpKMcOyJQg76gqfE9JsSeOBgl-Z-aP37PfuY79jBXtuZsK9D5kM7B9-73OP1MzrFFj5SbN5KFkHYPpcDPvglWHbLxqzFgi5C-3-b-1TLodsbRww,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5ixMQS9ihB1Ua3VJwNpKMcOyJQg76gqfE9JsSeOBgl-Z-aP37PfuY79jBXtuZsK9D5kM7B9-73OP1MzrFFj5SbN5KFkHYPpcDPvglWHbLxqzFgi5C-3-b-1TLodsbRww,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5ixMQS9ihB1Ua3VJwNpKMcOyJQg76gqfE9JsSeOBgl-Z-aP37PfuY79jBXtuZsK9D5kM7B9-73OP1MzrFFj5SbN5KFkHYPpcDPvglWHbLxqzFgi5C-3-b-1TLodsbRww,&q={searchTerms}
BHO: MSS+ Identifier - ##TOOLBAR_DISABLED_##{0e8a89ad-95d7-40eb-8d9d-083ef7066a01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: RrSavings - ##TOOLBAR_DISABLED_##{10ad2c61-0898-4348-8600-14a342f22ac3} - C:\Program Files\Rr Savings\RrSavings.dll No File
BHO: Shopping Helper SmartbarEngine - ##TOOLBAR_DISABLED_##{31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SYSTEM32\mscoree.dll (Microsoft Corporation)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Shopping Helper Smartbar - ##TOOLBAR_DISABLED_##{ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SYSTEM32\mscoree.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Wermutstropfen\AppData\Roaming\Mozilla\Firefox\Profiles\gwmqlo6e.default
FF NewTab: https://vu.fernuni-hagen.de
FF Homepage: https://vu.fernuni-hagen.de
FF Keyword.URL: https://ixquick.com/do/search?cat=web&pl=ff&language=english_uk&query=
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 8118
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 8118
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Nero.com/KM - C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin: @real.com/nppl3260;version=16.0.2.32 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.2.32 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Wermutstropfen\AppData\Roaming\Mozilla\Firefox\Profiles\gwmqlo6e.default\searchplugins\ixquick-https---uk.xml
FF SearchPlugin: C:\Users\Wermutstropfen\AppData\Roaming\Mozilla\Firefox\Profiles\gwmqlo6e.default\searchplugins\memory-alpha-en.xml
FF SearchPlugin: C:\Users\Wermutstropfen\AppData\Roaming\Mozilla\Firefox\Profiles\gwmqlo6e.default\searchplugins\wiktionary-de.xml
FF SearchPlugin: C:\Users\Wermutstropfen\AppData\Roaming\Mozilla\Firefox\Profiles\gwmqlo6e.default\searchplugins\youtube-video-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\v9.xml
FF Extension: RrSavings - C:\Users\Wermutstropfen\AppData\Roaming\Mozilla\Firefox\Profiles\gwmqlo6e.default\Extensions\RrSavings@jetpack [2014-05-07]
FF Extension: Amazon Search - C:\Users\Wermutstropfen\AppData\Roaming\Mozilla\Firefox\Profiles\gwmqlo6e.default\Extensions\amazonsearch@throttled.org.xpi [2014-05-07]
FF Extension: ConstaSurf - C:\Users\Wermutstropfen\AppData\Roaming\Mozilla\Firefox\Profiles\gwmqlo6e.default\Extensions\{0782648b-1717-4fef-ac58-8cb3ce03adb3}.xpi [2014-05-07]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-06-20]
FF HKLM\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM\...\Firefox\Extensions: - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-03-29]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-03-29]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-03-29]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-03-29]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-03-29]
FF HKLM\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Wermutstropfen\AppData\Roaming\Mozilla\Firefox\Profiles\jj64vnl9.default\extensions\quick_start@gmail.com
========================== Services (Whitelisted) =================
R2 AntiToolbarProtector; C:\Program Files\AntiToolbar\ReiGuard.exe [4032352 2014-04-28] (Reimage®)
R2 avp; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [36392 2014-03-14] (Just Develop It)
R3 Disc Soft Bus Service; C:\Program Files\DAEMONTools\DiscSoftBusService.exe [580672 2013-03-06] (Disc Soft Ltd)
R2 LPTSystemUpdater; C:\Program Files\LPT\srpts.exe [37920 2014-04-23] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.)
R2 MgAssistService; C:\Program Files\Mobogenie\MgAssist.exe [70848 2014-04-08] ()
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [687400 2011-11-25] (Nero AG)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 System Update kb70007; C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe [16384 2014-04-23] ()
R2 yewimmxqbs32; C:\Program Files\002\yewimmxqbs32.exe [541696 2014-05-07] ()
==================== Drivers (Whitelisted) ====================
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [24704 2013-06-04] (Disc Soft Ltd)
R3 fcdabus; C:\Windows\System32\DRIVERS\fcdabus.sys [18448 2008-10-29] (FarStone Inc.)
R0 FVXSCSI; C:\Windows\System32\DRIVERS\fvxscsi.sys [88024 2009-12-23] (FarStone Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2014-03-29] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [576608 2014-03-29] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25184 2014-03-29] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [144992 2014-03-29] (Kaspersky Lab ZAO)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [94304 2014-03-29] (Kaspersky Lab ZAO)
S1 netfilter; system32\drivers\netfilter.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-24 10:15 - 2014-05-24 10:16 - 00023384 _____ () C:\Users\Wermutstropfen\Desktop\FRST.txt
2014-05-24 10:15 - 2014-05-24 10:15 - 00000000 ____D () C:\FRST
2014-05-24 10:14 - 2014-05-24 10:14 - 01056768 _____ (Farbar) C:\Users\Wermutstropfen\Desktop\FRST.exe
2014-05-24 10:11 - 2014-05-24 10:12 - 00000490 _____ () C:\Users\Wermutstropfen\Desktop\defogger_disable.log
2014-05-24 10:11 - 2014-05-24 10:11 - 00000000 _____ () C:\Users\Wermutstropfen\defogger_reenable
2014-05-24 10:09 - 2014-05-24 10:09 - 00050477 _____ () C:\Users\Wermutstropfen\Desktop\Defogger.exe
2014-05-14 16:01 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 16:01 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 16:01 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 15:27 - 2014-03-25 15:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-09 09:58 - 2014-05-09 09:58 - 00000000 ____D () C:\ProgramData\CDB
2014-05-09 09:57 - 2014-05-09 09:59 - 00000000 ____D () C:\ProgramData\AntiToolbar
2014-05-09 09:57 - 2014-05-09 09:59 - 00000000 ____D () C:\Program Files\AntiToolbar
2014-05-09 09:57 - 2014-05-09 09:58 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-09 09:57 - 2014-05-09 09:57 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Local\MFAData
2014-05-09 09:57 - 2014-05-09 09:57 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Local\Avg2013
2014-05-09 09:57 - 2014-05-09 09:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiToolbar
2014-05-09 09:55 - 2014-05-09 09:55 - 00684776 _____ (Reimage®) C:\Users\Wermutstropfen\Downloads\AntiToolbar03.exe
2014-05-08 22:42 - 2014-05-08 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-08 22:42 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-05-08 22:42 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-08 22:42 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-08 22:42 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-08 22:39 - 2014-05-08 22:42 - 00004241 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-05-07 21:12 - 2014-05-07 21:12 - 00000000 ____D () C:\Program Files\VideoLAN
2014-05-07 21:10 - 2014-05-07 21:11 - 00000000 ____D () C:\Program Files\002
2014-05-07 21:10 - 2014-05-07 21:10 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Local\cache
2014-05-07 21:10 - 2014-05-07 21:10 - 00000000 ____D () C:\Users\Wermutstropfen\.android
2014-05-07 21:09 - 2014-05-07 21:24 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Local\Mobogenie
2014-05-07 21:09 - 2014-05-07 21:09 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2014-05-07 21:09 - 2014-05-07 21:09 - 00000000 _____ () C:\Users\Wermutstropfen\daemonprocess.txt
2014-05-07 21:08 - 2014-05-08 21:41 - 00000000 ____D () C:\Program Files\Mobogenie
2014-05-07 21:07 - 2014-05-24 09:25 - 00001758 _____ () C:\Users\Wermutstropfen\Desktop\Sync Folder.lnk
2014-05-07 21:07 - 2014-05-07 21:08 - 00000000 ____D () C:\Program Files\ConstaSurf
2014-05-07 21:07 - 2014-05-07 21:07 - 00000000 ____D () C:\ProgramData\Systweak
2014-05-07 21:07 - 2014-05-07 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-05-07 21:07 - 2012-07-25 12:03 - 00017136 _____ () C:\Windows\system32\sasnative32.exe
2014-05-07 21:06 - 2014-05-21 21:06 - 00000290 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-05-07 21:06 - 2014-05-20 15:01 - 00000282 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-05-07 21:06 - 2014-05-09 09:05 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-05-07 21:06 - 2014-05-07 21:06 - 00000888 _____ () C:\Users\Wermutstropfen\Desktop\MyPC Backup.lnk
2014-05-07 21:06 - 2014-05-07 21:06 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-05-07 21:05 - 2014-05-07 22:07 - 00000000 ____D () C:\Program Files\LPT
2014-05-07 21:05 - 2014-05-07 21:07 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Roaming\Systweak
2014-05-07 21:05 - 2014-05-07 21:05 - 00002184 _____ () C:\Users\Wermutstropfen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-05-07 21:05 - 2014-05-07 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2014-05-07 21:05 - 2013-08-22 18:36 - 00018776 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot.exe
2014-05-07 21:04 - 2014-05-07 21:04 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Local\Smartbar
2014-05-07 21:04 - 2014-05-07 21:04 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Local\LPT
2014-05-07 21:02 - 2014-05-07 21:02 - 00994160 _____ () C:\Users\Wermutstropfen\Downloads\flashplayersetup.exe
2014-05-07 20:34 - 2014-05-07 20:34 - 00000862 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-07 20:34 - 2014-05-07 20:34 - 00000000 _____ () C:\Users\Wermutstropfen\Downloads\Firefox Setup Stub 29_0_exe (1).5ur9ay3.partial
2014-05-07 20:22 - 2014-05-07 20:22 - 00000000 _____ () C:\Users\Wermutstropfen\Downloads\Firefox Setup Stub 29_0_exe.6fr75ny.partial
2014-05-07 20:16 - 2014-05-07 20:35 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Roaming\Mozilla
2014-05-04 23:19 - 2014-05-04 23:19 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-05-04 23:19 - 2014-05-04 23:19 - 00000000 ____D () C:\sh4ldr
2014-05-04 23:16 - 2014-05-05 21:38 - 00000000 ____D () C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-05-04 23:16 - 2014-05-04 23:16 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-05-04 23:13 - 2014-05-04 23:13 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Wermutstropfen\Downloads\SpyHunter-Installer.exe
2014-05-03 19:41 - 2014-05-03 19:42 - 18985347 _____ () C:\Users\Wermutstropfen\Downloads\cursmon1.zip
2014-05-03 19:40 - 2014-05-03 19:40 - 00673992 _____ () C:\Users\Wermutstropfen\Downloads\Brothersoft_downloader_For_The_Curse_of_Monkey_Island.exe
2014-05-03 19:29 - 2014-05-03 19:29 - 02271256 _____ () C:\Users\Wermutstropfen\Downloads\The_Curse_Of_Monkey_Island.exe
2014-05-03 19:17 - 2014-05-03 19:18 - 00000000 ____D () C:\Program Files\MSR
2014-05-03 19:17 - 2014-05-03 19:17 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Roaming\v9
2014-05-03 19:16 - 2014-05-03 19:16 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Roaming\InetStat
2014-05-03 19:15 - 2014-05-03 19:15 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Roaming\Wise
2014-04-30 17:59 - 2014-04-30 18:05 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
==================== One Month Modified Files and Folders =======
2014-05-24 10:16 - 2014-05-24 10:15 - 00023384 _____ () C:\Users\Wermutstropfen\Desktop\FRST.txt
2014-05-24 10:15 - 2014-05-24 10:15 - 00000000 ____D () C:\FRST
2014-05-24 10:14 - 2014-05-24 10:14 - 01056768 _____ (Farbar) C:\Users\Wermutstropfen\Desktop\FRST.exe
2014-05-24 10:12 - 2014-05-24 10:11 - 00000490 _____ () C:\Users\Wermutstropfen\Desktop\defogger_disable.log
2014-05-24 10:11 - 2014-05-24 10:11 - 00000000 _____ () C:\Users\Wermutstropfen\defogger_reenable
2014-05-24 10:09 - 2014-05-24 10:09 - 00050477 _____ () C:\Users\Wermutstropfen\Desktop\Defogger.exe
2014-05-24 10:06 - 2006-11-02 14:46 - 00004432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-24 10:06 - 2006-11-02 14:46 - 00004432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-24 09:40 - 2013-03-23 22:12 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-24 09:26 - 2006-11-02 14:51 - 01214650 _____ () C:\Windows\WindowsUpdate.log
2014-05-24 09:25 - 2014-05-07 21:07 - 00001758 _____ () C:\Users\Wermutstropfen\Desktop\Sync Folder.lnk
2014-05-24 09:24 - 2012-03-20 12:36 - 00068136 _____ () C:\Users\Wermutstropfen\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-24 09:21 - 2006-11-02 15:00 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-24 09:21 - 2006-11-02 14:46 - 00369584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-24 09:05 - 2006-11-02 15:00 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-24 00:19 - 2014-02-14 00:19 - 00000316 _____ () C:\Windows\Tasks\Digital Sites.job
2014-05-24 00:19 - 2013-11-10 22:19 - 00000040 _____ () C:\Users\Wermutstropfen\AppData\Roaming\WB.CFG
2014-05-24 00:19 - 2013-11-10 21:19 - 00000316 _____ () C:\Windows\Tasks\DigitalSite.job
2014-05-23 21:34 - 2006-11-02 14:35 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-05-23 11:48 - 2012-04-02 15:50 - 00000000 ____D () C:\Users\Wermutstropfen\Documents\Jobcenter
2014-05-21 21:06 - 2014-05-07 21:06 - 00000290 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-05-20 21:41 - 2013-05-05 19:52 - 00000000 ____D () C:\Games
2014-05-20 15:16 - 2012-04-22 18:56 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Roaming\ICQ
2014-05-20 15:01 - 2014-05-07 21:06 - 00000282 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-05-16 21:56 - 2014-04-04 20:24 - 00000000 ____D () C:\Users\Wermutstropfen\Documents\Star Trek
2014-05-15 22:03 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-15 12:18 - 2012-04-23 10:12 - 00000000 ____D () C:\Users\Wermutstropfen\Documents\Nachhilfe Orga
2014-05-14 21:16 - 2013-08-14 19:52 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 16:14 - 2006-11-02 12:33 - 01583198 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-14 16:03 - 2006-11-02 12:24 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-05-14 15:16 - 2012-03-27 23:25 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-09 09:59 - 2014-05-09 09:57 - 00000000 ____D () C:\ProgramData\AntiToolbar
2014-05-09 09:59 - 2014-05-09 09:57 - 00000000 ____D () C:\Program Files\AntiToolbar
2014-05-09 09:58 - 2014-05-09 09:58 - 00000000 ____D () C:\ProgramData\CDB
2014-05-09 09:58 - 2014-05-09 09:57 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-09 09:57 - 2014-05-09 09:57 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Local\MFAData
2014-05-09 09:57 - 2014-05-09 09:57 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Local\Avg2013
2014-05-09 09:57 - 2014-05-09 09:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiToolbar
2014-05-09 09:55 - 2014-05-09 09:55 - 00684776 _____ (Reimage®) C:\Users\Wermutstropfen\Downloads\AntiToolbar03.exe
2014-05-09 09:05 - 2014-05-07 21:06 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-05-09 09:04 - 2012-03-24 18:12 - 00015974 _____ () C:\Windows\PFRO.log
2014-05-08 22:43 - 2013-10-17 09:43 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-08 22:42 - 2014-05-08 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-08 22:42 - 2014-05-08 22:39 - 00004241 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-05-08 22:42 - 2013-08-12 19:09 - 00000000 ____D () C:\Program Files\Java
2014-05-08 22:25 - 2014-01-29 12:25 - 00921512 _____ (Oracle Corporation) C:\Users\Wermutstropfen\Downloads\jxpiinstall.exe
2014-05-08 21:41 - 2014-05-07 21:08 - 00000000 ____D () C:\Program Files\Mobogenie
2014-05-07 22:07 - 2014-05-07 21:05 - 00000000 ____D () C:\Program Files\LPT
2014-05-07 21:24 - 2014-05-07 21:09 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Local\Mobogenie
2014-05-07 21:12 - 2014-05-07 21:12 - 00000000 ____D () C:\Program Files\VideoLAN
2014-05-07 21:11 - 2014-05-07 21:10 - 00000000 ____D () C:\Program Files\002
2014-05-07 21:10 - 2014-05-07 21:10 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Local\cache
2014-05-07 21:10 - 2014-05-07 21:10 - 00000000 ____D () C:\Users\Wermutstropfen\.android
2014-05-07 21:09 - 2014-05-07 21:09 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2014-05-07 21:09 - 2014-05-07 21:09 - 00000000 _____ () C:\Users\Wermutstropfen\daemonprocess.txt
2014-05-07 21:08 - 2014-05-07 21:07 - 00000000 ____D () C:\Program Files\ConstaSurf
2014-05-07 21:08 - 2013-10-12 18:53 - 00000644 _____ () C:\Windows\Wininit.ini
2014-05-07 21:07 - 2014-05-07 21:07 - 00000000 ____D () C:\ProgramData\Systweak
2014-05-07 21:07 - 2014-05-07 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-05-07 21:07 - 2014-05-07 21:05 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Roaming\Systweak
2014-05-07 21:06 - 2014-05-07 21:06 - 00000888 _____ () C:\Users\Wermutstropfen\Desktop\MyPC Backup.lnk
2014-05-07 21:06 - 2014-05-07 21:06 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-05-07 21:05 - 2014-05-07 21:05 - 00002184 _____ () C:\Users\Wermutstropfen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-05-07 21:05 - 2014-05-07 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2014-05-07 21:04 - 2014-05-07 21:04 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Local\Smartbar
2014-05-07 21:04 - 2014-05-07 21:04 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Local\LPT
2014-05-07 21:02 - 2014-05-07 21:02 - 00994160 _____ () C:\Users\Wermutstropfen\Downloads\flashplayersetup.exe
2014-05-07 20:35 - 2014-05-07 20:16 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Roaming\Mozilla
2014-05-07 20:34 - 2014-05-07 20:34 - 00000862 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-07 20:34 - 2014-05-07 20:34 - 00000000 _____ () C:\Users\Wermutstropfen\Downloads\Firefox Setup Stub 29_0_exe (1).5ur9ay3.partial
2014-05-07 20:34 - 2014-03-29 18:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-07 20:34 - 2012-03-23 13:47 - 16000760 _____ (Mozilla) C:\Users\Wermutstropfen\Downloads\Firefox Setup 11.0.exe
2014-05-07 20:22 - 2014-05-07 20:22 - 00000000 _____ () C:\Users\Wermutstropfen\Downloads\Firefox Setup Stub 29_0_exe.6fr75ny.partial
2014-05-06 01:32 - 2014-05-14 16:01 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 01:14 - 2014-05-14 16:01 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 01:14 - 2014-05-14 16:01 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-05 21:38 - 2014-05-04 23:16 - 00000000 ____D () C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-05-04 23:19 - 2014-05-04 23:19 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-05-04 23:19 - 2014-05-04 23:19 - 00000000 ____D () C:\sh4ldr
2014-05-04 23:16 - 2014-05-04 23:16 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-05-04 23:13 - 2014-05-04 23:13 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Wermutstropfen\Downloads\SpyHunter-Installer.exe
2014-05-04 22:19 - 2012-05-11 15:51 - 00000000 ____D () C:\Users\Wermutstropfen\Documents\Spaßkasse
2014-05-03 19:42 - 2014-05-03 19:41 - 18985347 _____ () C:\Users\Wermutstropfen\Downloads\cursmon1.zip
2014-05-03 19:40 - 2014-05-03 19:40 - 00673992 _____ () C:\Users\Wermutstropfen\Downloads\Brothersoft_downloader_For_The_Curse_of_Monkey_Island.exe
2014-05-03 19:29 - 2014-05-03 19:29 - 02271256 _____ () C:\Users\Wermutstropfen\Downloads\The_Curse_Of_Monkey_Island.exe
2014-05-03 19:18 - 2014-05-03 19:17 - 00000000 ____D () C:\Program Files\MSR
2014-05-03 19:18 - 2013-07-10 22:32 - 00262144 _____ () C:\Windows\system32\config\elam
2014-05-03 19:17 - 2014-05-03 19:17 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Roaming\v9
2014-05-03 19:17 - 2012-03-20 12:36 - 00001185 _____ () C:\Users\Wermutstropfen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-03 19:16 - 2014-05-03 19:16 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Roaming\InetStat
2014-05-03 19:15 - 2014-05-03 19:15 - 00000000 ____D () C:\Users\Wermutstropfen\AppData\Roaming\Wise
2014-05-02 10:48 - 2012-04-01 11:10 - 00000000 ____D () C:\Users\Wermutstropfen\Documents\Mathematik
2014-04-30 19:49 - 2012-04-26 13:47 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-30 18:05 - 2014-04-30 17:59 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
Some content of TEMP:
====================
C:\Users\Wermutstropfen\AppData\Local\Temp\032939rr.exe
C:\Users\Wermutstropfen\AppData\Local\Temp\1ukban4c.ce3.exe
C:\Users\Wermutstropfen\AppData\Local\Temp\6_Offer_12.exe
C:\Users\Wermutstropfen\AppData\Local\Temp\AntiToolbarPackage.exe
C:\Users\Wermutstropfen\AppData\Local\Temp\AVG_AV_Setup.exe
C:\Users\Wermutstropfen\AppData\Local\Temp\BackupSetup.exe
C:\Users\Wermutstropfen\AppData\Local\Temp\Caramava_bs.exe
C:\Users\Wermutstropfen\AppData\Local\Temp\f.exe
C:\Users\Wermutstropfen\AppData\Local\Temp\fdmql5mo.xpr.exe
C:\Users\Wermutstropfen\AppData\Local\Temp\FileSystemView.dll
C:\Users\Wermutstropfen\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Wermutstropfen\AppData\Local\Temp\ldmkdvrn.pdj.exe
C:\Users\Wermutstropfen\AppData\Local\Temp\pcspeedmaxsetup.exe
C:\Users\Wermutstropfen\AppData\Local\Temp\SHSetup.exe
C:\Users\Wermutstropfen\AppData\Local\Temp\z3gw30y1.2ye.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-24 09:27
==================== End Of Log ============================
--- --- --- und schließlich der Addition.txt:FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:23-05-2014
Ran by Wermutstropfen at 2014-05-24 10:17:25
Running from C:\Users\Wermutstropfen\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Advanced System Protector (HKLM\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.12594 - Systweak Software) <==== ATTENTION
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
AntiToolbar (HKLM\...\AntiToolbar) (Version: 1.0.0.8 - Reimage)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Babylon toolbar (HKLM\...\BabylonToolbar) (Version: 1.8.11.10 - BabylonToolbar) <==== ATTENTION
Beneath a Steel Sky (HKLM\...\Beneath a Steel Sky) (Version: Release 8 - )
Broadcom Gigabit NetLink Controller (HKLM\...\{9AF0B106-56F1-461B-A270-95BC1682E282}) (Version: 11.34.02 - Broadcom Corporation)
BrowserProtect (HKLM\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version: - ) <==== ATTENTION
Bundled software uninstaller (HKLM\...\bi_uninstaller) (Version: - ) <==== ATTENTION
Canon RAW Codec (HKLM\...\Canon RAW Codec) (Version: 1.8.0.68 - Canon Inc.)
Caramava (HKLM\...\Caramava) (Version: 2014.05.03.021147 - Caramava)
Cisco EAP-FAST Module (HKLM\...\{3F4BA3A2-7BE0-48EA-B4BC-CA4D842A409A}) (Version: 2.2.9 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{934B3B19-8193-467A-B356-E73F82647D38}) (Version: 1.0.15 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{BAD1449B-DF0C-4118-B76D-68C54009576C}) (Version: 1.1.2 - Cisco Systems, Inc.)
ConstaSurf (HKLM\...\ConstaSurf) (Version: 2014.05.07.154250 - ConstaSurf)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 1.0.0.0068 - Disc Soft Ltd)
DVDx 4.0 Open Edition (HKLM\...\DVDx 4.0 Open Edition) (Version: 4.0 (Open Edition) - labDV)
EOSMSG (HKLM\...\{C68EB8C6-FFCC-42A8-B509-18B331E220F7}) (Version: 4.0.0 - www.eosmsg.com)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WP-4525 Series Printer Uninstall (HKLM\...\EPSON WP-4525 Series) (Version: - SEIKO EPSON Corporation)
Free Pascal 2.6.0 (HKLM\...\FreePascal_is1) (Version: - Free Pascal Team)
Geany 1.22 (HKLM\...\Geany) (Version: 1.22 - The Geany developer team)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
GPL Ghostscript 8.71 (HKLM\...\GPL Ghostscript 8.71) (Version: - )
GSview 4.9 (HKLM\...\GSview 4.9) (Version: - )
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version: - )
Heroes II - The Price of Loyalty Bundle (HKLM\...\Heroes II - The Price of Loyalty) (Version: - )
Heroes of Might & Magic V: Hammers of Fate (HKLM\...\{66FF4C48-0083-4E60-8556-B883AB200091}) (Version: - )
Heroes of Might and Magic IV: Winds of War (HKLM\...\Heroes of Might and Magic IV) (Version: - )
Heroes of Might and Magic V (HKLM\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version: - )
Heroes of Might and Magic® III Complete (HKLM\...\Heroes of Might and Magic® III) (Version: - )
High-Definition Video Playback (Version: 11.1.11100.4.196 - Nero AG) Hidden
ICQ7.7 (HKLM\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
InetStat (HKCU\...\InetStat) (Version: 0.4 - InetStat)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kaspersky Internet Security (HKLM\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (Version: 14.0.0.4651 - Kaspersky Lab) Hidden
LECTURNITY Player (HKLM\...\{8624888C-A959-45A5-98F4-292E956325EA}) (Version: 4.0.0000 - imc AG)
LPT System Updater Service (Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Maniac Mansion Deluxe (HKLM\...\Maniac Mansion Deluxe) (Version: - )
Maple 15 (HKLM\...\Maple 15) (Version: 15.0.0.0 - Maplesoft)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
MFC RunTime files (Version: 1.0.0 - Extensoft) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
MiKTeX 2.8 (HKLM\...\MiKTeX 2.8) (Version: 2.8 - MiKTeX.org)
Mobogenie (HKLM\...\Mobogenie) (Version: - Mobogenie.com) <==== ATTENTION
Monkey Island (HKLM\...\{26D1AA3E-36F2-4E2E-BBF5-FFBBE9D7B766}) (Version: 1 - XeonKing©)
Monkey Island 2 (HKLM\...\{E86BFD65-8287-4FF2-BC7D-808E70417A48}) (Version: 2 - XeonKing©)
Mozilla Firefox 11.0 (x86 de) (HKLM\...\Mozilla Firefox 11.0 (x86 de)) (Version: 11.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
MPEG4E VFW - H.264/MPEG-4 AVC codec (remove only) (HKLM\...\MPEG4E) (Version: - )
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTION
Nero 11 Kwik Themes Basic (Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero Audio Pack 1 (Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero Core Components 11 (Version: 11.0.16000.1.20 - Nero AG) Hidden
Nero Kwik Media (HKLM\...\{20F71B17-008C-43B4-8097-58FB62EA7AB8}) (Version: 11.0.17100 - Nero AG)
Nero Kwik Media (Version: 1.10.24800.146.100 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (Version: 11.0.10200 - Nero AG) Hidden
Nero Update (Version: 11.0.11500.28.0 - Nero AG) Hidden
nero.prerequisites.msi (Version: 11.0.20010 - Nero AG) Hidden
OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
QSopt Version 1.0 (HKLM\...\QSopt1.0_is1) (Version: 1.0 - QSopt)
RarZilla Free Unrar (HKLM\...\RarZilla Free Unrar) (Version: 4.19 - Philipp Winterberg)
RealDownloader (Version: 1.3.2 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.2 - RealNetworks)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 6.0.6000.20113 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RegClean Pro (HKLM\...\RegClean Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
rrsavings (HKLM\...\rrsavings) (Version: 2.0.1 - rrsavings) <==== ATTENTION
RrSavings (Version: 1.0.0.0 - RrSavings) Hidden <==== ATTENTION
ScummVM 0.9.0 (HKLM\...\ScummVM_is1) (Version: - )
Shopping Helper Smartbar (HKLM\...\{B2A302E7-8FA4-4585-AB7F-12C4DEBC0D32}) (Version: 11.44.63.16736 - ReSoft Ltd.) <==== ATTENTION
Shopping Helper Smartbar Engine (HKCU\...\{4712356b-5e5e-4025-a33e-ececdaf1d5e2}) (Version: 11.44.63.16736 - ReSoft Ltd.) <==== ATTENTION
Simpo PDF Creator Lite 3.1.1.0 (HKLM\...\Simpo PDF Creator Lite_is1) (Version: - )
Skype™ 6.5 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.5.158 - Skype Technologies S.A.)
SpyHunter (HKLM\...\{AF549236-6258-4AC6-A043-5B5B89C6EB61}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 12.1.0.0 - Synaptics)
System Update kb70007 (Version: 1.0.0 - MSR) Hidden
TeXnicCenter Version 1.0 Stable RC1 (HKLM\...\TeXnicCenter_is1) (Version: Version 1.0 Stable RC1 - TeXnicCenter.org)
The Curse of Monkey Island (HKLM\...\{D54F139D-A524-49DB-A543-B5926682323F}) (Version: 3 - XeonKing©)
Ultimate Extras sounds from Microsoft® Tinker™ (HKLM\...\UltSounds2) (Version: - Microsoft Corporation)
Uncompressor (HKCU\...\Uncompressor) (Version: - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Zip Extractor (HKCU\...\DigitalSite) (Version: - ) <==== ATTENTION
v9 uninstaller (HKLM\...\v9 uninstaller) (Version: - v9)
Video Converter (HKCU\...\Video Converter) (Version: - )
VirtualDrive Pro (HKLM\...\{D5BB0907-4BB0-46A3-AA68-0173D111058D}) (Version: - )
VirtualDrive Pro (HKLM\...\{EEE22184-B53C-4B87-9F5B-53638160B966}) (Version: 14.00 - FarStone Technology Inc.)
Vision Double Feature (HKLM\...\Vision Double Feature) (Version: - )
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4040.0 - Microsoft Corporation)
Windows-Soundschemas (HKLM\...\UltSounds) (Version: - Microsoft Corporation)
Zip Extractor Packages (HKCU\...\Zip Extractor Packages) (Version: - ) <==== ATTENTION
==================== Restore Points =========================
20-04-2014 09:47:39 Geplanter Prüfpunkt
26-04-2014 10:23:36 Geplanter Prüfpunkt
29-04-2014 21:00:07 Geplanter Prüfpunkt
02-05-2014 18:56:02 Geplanter Prüfpunkt
03-05-2014 19:35:06 Windows Update
04-05-2014 21:16:40 Installed SpyHunter
05-05-2014 19:37:11 Removed SpyHunter
08-05-2014 20:36:09 Installed Java 7 Update 55
08-05-2014 21:40:39 Windows Update
14-05-2014 14:00:25 Windows Update
==================== Hosts content: ==========================
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {03CA5F47-18C2-432C-8928-A62938B68656} - System32\Tasks\{D6371849-DB58-4A57-9CDA-6B8E87631CC0} => Firefox.exe hxxp://ui.skype.com/ui/0/6.5.0.158/de/eula?source=lightinstaller
Task: {075F7B0C-8858-426A-81EA-5161F4D13E82} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {08E4B430-412D-445D-B2B9-133D1A1E06B1} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-766344687-1236243651-3856011510-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {0FC2F2F9-11CB-4548-BA47-DD4D7A03A520} - System32\Tasks\RegClean Pro => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {15F1B85D-EE16-4D04-93DC-72A393EE9B7D} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {22887D00-5E43-4EE3-9123-9DEC0A920409} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-766344687-1236243651-3856011510-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {27A02F20-4CB7-48E0-A15B-C560CC158C89} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {2EF1A2C3-210D-4AFD-BEB7-E51E7FD69C0C} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {36C11FD1-841D-4B06-9FE9-E1847AE1EC9F} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {3A950610-5351-4CF3-89BD-526A7E64AA8B} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {49FD4271-77CB-4038-A72B-21596A61C5F7} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-766344687-1236243651-3856011510-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {5A6D9831-D95C-4713-B4E9-F03D1644498F} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {851EB9D8-D277-40CE-93DE-BD6DCCBB5812} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-766344687-1236243651-3856011510-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {852C63CB-634F-46EC-96DD-B08438C5F502} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {8A1930EF-9F8C-465F-8D85-329536484A8F} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {8DE15368-6411-498C-94C5-36B306880D57} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-19] (Microsoft Corporation)
Task: {A086AC24-219A-4CC6-9648-314AF5626D34} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {C20D8DA9-8D4D-4AF6-8FA1-6A505E9B274B} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-766344687-1236243651-3856011510-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {D3DFA316-17BA-4C37-BD4A-FE1830FFB50E} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Task: {D4A1BDBD-42EC-4320-B5D8-D33CA58EE716} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-766344687-1236243651-3856011510-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {DAD2D7A9-844D-4223-823E-7A7D8A40EBD7} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {E9157AD5-E333-47FE-B39A-735DF490798E} - System32\Tasks\Digital Sites => C:\Users\Wermutstropfen\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {EBCADB90-DC3F-451E-B045-172A24E1EB54} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-766344687-1236243651-3856011510-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-04-16] (RealNetworks, Inc.)
Task: {EDC62096-1B47-4E14-8E87-7286147FA394} - System32\Tasks\DigitalSite => C:\Users\Wermutstropfen\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {FA65A4F9-4AAB-4166-BBF5-BA9BEA22AB0C} - System32\Tasks\Advanced System Protector_startup => C:\Program Files\Advanced System Protector\AdvancedSystemProtector.exe <==== ATTENTION
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\WERMUT~1\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\WERMUT~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-06-17 13:35 - 2013-06-17 13:35 - 00478400 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 15:52 - 2013-05-08 15:52 - 01270464 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2014-05-07 21:04 - 2014-05-07 21:04 - 00904704 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2014-04-23 17:16 - 2014-04-23 17:16 - 00037920 _____ () C:\Program Files\LPT\srpts.exe
2014-04-23 17:16 - 2014-04-23 17:16 - 00081952 _____ () C:\Program Files\LPT\srpt.dll
2014-04-23 17:16 - 2014-04-23 17:16 - 00023072 _____ () C:\Program Files\LPT\srptc.dll
2014-04-23 17:15 - 2014-04-23 17:15 - 00018976 _____ () C:\Program Files\LPT\Smartbar.Common.dll
2014-05-07 21:09 - 2014-04-08 05:41 - 00070848 _____ () C:\Program Files\Mobogenie\MgAssist.exe
2013-04-16 03:07 - 2013-04-16 03:07 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-05-03 19:18 - 2014-04-23 17:42 - 00016384 _____ () C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe
2014-05-03 19:18 - 2014-04-23 17:42 - 00033792 _____ () C:\Windows\Microsoft\System Update kb70007\InstallerLibrary.dll
2014-05-03 19:18 - 2014-04-23 17:42 - 00015360 _____ () C:\Windows\Microsoft\System Update kb70007\Installer.dll
2014-05-07 21:11 - 2014-05-07 21:11 - 00541696 _____ () C:\Program Files\002\yewimmxqbs32.exe
2014-05-03 19:18 - 2014-05-24 09:21 - 00086528 _____ () C:\Program Files\MSR\Privoxy\mgwz.dll
2014-04-12 15:12 - 2014-03-07 22:39 - 03168576 _____ () C:\Users\Wermutstropfen\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-05-03 19:16 - 2014-05-03 19:16 - 01259488 _____ () C:\Users\Wermutstropfen\AppData\Roaming\InetStat\inetstat.exe
2014-04-23 17:15 - 2014-04-23 17:15 - 00047136 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-04-23 17:16 - 2014-04-23 17:16 - 00069152 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\srau.dll
2014-04-23 17:15 - 2014-04-23 17:15 - 00165920 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-04-23 17:15 - 2014-04-23 17:15 - 02336288 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-04-23 17:16 - 2014-04-23 17:16 - 00067104 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\spbl.dll
2014-04-23 17:16 - 2014-04-23 17:16 - 00155680 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-04-23 17:15 - 2014-04-23 17:15 - 00014368 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\siem.dll
2014-04-23 17:16 - 2014-04-23 17:16 - 00066080 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\sppsm.dll
2014-04-23 17:15 - 2014-04-23 17:15 - 00696864 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-04-23 17:15 - 2014-04-23 17:15 - 00014880 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-04-23 17:15 - 2014-04-23 17:15 - 00078880 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-04-23 17:16 - 2014-04-23 17:16 - 00027168 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-04-23 17:16 - 2014-04-23 17:16 - 00056864 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\srut.dll
2014-04-23 17:16 - 2014-04-23 17:16 - 00029216 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\srsbs.dll
2014-04-23 17:15 - 2014-04-23 17:15 - 00065568 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-04-23 17:16 - 2014-04-23 17:16 - 00054304 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\smti.dll
2014-04-23 17:16 - 2014-04-23 17:16 - 00031264 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\srom.dll
2014-04-23 17:16 - 2014-04-23 17:16 - 00030752 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\smtu.dll
2014-04-23 17:16 - 2014-04-23 17:16 - 00038944 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\smta.dll
2014-04-23 17:15 - 2014-04-23 17:15 - 00024096 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\sgml.dll
2014-04-23 17:16 - 2014-04-23 17:16 - 00044064 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\srbu.dll
2014-04-23 17:16 - 2014-04-23 17:16 - 00061472 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-04-23 17:16 - 2014-04-23 17:16 - 00024608 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\srpdm.dll
2014-04-23 17:15 - 2014-04-23 17:15 - 00043552 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-04-23 17:14 - 2014-04-23 17:14 - 00026656 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-04-23 17:16 - 2014-04-23 17:16 - 00035360 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-04-23 17:15 - 2014-04-23 17:15 - 00193056 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\sgmu.dll
2014-04-23 17:12 - 2014-04-23 17:12 - 00061440 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-04-23 17:16 - 2014-04-23 17:16 - 00255520 _____ () C:\Users\Wermutstropfen\AppData\Local\Smartbar\Application\srns.dll
2014-03-14 16:06 - 2014-03-14 16:06 - 00012288 _____ () C:\Program Files\MyPC Backup\GetText.dll
2011-01-17 16:19 - 2012-03-27 15:30 - 00985088 _____ () C:\Program Files\OpenOffice\program\libxml2.dll
2012-03-29 12:58 - 2014-05-14 15:21 - 09496576 _____ () C:\Users\Wermutstropfen\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.deu
2012-04-02 17:14 - 2014-05-14 20:41 - 00045568 _____ () C:\Users\Wermutstropfen\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_weblink.DEU
2012-03-29 12:59 - 2014-05-14 15:21 - 00100352 _____ () C:\Users\Wermutstropfen\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_EScript.DEU
2014-05-08 13:21 - 2014-05-08 13:21 - 00305520 _____ () C:\Program Files\Adobe\Reader 10.0\Reader\sqlite.dll
2012-03-29 12:59 - 2014-05-14 15:22 - 00014336 _____ () C:\Users\Wermutstropfen\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.DEU
2014-04-30 17:59 - 2014-04-30 17:59 - 03019888 _____ () C:\Program Files\Mozilla Thunderbird\mozjs.dll
2014-04-30 17:59 - 2014-04-30 17:59 - 00158832 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAP32V60.dll
2014-04-30 17:59 - 2014-04-30 17:59 - 00023152 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-05-07 20:34 - 2012-03-13 06:36 - 01969080 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-08-12 19:09 - 2014-04-14 20:07 - 00018856 _____ () C:\Program Files\Java\jre7\bin\jp2native.dll
2013-10-19 09:55 - 2013-10-19 09:55 - 16233864 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/24/2014 09:24:40 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/24/2014 09:24:40 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/24/2014 08:51:46 AM) (Source: Software Licensing Service) (EventID: 8198) (User: )
Description: Die Lizenzaktivierung (SLUINotify.dll) ist mit folgendem Fehlercode fehlgeschlagen:
0x80070057
Error: (05/23/2014 01:36:03 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/23/2014 01:36:03 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/23/2014 09:36:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/23/2014 09:36:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/23/2014 08:45:47 AM) (Source: Software Licensing Service) (EventID: 8198) (User: )
Description: Die Lizenzaktivierung (SLUINotify.dll) ist mit folgendem Fehlercode fehlgeschlagen:
0x80070057
Error: (05/22/2014 09:38:32 PM) (Source: Software Licensing Service) (EventID: 8198) (User: )
Description: Die Lizenzaktivierung (SLUINotify.dll) ist mit folgendem Fehlercode fehlgeschlagen:
0x80070057
Error: (05/22/2014 09:27:46 AM) (Source: Software Licensing Service) (EventID: 8198) (User: )
Description: Die Lizenzaktivierung (SLUINotify.dll) ist mit folgendem Fehlercode fehlgeschlagen:
0x80070057
System errors:
=============
Error: (05/24/2014 09:22:54 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: netfilter
Error: (05/24/2014 09:22:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (05/24/2014 08:43:57 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: netfilter
Error: (05/24/2014 08:43:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (05/23/2014 09:31:44 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: netfilter
Error: (05/23/2014 09:31:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (05/23/2014 02:05:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: netfilter
Error: (05/23/2014 02:05:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (05/23/2014 01:34:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: netfilter
Error: (05/23/2014 01:34:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Microsoft Office Sessions:
=========================
Error: (05/24/2014 09:24:40 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe
Error: (05/24/2014 09:24:40 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe
Error: (05/24/2014 08:51:46 AM) (Source: Software Licensing Service) (EventID: 8198) (User: )
Description: 0x80070057
Error: (05/23/2014 01:36:03 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe
Error: (05/23/2014 01:36:03 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe
Error: (05/23/2014 09:36:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe
Error: (05/23/2014 09:36:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe
Error: (05/23/2014 08:45:47 AM) (Source: Software Licensing Service) (EventID: 8198) (User: )
Description: 0x80070057
Error: (05/22/2014 09:38:32 PM) (Source: Software Licensing Service) (EventID: 8198) (User: )
Description: 0x80070057
Error: (05/22/2014 09:27:46 AM) (Source: Software Licensing Service) (EventID: 8198) (User: )
Description: 0x80070057
CodeIntegrity Errors:
===================================
Date: 2014-05-24 10:16:34.236
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-24 10:16:33.878
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-24 10:16:33.522
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-24 10:16:33.211
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-24 10:16:32.810
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-24 10:16:32.474
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-24 10:16:32.061
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-24 10:16:31.714
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-24 10:16:31.336
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\klpd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-24 10:16:30.922
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\klpd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 65%
Total physical RAM: 2999.9 MB
Available physical RAM: 1048.14 MB
Total Pagefile: 6223.98 MB
Available Pagefile: 4124.38 MB
Total Virtual: 2047.88 MB
Available Virtual: 1896.5 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:140.71 GB) (Free:16.95 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: A8F16AE4)
Partition 1: (Not Active) - (Size=8 GB) - (Type=27)
Partition 2: (Active) - (Size=141 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Geändert von sibelius84 (24.05.2014 um 15:48 Uhr) |
Baum-Darstellung