| |
| |||||||
Log-Analyse und Auswertung: AdwareproblemeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.07.2014, 18:37
| #1 |
 |  Adwareprobleme Hallo, seit einiger Zeit plagt mich die Sorge, dass bei meinem PC nicht mehr alles stimmt. Vorab eine Information: Ich benutze Norton 360. Außer die üblichen Tracking Cookies kommt aus den Scans nicht viel raus, aber vor allem Adwareprobleme plagen mich. Merkwürdige Links und ähnliches öffnen sich plötzlich im Internet und Massen an Werbung. Ich habe letztens eine Software installiert und dabei nicht ganz aufgepasst. Diese hat mir glaube ich jede Menge Müll auf meinen Laptop geholt. Ich habe mal Malwarebytes Anti-Malware laufen lassen: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 06.07.2014 Scan Time: 19:24:38 Logfile: Log.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.07.06.06 Rootkit Database: v2014.07.03.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: Lukas Scan Type: Threat Scan Result: Completed Objects Scanned: 306154 Time Elapsed: 9 min, 17 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 3 PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, 1352, , [a7a7029a65161026406290ccb64bd32d] Adware.Adpeak, C:\Program Files\003\vxlsnyaiet64.exe, 1684, , [48068e0e13681b1b87fbccb120e420e0] PUP.Optional.AdPeak.A, C:\Program Files\003\vxlsnyaiet64.exe, 1684, , [074727757704d95d1bebaa18cc3617e9] Modules: 1 PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, , [eb63bce098e32016ddf2c5c660a131cf], Registry Keys: 23 PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, , [a7a7029a65161026406290ccb64bd32d], Adware.Adpeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\vxlsnyaiet64, , [48068e0e13681b1b87fbccb120e420e0], PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}, , [a5a9d0cc7efd1a1c987b1d31dd251fe1], PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{10AD2C61-0898-4348-8600-14A342F22AC3}, , [a5a9d0cc7efd1a1c987b1d31dd251fe1], PUP.Optional.CouponDownloader.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10AD2C61-0898-4348-8600-14A342F22AC3}, , [a5a9d0cc7efd1a1c987b1d31dd251fe1], PUP.Optional.CouponDownloader.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{10AD2C61-0898-4348-8600-14A342F22AC3}, , [a5a9d0cc7efd1a1c987b1d31dd251fe1], PUP.Optional.SupTab.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [eb63c8d4c2b9c86e33f9c19061a13bc5], PUP.Optional.SupTab.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [eb63c8d4c2b9c86e33f9c19061a13bc5], PUP.Optional.AdPeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\vxlsnyaiet64, , [074727757704d95d1bebaa18cc3617e9], PUP.Optional.AdPeak.A, HKLM\SOFTWARE\LevelQualityWatcher, , [f25c18845823191df31440758082817f], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\suprasavings, , [5ef013897a0155e1817cca0025ddbf41], PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [72dcb8e4e3983402726c42b81de6ea16], PUP.Optional.WindowsProtectManger.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsProtectManger, , [e668e7b5b3c82d095bd58b29d2306f91], PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\sweet-pageSoftware, , [1c3248540477b5819b31bd4604003cc4], PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [d876a0fcfe7d51e5429ca35759aa2dd3], PUP.Optional.AdPeak.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}, , [27274d4ff58615214c26d6e49c66d12f], PUP.Optional.BundleInstaller.A, HKLM\SOFTWARE\WOW6432NODE\VITTALIA\AxtanInstaller, , [d07e9606ceaddf57703934a2bc4605fb], PUP.Optional.SupraSavings.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, , [ce80e3b9146748ee73847e4be51dc53b], PUP.Optional.BrowserSafeGuard.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BrowserSafeguardInstalled, , [62ec5a4290eb63d32a1c10a53bc7d927], PUP.Optional.SupraSavings.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupraSavings, , [92bcc1dbcab1fe3850ae89416b97c43c], PUP.Optional.SupraSavings.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\suprasavings, , [3618f5a7e6950c2abb44a327837f53ad], PUP.Optional.Qone8, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [27279b01d6a50b2bfae3916963a04bb5], PUP.Optional.Softonic.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [f05ecfcd552696a08466be0957abf50b], Registry Values: 4 PUP.Optional.SupTab.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~2.DLL, , [bc92524acdae3ef81d6f496bb250926e] PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~1.DLL, , [b9954e4ef487c4723c50a90ba1612cd4] PUP.Optional.FastStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\gerrq6ld.default\extensions\faststartff@gmail.com, , [4fff0a92a3d8b97dfb8bb05ec440b54b] PUP.Optional.FastStart.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, , [87c72973a8d39c9a75bdd6de47bb0bf5] Registry Data: 12 PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}),,[ef5f019badceb4821e06efa650b45fa1] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}),,[c48a1a8294e79c9a53af2664d331b54b] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563),,[b896019b7ffc4cea43e0efa67c886997] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563),,[bf8f9705adce95a18a9b4f4655af7987] PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[b6985c40eb90a591714c8c08ae568d73] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}),,[fa549ffda5d60630ef35752034d0b848] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563),,[6be36c303b40c67059cac0d5dc287c84] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563),,[d876623a23585cdac26332637b893cc4] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}),,[cf7f8b11611a3afcaf53404ab84cd12f] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[af9fd0cc205b0c2a6c510d872fd58779] PUP.Optional.SweetPage.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563),,[3a144854394286b0a878f99c33d14ab6] PUP.Optional.SweetPage.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563),,[1d31811bc2b91b1b37e8b2e3f01451af] Folders: 7 PUP.Optional.SupraSavings.A, C:\Program Files\SupraSavings, , [c48a44584a312b0b6d5b9f01cf330000], PUP.Optional.SupraSavings.A, C:\Program Files\SupraSavings\SSL, , [c48a44584a312b0b6d5b9f01cf330000], PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, , [d27c4953e6953402889b19964ab8a45c], PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, , [d27c4953e6953402889b19964ab8a45c], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger, , [cf7f38642952a393a525159af60c8d73], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log, , [cf7f38642952a393a525159af60c8d73], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update, , [cf7f38642952a393a525159af60c8d73], Files: 11 PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, , [a7a7029a65161026406290ccb64bd32d], PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, , [eb63bce098e32016ddf2c5c660a131cf], Adware.Adpeak, C:\Program Files\003\vxlsnyaiet64.exe, , [48068e0e13681b1b87fbccb120e420e0], PUP.Optional.SupTab.A, C:\$Recycle.Bin\S-1-5-21-1539172179-1726893121-3486313719-1001\$R2JBGDE.dll, , [69e5a2fa344782b4a7bca095b44ce818], PUP.Optional.SupraSavings.A, C:\$Recycle.Bin\S-1-5-21-1539172179-1726893121-3486313719-1001\$RNIMYFM\2rs3.dll, , [ff4f8715ff7cbc7a69cec0bc986c50b0], PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, , [024c207c8af1ae885c2d043903fde719], PUP.Optional.SupraSavings.A, C:\Windows\Installer\22a89434.msi, , [7ed0c8d414678babb681bbc15da73bc5], PUP.Optional.AdPeak.A, C:\Program Files\003\vxlsnyaiet64.exe, , [074727757704d95d1bebaa18cc3617e9], PUP.Optional.SweetPage.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml, , [0b43b1eb7cff78beb417cc37719329d7], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log\wprotectmanager_2014-06-21[08-58-10-052].log, , [cf7f38642952a393a525159af60c8d73], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update\conf, , [cf7f38642952a393a525159af60c8d73], Physical Sectors: 0 (No malicious items detected) (end) Ich bedanke mich schonmal sehr LG Lukas |
|
06.07.2014, 19:02
| #2 |
| /// the machine /// TB-Ausbilder    | Adwareprobleme hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
07.07.2014, 12:47
| #3 |
| | Adwareprobleme Hallo,
__________________danke für deine Hilfe! Hier die benötigten Logs: FRST: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Lukas (administrator) on LUKAS on 06-07-2014 20:05:55
Running from C:\Users\Lukas\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files\003\vxlsnyaiet64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2014-02-16] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2014-03-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-06-24] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1539172179-1726893121-3486313719-1001\...\MountPoints2: {3d13c48f-f3c8-11e3-be91-28924a499f15} - "G:\Autorun.exe"
HKU\S-1-5-21-1539172179-1726893121-3486313719-1001\...\MountPoints2: {5da81a55-6e33-11e3-be73-28924a499f15} - "I:\LaunchU3.exe" -a
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}
SearchScopes: HKLM - {40981C5A-7E4F-4A5C-818C-1831FB462759} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}
SearchScopes: HKLM-x32 - {40981C5A-7E4F-4A5C-818C-1831FB462759} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}
SearchScopes: HKCU - {40981C5A-7E4F-4A5C-818C-1831FB462759} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: 2rs3 - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\SupraSavings\2rs3.dll No File
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 d3oxij66pru1i3.cloudfront.net
Tcpip\..\Interfaces\{A881F854-B342-4E55-B969-19B18C45F510}: [NameServer]8.8.8.8,8.8.4.4
FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\c7i7dc9c.default-1404665380831
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\IPSFF [2014-06-05]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\coFFPlgn [2014-07-06]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\gerrq6ld.default\extensions\faststartff@gmail.com
==================== Services (Whitelisted) =================
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe [265040 2014-05-11] (Symantec Corporation)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R2 vxlsnyaiet64; C:\Program Files\003\vxlsnyaiet64.exe [706560 2014-06-21] () [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-05-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\BASHDefs\20140606.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1503000.00C\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-06-15] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-13] (Symantec Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-06-23] (LogMeIn Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\IPSDefs\20140703.001\IDSvia64.sys [525016 2014-06-04] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\VirusDefs\20140705.001\ENG64.SYS [126040 2014-07-05] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\VirusDefs\20140705.001\EX64.SYS [2099288 2014-07-05] (Symantec Corporation)
R4 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-06-12] (NetFilterSDK.com)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2014-03-07] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\system32\drivers\N360x64\1503000.00C\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1503000.00C\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1503000.00C\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-05] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1503000.00C\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1503000.00C\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-06-27] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-06 20:05 - 2014-07-06 20:06 - 00022647 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-07-06 20:05 - 2014-07-06 20:05 - 02084352 _____ (Farbar) C:\Users\Lukas\Downloads\FRST64.exe
2014-07-06 20:05 - 2014-07-06 20:05 - 00000000 ____D () C:\FRST
2014-07-06 19:23 - 2014-07-06 19:24 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-06 19:23 - 2014-07-06 19:23 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-06 19:23 - 2014-07-06 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-06 19:23 - 2014-07-06 19:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-06 19:23 - 2014-07-06 19:23 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-06 19:23 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-06 19:23 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-06 19:23 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-06 19:22 - 2014-07-06 19:23 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-06 19:08 - 2014-07-02 18:32 - 00109974 _____ () C:\WINDOWS\_detmp.1
2014-07-06 19:08 - 2001-02-26 20:48 - 00081920 _____ (Adobe Systems, Inc.) C:\WINDOWS\_detmp.2
2014-07-06 17:39 - 2014-07-06 17:39 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack
2014-07-06 17:39 - 2014-07-06 17:39 - 00000000 ____D () C:\Program Files (x86)\Essentials Codec Pack
2014-07-06 17:37 - 2014-07-06 17:37 - 00683360 _____ () C:\Users\Lukas\Downloads\MediaCodec.exe
2014-07-06 11:34 - 2014-07-06 19:26 - 00249660 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-06 11:07 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-07-06 11:06 - 2014-07-06 11:06 - 00004563 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_60-b19.log
2014-07-06 11:06 - 2014-07-06 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-06 11:06 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-07-06 11:06 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-07-06 11:06 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-07-06 10:57 - 2014-07-06 10:57 - 00012668 _____ () C:\WINDOWS\PFRO.log
2014-07-04 14:41 - 2014-07-04 14:41 - 00000000 ____D () C:\Users\Lukas\AppData\Local\{7BC4C0BB-06F9-4D83-8549-D2BE554FA60E}
2014-07-04 14:30 - 2014-07-04 15:02 - 00000000 ____D () C:\Users\Lukas\Desktop\Unbenannt
2014-07-02 18:35 - 2014-07-02 18:35 - 00000000 ____D () C:\Program Files (x86)\Ubi Soft
2014-07-02 18:35 - 2002-06-17 08:25 - 00026088 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\xmlinst.exe
2014-07-02 18:35 - 2002-04-24 13:43 - 00035840 ____R () C:\WINDOWS\SysWOW64\comdlg32.oca
2014-07-02 18:35 - 2002-04-09 18:23 - 00029184 ____R () C:\WINDOWS\SysWOW64\MSINET.oca
2014-07-02 18:35 - 2001-05-04 12:05 - 00505104 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml.dll
2014-07-02 18:35 - 2001-05-04 12:05 - 00028432 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxmlr.dll
2014-07-02 18:35 - 2000-05-22 01:00 - 00140488 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.ocx
2014-07-02 18:35 - 2000-03-17 09:21 - 00069632 ____R () C:\WINDOWS\SysWOW64\xmltok.dll
2014-07-02 18:35 - 2000-03-17 09:21 - 00036864 ____R () C:\WINDOWS\SysWOW64\xmlparse.dll
2014-07-02 18:35 - 1998-06-24 01:00 - 00115016 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSINET.OCX
2014-07-02 18:35 - 1998-06-18 01:00 - 00089360 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5DB.DLL
2014-07-02 18:34 - 2014-07-06 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Byte
2014-07-02 18:32 - 2014-07-02 18:32 - 00001287 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader 5.0.lnk
2014-07-02 18:32 - 2014-07-02 18:32 - 00000000 ____D () C:\Users\Lukas\Documents\My eBooks
2014-07-02 18:32 - 2014-07-02 18:32 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\InterTrust
2014-07-02 18:32 - 2014-07-02 18:32 - 00000000 ____D () C:\BlueByte
2014-07-02 18:18 - 1998-11-17 12:44 - 00328704 _____ (InstallShield Software Corporation ) C:\WINDOWS\IsUn0407.exe
2014-07-01 16:07 - 2014-07-01 16:08 - 00000000 ____D () C:\Users\Lukas\AppData\Local\{BAF1A25C-D68D-46AF-87AA-7DB11E220EFA}
2014-06-27 15:53 - 2014-06-27 15:53 - 00000000 ____D () C:\Users\Lukas\AppData\Local\{C1BB5EF4-E7C4-416F-81E9-D987DBABB6C6}
2014-06-26 21:21 - 2014-07-06 18:58 - 00000000 ____D () C:\Program Files\SupraSavings
2014-06-26 20:41 - 2014-07-02 13:35 - 00000344 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForLukas.job
2014-06-26 20:35 - 2014-06-26 20:35 - 05417896 _____ () C:\Users\Lukas\Desktop\phase-6-backpack-all-2014-06-26.p6a
2014-06-26 20:30 - 2014-06-26 20:30 - 00000938 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-06-26 20:30 - 2014-06-26 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-06-26 20:30 - 2014-06-26 20:30 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-06-25 19:27 - 2014-07-05 17:22 - 00000000 ____D () C:\Users\Lukas\Desktop\Server
2014-06-23 11:42 - 2014-06-23 11:42 - 00046136 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-06-21 21:37 - 2014-06-21 21:37 - 00011958 _____ () C:\Users\Lukas\AppData\Local\recently-used.xbel
2014-06-21 20:47 - 2014-06-21 20:47 - 00000000 ____D () C:\Users\Lukas\Documents\Stronghold Kingdoms
2014-06-21 20:47 - 2014-06-21 20:47 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Firefly Studios
2014-06-21 20:47 - 2014-06-21 20:47 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Geckofx
2014-06-21 09:02 - 2014-07-06 10:08 - 00000000 ____D () C:\temp
2014-06-21 09:00 - 2014-06-21 09:00 - 00000000 ____D () C:\Users\Lukas\AppData\Local\BrowserSafeguard
2014-06-21 08:58 - 2014-07-06 19:18 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-21 08:58 - 2014-06-21 09:03 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-21 08:58 - 2014-06-21 09:02 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-21 08:58 - 2014-06-21 09:02 - 00000000 ____D () C:\Program Files\003
2014-06-21 08:46 - 2014-05-24 04:07 - 01102945 _____ () C:\Users\Lukas\Desktop\SkaiaCraft_Launcher.jar
2014-06-19 14:32 - 2014-06-19 14:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-15 15:18 - 2014-07-06 10:55 - 00000000 ____D () C:\Users\Lukas\AppData\Local\LogMeIn Hamachi
2014-06-15 00:04 - 2014-06-15 00:04 - 00000000 ____D () C:\ProgramData\ATI
2014-06-14 23:51 - 2014-06-14 23:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Raptr
2014-06-14 23:51 - 2014-06-14 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-06-14 23:51 - 2014-06-14 23:51 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-06-14 23:44 - 2014-06-14 23:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-14 17:14 - 2014-06-14 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinypic
2014-06-14 17:14 - 2014-06-14 17:14 - 00000000 ____D () C:\Program Files (x86)\Tinypic
2014-06-12 21:05 - 2014-06-12 21:05 - 00046376 _____ (NetFilterSDK.com) C:\WINDOWS\system32\Drivers\netfilter64.sys
2014-06-12 13:50 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-12 13:50 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-12 13:50 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-12 13:50 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-12 13:50 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-12 13:50 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-12 13:50 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-12 13:50 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-12 13:50 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-12 13:50 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-12 13:50 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-12 13:50 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-12 13:50 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-12 13:50 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-12 13:50 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-12 13:50 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-12 13:50 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-12 13:50 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-12 13:50 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-12 13:50 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-12 13:50 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-12 13:50 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-12 13:50 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-12 13:50 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-12 13:50 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-12 13:49 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-12 13:49 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-12 13:49 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-12 13:49 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-12 13:49 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-12 13:49 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-12 13:49 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-12 13:49 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-12 13:49 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-12 13:49 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-12 13:49 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-12 13:49 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-12 13:49 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-12 13:49 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-12 13:49 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-12 13:49 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-12 13:49 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-12 13:49 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-12 13:49 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-12 13:49 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-12 13:49 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-12 13:49 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-12 13:49 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-12 13:49 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-06-12 13:49 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-12 13:49 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-12 13:49 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-12 13:49 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-12 13:49 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-12 13:49 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-12 13:49 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-12 13:49 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-12 13:49 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-12 13:49 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-12 13:49 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-12 13:49 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-12 13:49 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-12 13:49 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-12 13:49 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-12 13:49 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-12 13:49 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-12 13:48 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-12 13:48 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-12 13:48 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-12 13:48 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-12 13:48 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-12 13:48 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-12 13:48 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-12 13:48 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-12 13:48 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-12 13:48 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-12 13:48 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-12 13:48 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-12 13:48 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-12 13:48 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-12 13:48 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-12 13:48 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-12 13:48 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-12 13:48 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-12 13:48 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-12 13:48 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-12 13:48 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-12 13:48 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-12 13:48 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-12 13:48 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-12 13:48 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-12 13:48 - 2014-04-06 18:34 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-12 13:48 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-12 13:48 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-12 13:48 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-12 13:48 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-12 13:48 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-12 13:48 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-12 13:48 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-12 13:48 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-12 13:48 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-12 13:48 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-12 13:48 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-12 13:48 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-12 13:48 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-12 13:48 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-12 13:48 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-12 13:48 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-12 13:48 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-12 13:48 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-12 13:48 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-12 13:48 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-12 13:48 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-12 13:48 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-12 13:48 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-12 13:48 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-12 13:48 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-12 13:48 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-12 13:48 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-12 13:48 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-12 13:48 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-12 13:48 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-12 13:48 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-12 13:48 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-12 13:48 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-12 13:48 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-12 13:48 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-12 13:48 - 2014-04-01 08:23 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-12 13:48 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-12 13:48 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-12 13:48 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-12 13:48 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-12 13:48 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-12 13:48 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-12 13:48 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-12 13:48 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-12 13:48 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-12 13:48 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-12 13:48 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-12 13:48 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-12 13:48 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-12 13:48 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-12 13:48 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-12 13:48 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-12 13:48 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-12 13:48 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-12 13:48 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-12 13:48 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-12 13:48 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-12 13:48 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-12 13:48 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-12 13:48 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-12 13:48 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-12 13:48 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-12 13:48 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-12 13:48 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-12 13:48 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-12 13:48 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-12 13:48 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-12 13:48 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-12 13:48 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-12 13:48 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-12 13:48 - 2014-03-18 10:19 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-12 13:48 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-12 13:48 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-12 13:48 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-12 13:48 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-12 13:48 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-12 13:48 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-12 13:48 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-12 13:48 - 2014-03-06 14:42 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-12 13:48 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-12 13:47 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-12 13:47 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-12 13:47 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-12 13:47 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-12 13:47 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-12 13:47 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
==================== One Month Modified Files and Folders =======
2014-07-06 20:06 - 2014-07-06 20:05 - 00022647 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-07-06 20:06 - 2014-04-27 20:02 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-06 20:05 - 2014-07-06 20:05 - 02084352 _____ (Farbar) C:\Users\Lukas\Downloads\FRST64.exe
2014-07-06 20:05 - 2014-07-06 20:05 - 00000000 ____D () C:\FRST
2014-07-06 20:05 - 2013-12-27 15:24 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-06 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-06 19:57 - 2013-12-26 15:55 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1539172179-1726893121-3486313719-1001
2014-07-06 19:26 - 2014-07-06 11:34 - 00249660 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-06 19:24 - 2014-07-06 19:23 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-06 19:23 - 2014-07-06 19:23 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-06 19:23 - 2014-07-06 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-06 19:23 - 2014-07-06 19:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-06 19:23 - 2014-07-06 19:23 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-06 19:23 - 2014-07-06 19:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-06 19:18 - 2014-06-21 08:58 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-06 19:08 - 2014-07-02 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Byte
2014-07-06 19:08 - 2014-04-21 15:49 - 00000000 ____D () C:\Fraps
2014-07-06 19:06 - 2014-04-27 20:02 - 00001116 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-06 18:58 - 2014-06-26 21:21 - 00000000 ____D () C:\Program Files\SupraSavings
2014-07-06 18:35 - 2014-01-22 17:04 - 00000000 ____D () C:\Users\Lukas\AppData\Local\PMB Files
2014-07-06 17:39 - 2014-07-06 17:39 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack
2014-07-06 17:39 - 2014-07-06 17:39 - 00000000 ____D () C:\Program Files (x86)\Essentials Codec Pack
2014-07-06 17:37 - 2014-07-06 17:37 - 00683360 _____ () C:\Users\Lukas\Downloads\MediaCodec.exe
2014-07-06 17:32 - 2014-01-22 17:04 - 00000000 ____D () C:\ProgramData\PMB Files
2014-07-06 11:07 - 2014-02-11 17:02 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-06 11:06 - 2014-07-06 11:06 - 00004563 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_60-b19.log
2014-07-06 11:06 - 2014-07-06 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-06 11:06 - 2014-02-11 17:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-06 11:01 - 2014-05-02 19:25 - 00000000 __RDO () C:\Users\Lukas\OneDrive
2014-07-06 10:59 - 2013-12-27 15:00 - 04606464 ___SH () C:\Users\Lukas\Desktop\Thumbs.db
2014-07-06 10:58 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-06 10:57 - 2014-07-06 10:57 - 00012668 _____ () C:\WINDOWS\PFRO.log
2014-07-06 10:57 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-06 10:57 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-07-06 10:55 - 2014-06-15 15:18 - 00000000 ____D () C:\Users\Lukas\AppData\Local\LogMeIn Hamachi
2014-07-06 10:41 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-06 10:40 - 2014-05-12 21:46 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2C7D984D-C797-4C08-A7FE-2964E160CBB4}
2014-07-06 10:30 - 2014-01-02 20:35 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Skype
2014-07-06 10:08 - 2014-06-21 09:02 - 00000000 ____D () C:\temp
2014-07-05 17:22 - 2014-06-25 19:27 - 00000000 ____D () C:\Users\Lukas\Desktop\Server
2014-07-04 16:59 - 2014-01-03 18:11 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-07-04 16:58 - 2014-01-03 18:11 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-04 15:02 - 2014-07-04 14:30 - 00000000 ____D () C:\Users\Lukas\Desktop\Unbenannt
2014-07-04 14:41 - 2014-07-04 14:41 - 00000000 ____D () C:\Users\Lukas\AppData\Local\{7BC4C0BB-06F9-4D83-8549-D2BE554FA60E}
2014-07-04 14:24 - 2013-12-27 16:32 - 00007168 _____ () C:\Users\Lukas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-04 13:18 - 2014-04-29 19:19 - 00001118 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-04 13:10 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-02 18:35 - 2014-07-02 18:35 - 00000000 ____D () C:\Program Files (x86)\Ubi Soft
2014-07-02 18:32 - 2014-07-06 19:08 - 00109974 _____ () C:\WINDOWS\_detmp.1
2014-07-02 18:32 - 2014-07-02 18:32 - 00001287 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader 5.0.lnk
2014-07-02 18:32 - 2014-07-02 18:32 - 00000000 ____D () C:\Users\Lukas\Documents\My eBooks
2014-07-02 18:32 - 2014-07-02 18:32 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\InterTrust
2014-07-02 18:32 - 2014-07-02 18:32 - 00000000 ____D () C:\BlueByte
2014-07-02 18:32 - 2013-12-26 15:47 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Adobe
2014-07-02 18:32 - 2012-08-31 15:42 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-07-02 13:35 - 2014-06-26 20:41 - 00000344 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForLukas.job
2014-07-01 20:18 - 2014-02-10 16:47 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\.minecraft
2014-07-01 16:08 - 2014-07-01 16:07 - 00000000 ____D () C:\Users\Lukas\AppData\Local\{BAF1A25C-D68D-46AF-87AA-7DB11E220EFA}
2014-07-01 16:05 - 2013-12-28 17:21 - 00229376 ___SH () C:\Users\Lukas\Downloads\Thumbs.db
2014-06-29 14:30 - 2014-01-01 19:34 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\TeamViewer
2014-06-27 15:53 - 2014-06-27 15:53 - 00000000 ____D () C:\Users\Lukas\AppData\Local\{C1BB5EF4-E7C4-416F-81E9-D987DBABB6C6}
2014-06-26 20:39 - 2014-03-02 20:14 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\DAEMON Tools Lite
2014-06-26 20:39 - 2013-12-26 18:35 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-26 20:38 - 2014-02-28 16:44 - 00000000 ____D () C:\Users\Lukas\AppData\Local\CrashDumps
2014-06-26 20:37 - 2014-03-18 12:03 - 01980934 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-26 20:37 - 2014-03-18 11:25 - 00842568 _____ () C:\WINDOWS\system32\perfh007.dat
2014-06-26 20:37 - 2014-03-18 11:25 - 00191764 _____ () C:\WINDOWS\system32\perfc007.dat
2014-06-26 20:35 - 2014-06-26 20:35 - 05417896 _____ () C:\Users\Lukas\Desktop\phase-6-backpack-all-2014-06-26.p6a
2014-06-26 20:30 - 2014-06-26 20:30 - 00000938 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-06-26 20:30 - 2014-06-26 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-06-26 20:30 - 2014-06-26 20:30 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-06-26 20:28 - 2013-12-26 15:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-25 21:59 - 2013-12-26 15:46 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Packages
2014-06-23 11:42 - 2014-06-23 11:42 - 00046136 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-06-21 23:11 - 2013-12-29 15:31 - 00000000 ____D () C:\Users\Lukas\.gimp-2.8
2014-06-21 21:37 - 2014-06-21 21:37 - 00011958 _____ () C:\Users\Lukas\AppData\Local\recently-used.xbel
2014-06-21 20:47 - 2014-06-21 20:47 - 00000000 ____D () C:\Users\Lukas\Documents\Stronghold Kingdoms
2014-06-21 20:47 - 2014-06-21 20:47 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Firefly Studios
2014-06-21 20:47 - 2014-06-21 20:47 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Geckofx
2014-06-21 09:28 - 2014-02-10 16:29 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Craften Terminal
2014-06-21 09:13 - 2014-02-10 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craften Terminal
2014-06-21 09:13 - 2014-02-10 16:28 - 00000000 ____D () C:\Program Files (x86)\Craften Terminal
2014-06-21 09:03 - 2014-06-21 08:58 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-21 09:02 - 2014-06-21 08:58 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-21 09:02 - 2014-06-21 08:58 - 00000000 ____D () C:\Program Files\003
2014-06-21 09:00 - 2014-06-21 09:00 - 00000000 ____D () C:\Users\Lukas\AppData\Local\BrowserSafeguard
2014-06-20 16:26 - 2014-02-25 22:18 - 00000000 ___RD () C:\Users\Lukas\Dropbox
2014-06-20 14:31 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-20 14:08 - 2013-12-27 11:02 - 00000000 ___RD () C:\Users\Lukas\Desktop\Lukas
2014-06-19 14:32 - 2014-06-19 14:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 19:01 - 2014-04-27 20:02 - 00004092 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-18 19:01 - 2014-04-27 20:02 - 00003856 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-15 15:22 - 2014-04-03 15:11 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Tunngle
2014-06-15 15:22 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\Tunngle
2014-06-15 15:04 - 2014-03-02 20:14 - 00283064 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-06-15 11:51 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-06-15 00:04 - 2014-06-15 00:04 - 00000000 ____D () C:\ProgramData\ATI
2014-06-14 23:51 - 2014-06-14 23:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Raptr
2014-06-14 23:51 - 2014-06-14 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-06-14 23:51 - 2014-06-14 23:51 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-06-14 23:51 - 2013-12-27 21:21 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-06-14 23:44 - 2014-06-14 23:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-14 23:42 - 2014-05-02 18:09 - 00000000 ____D () C:\AMD
2014-06-14 19:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-14 17:14 - 2014-06-14 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinypic
2014-06-14 17:14 - 2014-06-14 17:14 - 00000000 ____D () C:\Program Files (x86)\Tinypic
2014-06-14 17:08 - 2013-12-29 15:34 - 00000000 ____D () C:\Users\Lukas\AppData\Local\gtk-2.0
2014-06-14 16:36 - 2013-12-27 20:15 - 00000909 _____ () C:\Users\Lukas\Desktop\Downloads.lnk
2014-06-14 15:32 - 2013-08-22 16:44 - 00377208 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-14 15:29 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-14 15:29 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-14 15:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-14 15:29 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-13 14:42 - 2013-12-27 18:22 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-13 14:40 - 2013-12-27 18:22 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-12 21:05 - 2014-06-12 21:05 - 00046376 _____ (NetFilterSDK.com) C:\WINDOWS\system32\Drivers\netfilter64.sys
Files to move or delete:
====================
C:\ProgramData\sysqcl1129139270.dat
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-06 11:19
==================== End Of Log ============================
--- --- --- --- --- --- Und Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by Lukas at 2014-07-06 20:06:38
Running from C:\Users\Lukas\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Aufstieg des Hexenkönigs™ (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version: - )
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9045 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 7 (HKLM-x32\...\{DE042823-C359-4B87-B66B-308057E8B6AF}) (Version: 7.0.1 - TechSmith Corporation)
Castle Story (HKLM-x32\...\Steam App 227860) (Version: - Sauropod Studio)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
Craften Terminal 3.5.5 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 3.5.5 - Craften.de)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3.6326 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3.6326 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3119 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DeepSkyStacker (HKLM-x32\...\{350E3960-DE20-4FE6-9E6B-26B464AD27FD}) (Version: 3.2.0 - )
Die Schlacht um Mittelerde™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
Dropbox (HKCU\...\Dropbox) (Version: 2.6.31 - Dropbox, Inc.)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.0.0.0 - Electronic Arts)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{AB5BCC55-18E2-46C7-9405-FF61CB888F05}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO - The Hobbit (HKLM-x32\...\Steam App 285160) (Version: - Traveller's Tales)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.214 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Neat Image v7.4.0 Demo Standalone (32-bit) (HKLM-x32\...\Neat Image Standalone (32-bit)_is1) (Version: - Neat Image team, ABSoft)
Norton 360 (HKLM-x32\...\N360) (Version: 21.3.0.12 - Symantec Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
phase-6 2.3.3 (HKLM-x32\...\phase-6) (Version: 2.3.3 - phase-6)
Philips SPC 900NC PC Camera (HKLM-x32\...\{51E13E14-F72A-4C97-8FD7-04322D995E2F}) (Version: 1.00.000 - Philips)
Pivot Stickfigure Animator version 2.2.7 (HKLM-x32\...\Pivot Stickfigure Animator_is1) (Version: 2.2.7 - )
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
RegiStax 6.1.0.8 update (HKCU\...\RegiStax 6.1.0.8 update) (Version: - )
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stellarium 0.12.4 (HKLM\...\Stellarium_is1) (Version: 0.12.4 - Stellarium team)
SupraSavings (x32 Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version: - Snowblind Studios)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
V-Gear TalkCam Tracer CCD (HKLM-x32\...\{D0AF1483-31AD-4FEB-A961-C9327185439F}) (Version: 0.1.0114.05 - )
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Essentials Media Codec Pack 4.7 [64-Bit] (HKLM-x32\...\Windows Essentials Media Codec Pack) (Version: 4.7 - Media Codec)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Restore Points =========================
21-06-2014 18:43:08 DirectX wurde installiert
25-06-2014 18:35:17 Windows Update
29-06-2014 13:13:06 Windows Update
03-07-2014 14:54:16 Windows Update
06-07-2014 08:50:30 Norton 360 Registry Clean
==================== Hosts content: ==========================
2013-08-22 15:25 - 2014-07-06 17:39 - 00000867 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 d3oxij66pru1i3.cloudfront.net
==================== Scheduled Tasks (whitelisted) =============
Task: {0260F546-D198-434F-BA5C-9439335DD2A8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {146D098E-5203-496D-8C17-CC00C9C9765C} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {1DE0CA86-2FC0-42EE-B3E5-675AE49C6571} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {21755B0A-6AB8-465B-A12E-517C11E7E485} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {2559CBD2-D54B-411A-84C9-E2A689E2115A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {280D9154-678F-4459-8478-541B41E266EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-27] (Google Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2DAD6C60-E9C5-42AB-BEF0-FCB4688BE920} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {33C6722E-7DD4-4D17-85CF-D3F638AEF481} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-13] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4B904029-7FF9-46B1-8E67-F5A673EB1FED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {5C81B117-8626-4F91-8E9F-CF723DCB607D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-16] (Adobe Systems Incorporated)
Task: {5FD2A507-34E7-4582-911F-08F2C104FEF6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6BF68A02-7ECB-4D57-8CE4-37AF61E8A869} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7912F926-C785-4F3B-964F-43C404BEE8DD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {7BB1EC61-3140-48A7-9245-3DD56ECC42BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8C42F7CA-0C37-408C-838E-14E8DEB742D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {91DF408D-1474-4DB7-A596-F935D48155DD} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\WSCStub.exe [2014-05-11] (Symantec Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CB16907A-C664-4B30-AE1C-91430B369B39} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-27] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D4F1838F-B2D1-4B45-AEF2-FB800DF0E0ED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EBB807EA-1A49-403E-8B2F-B7FD6703E844} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {EF12EB41-3E62-4CCB-983C-D6D5D4BF2F28} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForLukas.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2014-06-21 09:02 - 2014-06-21 09:02 - 00706560 _____ () C:\Program Files\003\vxlsnyaiet64.exe
2014-01-25 02:22 - 2014-01-25 02:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-09-07 20:45 - 2012-06-25 20:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-06-19 14:32 - 2014-06-19 14:32 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Lukas\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
HKLM\...\StartupApproved\StartupFolder: => "phase-6 Reminder.lnk"
HKLM\...\StartupApproved\Run32: => "STICAP"
HKLM\...\StartupApproved\Run32: => "TrayMin900"
HKLM\...\StartupApproved\Run32: => "Motor_Tracking_Tool"
HKLM\...\StartupApproved\Run32: => "BrowserSafeguard"
HKCU\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKCU\...\StartupApproved\Run: => "Steam"
HKCU\...\StartupApproved\Run: => "EADM"
HKCU\...\StartupApproved\Run: => "DAEMON Tools Lite"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/06/2014 07:09:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ISUN0407.EXE, Version 5.51.138.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f0c
Startzeit: 01cf993cf2d17d35
Endzeit: 0
Anwendungspfad: C:\WINDOWS\ISUN0407.EXE
Berichts-ID: 3a239e0f-0530-11e4-be93-28924a499f15
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (07/06/2014 04:20:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Excessive name conflicts (15) for Lukas-2.local. (AAAA); rate limiting in effect
Error: (07/06/2014 04:20:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Lukas-2.local. AAAA FE80:0000:0000:0000:49EC:9A4D:D72C:3096
Error: (07/06/2014 04:20:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 25.123.17.211:5353 4 lukas-2.local. Addr 25.123.17.211
Error: (07/06/2014 04:20:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Lukas-2.local. AAAA 2620:009B:0000:0000:0000:0000:198B:153B
Error: (07/06/2014 04:20:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 25.123.17.211:5353 4 lukas-2.local. Addr 25.123.17.211
Error: (07/06/2014 04:20:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 Lukas-2.local. Addr 25.139.21.59
Error: (07/06/2014 04:20:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 25.123.17.211:5353 4 lukas-2.local. Addr 25.123.17.211
Error: (07/06/2014 04:20:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Lukas-2.local. AAAA FE80:0000:0000:0000:49EC:9A4D:D72C:3096
Error: (07/06/2014 04:20:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 25.123.17.211:5353 4 lukas-2.local. Addr 25.123.17.211
System errors:
=============
Error: (07/06/2014 08:05:10 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "LUCY",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{A881F854-B342-4E55-B969-19B18C45F510}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/06/2014 05:23:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Microsoft Visual Studio 2010 Service Pack 1
Error: (07/06/2014 03:52:47 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{A881F854-B342-4E55-B969-19B18C45F510}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/06/2014 03:52:25 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "LUKAS :20" konnte nicht auf der Schnittstelle mit IP-Adresse 25.139.21.59
registriert werden. Der Computer mit IP-Adresse 25.123.17.211 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (07/06/2014 03:52:25 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "LUKAS :0" konnte nicht auf der Schnittstelle mit IP-Adresse 25.139.21.59
registriert werden. Der Computer mit IP-Adresse 25.123.17.211 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (07/06/2014 03:52:25 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{61B99C80-236E-4837-A5E0-5DCD6ED92C2D} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (07/06/2014 00:35:42 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "LUCY",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{A881F854-B342-4E55-B969-19B18C45F510}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/06/2014 11:38:49 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{A881F854-B342-4E55-B969-19B18C45F510}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/06/2014 10:56:20 AM) (Source: DCOM) (EventID: 10010) (User: LUKAS)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (07/06/2014 10:56:20 AM) (Source: DCOM) (EventID: 10010) (User: LUKAS)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Microsoft Office Sessions:
=========================
Error: (07/06/2014 07:09:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ISUN0407.EXE5.51.138.0f0c01cf993cf2d17d350C:\WINDOWS\ISUN0407.EXE3a239e0f-0530-11e4-be93-28924a499f15
Error: (07/06/2014 04:20:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Excessive name conflicts (15) for Lukas-2.local. (AAAA); rate limiting in effect
Error: (07/06/2014 04:20:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Lukas-2.local. AAAA FE80:0000:0000:0000:49EC:9A4D:D72C:3096
Error: (07/06/2014 04:20:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 25.123.17.211:5353 4 lukas-2.local. Addr 25.123.17.211
Error: (07/06/2014 04:20:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Lukas-2.local. AAAA 2620:009B:0000:0000:0000:0000:198B:153B
Error: (07/06/2014 04:20:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 25.123.17.211:5353 4 lukas-2.local. Addr 25.123.17.211
Error: (07/06/2014 04:20:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 Lukas-2.local. Addr 25.139.21.59
Error: (07/06/2014 04:20:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 25.123.17.211:5353 4 lukas-2.local. Addr 25.123.17.211
Error: (07/06/2014 04:20:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Lukas-2.local. AAAA FE80:0000:0000:0000:49EC:9A4D:D72C:3096
Error: (07/06/2014 04:20:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 25.123.17.211:5353 4 lukas-2.local. Addr 25.123.17.211
CodeIntegrity Errors:
===================================
Date: 2014-02-16 09:44:05.856
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-02-16 09:42:42.923
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-02-16 09:40:32.433
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-02-16 09:37:51.755
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-02-16 09:36:35.531
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-02-16 09:35:54.999
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-02-16 09:35:40.624
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-02-16 09:35:10.605
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-02-16 09:34:21.080
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-02-16 09:34:14.175
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 24%
Total physical RAM: 8084.27 MB
Available physical RAM: 6099.39 MB
Total Pagefile: 9364.27 MB
Available Pagefile: 7149.74 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:681.05 GB) (Free:546.81 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.03 GB) (Free:2.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Removable) (Total:14.9 GB) (Free:2.92 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 11F1E139)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
Lukas Hallo, noch zur Ergänzung. Ich habe schon versucht das eine zu deinstallieren, aber es war vergeblich, da anscheinend einige Dateien noch in dem IePlugin Programm geöffnet sind. Zu den Symptomen im Internet: Teilweise sind einzelne Wörter blau unterlegt und öffnen andere Seiten oder es öffnen sich einfach einzelne Seiten. Ich hoffe ihr könnt mir helfen  LG Lukas Hallo, ein weiterer Malwarebytes-Scan zeigt ein neues schädliches Objekt: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 07.07.2014 Scan Time: 13:34:02 Logfile: Log 2.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.07.07.02 Rootkit Database: v2014.07.03.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: Lukas Scan Type: Threat Scan Result: Completed Objects Scanned: 306649 Time Elapsed: 10 min, 34 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 3 PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, 1352, , [614dbddfc5b68caa1ba5e379ed14ea16] Adware.Adpeak, C:\Program Files\003\vxlsnyaiet64.exe, 1684, , [4a646c300d6e3cfa3833f18dd62ee11f] PUP.Optional.AdPeak.A, C:\Program Files\003\vxlsnyaiet64.exe, 1684, , [06a89b011d5eaf8755838e345ba758a8] Modules: 1 PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, , [9f0fa9f35d1e2e0822cb7615fe03e21e], Registry Keys: 23 PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, , [614dbddfc5b68caa1ba5e379ed14ea16], Adware.Adpeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\vxlsnyaiet64, , [4a646c300d6e3cfa3833f18dd62ee11f], PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}, , [7539dcc05c1f52e4d5e7cc82af538e72], PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{10AD2C61-0898-4348-8600-14A342F22AC3}, , [7539dcc05c1f52e4d5e7cc82af538e72], PUP.Optional.CouponDownloader.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10AD2C61-0898-4348-8600-14A342F22AC3}, , [7539dcc05c1f52e4d5e7cc82af538e72], PUP.Optional.CouponDownloader.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{10AD2C61-0898-4348-8600-14A342F22AC3}, , [7539dcc05c1f52e4d5e7cc82af538e72], PUP.Optional.SupTab.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [c3eba7f5750639fd567f5ef311f1c040], PUP.Optional.SupTab.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [c3eba7f5750639fd567f5ef311f1c040], PUP.Optional.AdPeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\vxlsnyaiet64, , [06a89b011d5eaf8755838e345ba758a8], PUP.Optional.AdPeak.A, HKLM\SOFTWARE\LevelQualityWatcher, , [426cbae2c1baf83e7c5d5b5a31d1d42c], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\suprasavings, , [bfefddbfd6a53bfbbd12f1da29d97d83], PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [dbd3a0fcc1ba6ccae8c8be3dcd36b24e], PUP.Optional.WindowsProtectManger.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsProtectManger, , [e1cd0a92364580b605fdd9dcf210b64a], PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\sweet-pageSoftware, , [edc1a8f4b5c6f442326c28dc82825ea2], PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [e6c85f3d1a618ea806aa17e4e51e837d], PUP.Optional.AdPeak.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}, , [d7d783195a2157df5ce88d2e1ce6db25], PUP.Optional.BundleInstaller.A, HKLM\SOFTWARE\WOW6432NODE\VITTALIA\AxtanInstaller, , [129c405cc6b582b4bac1993eee14ac54], PUP.Optional.SupraSavings.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, , [4d611488ea9180b66f5added8c763dc3], PUP.Optional.BrowserSafeGuard.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BrowserSafeguardInstalled, , [664843597b0091a5d741e9cdfb0703fd], PUP.Optional.SupraSavings.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupraSavings, , [6f3f2874e299ce68c10f25a6db276898], PUP.Optional.SupraSavings.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\suprasavings, , [3c72dcc0accfdb5b14bd9e2df11151af], PUP.Optional.Qone8, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [347a8f0d097284b2416ebd3e57acf10f], PUP.Optional.Softonic.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [bef0a4f8c1baf04696263b8d54aebc44], Registry Values: 4 PUP.Optional.SupTab.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~2.DLL, , [624c4359a8d3fb3b60feeec79b67ad53] PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~1.DLL, , [436b8d0fc9b29f972c32cbea8f73768a] PUP.Optional.FastStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\gerrq6ld.default\extensions\faststartff@gmail.com, , [eec0f1abd0ab8ea8391f57b841c3da26] PUP.Optional.FastStart.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, , [e6c8623abdbeae882ada7e37758d48b8] Registry Data: 12 PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}),,[01ad019b96e5a88e0a32a4f23bc93bc5] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}),,[cbe3f4a88dee5dd9e6342962c044b54b] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563),,[901e920a0a713ef8b784b6e07193ab55] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563),,[00ae554788f390a6fd402c6a3bc9f709] PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[b5f9b0ecc3b879bd11c4c1d46c9844bc] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}),,[416d2676750647ef24185e38f60e8c74] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563),,[dfcffca04d2ee94d3a013b5b54b0c838] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563),,[c9e56f2d235843f3221bbfd7b74df709] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}),,[bef0acf07605e05648d22962857f1fe1] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[fbb33d5fe5963bfb06cf30653dc7cd33] PUP.Optional.SweetPage.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563),,[bcf2712bb4c777bf66d21b7b0301827e] PUP.Optional.SweetPage.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563),,[fcb2ccd06417f4420b2cbfd7fa0a8b75] Folders: 7 PUP.Optional.SupraSavings.A, C:\Program Files\SupraSavings, , [ab03524af5862d09ff740a972dd5728e], PUP.Optional.SupraSavings.A, C:\Program Files\SupraSavings\SSL, , [ab03524af5862d09ff740a972dd5728e], PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, , [832b5b418eedec4ab21cf7b8fc06cf31], PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, , [832b5b418eedec4ab21cf7b8fc06cf31], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger, , [6b43821a8dee1323c6aff7b936cc857b], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log, , [6b43821a8dee1323c6aff7b936cc857b], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update, , [6b43821a8dee1323c6aff7b936cc857b], Files: 12 PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, , [614dbddfc5b68caa1ba5e379ed14ea16], PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, , [9f0fa9f35d1e2e0822cb7615fe03e21e], Adware.Adpeak, C:\Program Files\003\vxlsnyaiet64.exe, , [4a646c300d6e3cfa3833f18dd62ee11f], PUP.Optional.SupTab.A, C:\$Recycle.Bin\S-1-5-21-1539172179-1726893121-3486313719-1001\$R2JBGDE.dll, , [7e30e1bb97e4d5614b18c86d21dfca36], PUP.Optional.SupraSavings.A, C:\$Recycle.Bin\S-1-5-21-1539172179-1726893121-3486313719-1001\$RNIMYFM\2rs3.dll, , [96184458e398d75fb769aecfa65eaf51], PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, , [d4da712ba5d6c6702b5e18253dc317e9], PUP.Optional.SupraSavings.A, C:\Windows\Installer\22a89434.msi, , [cbe35a42c3b8df576db3e697699b11ef], PUP.Optional.AdPeak.A, C:\Program Files\003\vxlsnyaiet64.exe, , [06a89b011d5eaf8755838e345ba758a8], PUP.Optional.SweetPage.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml, , [d3dbe7b5265573c3c1dc29db41c36c94], PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, , [832b5b418eedec4ab21cf7b8fc06cf31], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log\wprotectmanager_2014-06-21[08-58-10-052].log, , [6b43821a8dee1323c6aff7b936cc857b], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update\conf, , [6b43821a8dee1323c6aff7b936cc857b], Physical Sectors: 0 (No malicious items detected) (end)  |
|
07.07.2014, 16:18
| #4 |
| | Adwareprobleme Hallo, ich kriege grade von Norton die Meldung, dass er Schädlinge gefunden hätte und isloiert, bzw entfernt hat. Hier der Sicherheitsverlauf: Code:
ATTFilter Kategorie: Behobene Sicherheitsrisiken
Datum/Uhrzeit,Risiko,Aktivität,Status,Empfohlene Aktion,Pfad - Dateiname
07.07.2014 16:55:14,Gering,22a89434.msi (Adware.BL) erkannt von Auto-Protect,Isoliert,Behoben - Keine Aktion erforderlich,c:\windows\installer\22a89434.msi
07.07.2014 16:52:18,Gering,installfilter64.msi (Adware.BL) erkannt von Auto-Protect,Isoliert,Behoben - Keine Aktion erforderlich,c:\temp\installfilter64.msi
06.07.2014 11:12:17,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
06.07.2014 11:08:55,Gering,t.msi (Adware.BL) erkannt von Auto-Protect,Isoliert,Behoben - Keine Aktion erforderlich,c:\temp\t.msi
04.07.2014 15:04:14,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
30.06.2014 17:18:56,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
17.06.2014 15:25:15,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
16.06.2014 15:03:20,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
15.06.2014 15:19:05,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
14.06.2014 19:21:38,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
13.06.2014 15:04:32,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
12.06.2014 15:06:09,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
11.06.2014 15:55:02,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
10.06.2014 18:42:11,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
09.06.2014 15:04:28,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
29.05.2014 22:10:08,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
28.05.2014 15:03:39,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
26.05.2014 15:18:42,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
25.05.2014 18:01:05,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
24.05.2014 15:55:47,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
21.05.2014 15:03:50,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
17.05.2014 23:12:20,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
16.05.2014 17:56:04,Hoch,strongholdkingdoms.exe (Suspicious.Cloud.2) erkannt von Auto-Protect,Isoliert,Behoben - Keine Aktion erforderlich,c:\programdata\firefly studios\stronghold kingdoms\2.0.17.2\strongholdkingdoms.exe
08.05.2014 16:32:12,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
07.05.2014 17:17:22,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
06.05.2014 15:40:38,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
30.04.2014 14:48:56,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
13.04.2014 11:31:47,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
08.04.2014 10:30:00,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
07.04.2014 13:14:26,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
31.03.2014 15:32:36,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
26.02.2014 19:35:51,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
25.01.2014 15:54:27,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
10.01.2014 15:51:47,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich,
Ein neuer Scan zeigt weniger Schadobjekte.. Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 07.07.2014 Scan Time: 17:32:25 Logfile: Log 3.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.07.07.05 Rootkit Database: v2014.07.03.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: Lukas Scan Type: Threat Scan Result: Completed Objects Scanned: 307041 Time Elapsed: 9 min, 11 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 3 PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, 1352, , [4f62d7c5bdbe033304c1510b59a82fd1] Adware.Adpeak, C:\Program Files\003\vxlsnyaiet64.exe, 1684, , [e6cbcbd13744d66005d988f6d1335ca4] PUP.Optional.AdPeak.A, C:\Program Files\003\vxlsnyaiet64.exe, 1684, , [129f0993c5b6ce6864fa4c7714eee020] Modules: 1 PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, , [8c25019b7b00ae88975c820927da07f9], Registry Keys: 21 PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, , [4f62d7c5bdbe033304c1510b59a82fd1], Adware.Adpeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\vxlsnyaiet64, , [e6cbcbd13744d66005d988f6d1335ca4], PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}, , [09a86537b4c7eb4b6b95a0af92702cd4], PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{10AD2C61-0898-4348-8600-14A342F22AC3}, , [09a86537b4c7eb4b6b95a0af92702cd4], PUP.Optional.CouponDownloader.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10AD2C61-0898-4348-8600-14A342F22AC3}, , [09a86537b4c7eb4b6b95a0af92702cd4], PUP.Optional.CouponDownloader.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{10AD2C61-0898-4348-8600-14A342F22AC3}, , [09a86537b4c7eb4b6b95a0af92702cd4], PUP.Optional.AdPeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\vxlsnyaiet64, , [129f0993c5b6ce6864fa4c7714eee020], PUP.Optional.AdPeak.A, HKLM\SOFTWARE\LevelQualityWatcher, , [139e19831e5d74c2cb97bff79072c53b], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\suprasavings, , [7f323b61afccce6881d0ebe1d52dad53], PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [c4ed0c90dc9f91a5d354bb41bc477090], PUP.Optional.WindowsProtectManger.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsProtectManger, , [8130207c196261d5226b12a3a85aae52], PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\sweet-pageSoftware, , [149d9c00b0cb75c17e973fc62fd5d729], PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [b3fe57456d0ee74fe443d22a877cec14], PUP.Optional.AdPeak.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}, , [31805943f685013518b31d9e0ff3e917], PUP.Optional.BundleInstaller.A, HKLM\SOFTWARE\WOW6432NODE\VITTALIA\AxtanInstaller, , [c0f1722a334843f39d5a9e39ca3808f8], PUP.Optional.SupraSavings.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, , [238e1389d3a80f27103ee9e20bf7ae52], PUP.Optional.BrowserSafeGuard.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BrowserSafeguardInstalled, , [c5eca2fabdbeaa8cacf5fcba08fadf21], PUP.Optional.SupraSavings.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupraSavings, , [3d740b917b00b87ee2704f7d15ed36ca], PUP.Optional.SupraSavings.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\suprasavings, , [a8095d3f43386acc2b288d3f28da48b8], PUP.Optional.Qone8, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [951cb8e4c0bbea4c7fa7e01c81825ba5], PUP.Optional.Softonic.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [1e93efad88f39d9955ecdaef8280659b], Registry Values: 2 PUP.Optional.FastStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\gerrq6ld.default\extensions\faststartff@gmail.com, , [d3deb9e3d6a5c76f9737f21d6b99e31d] PUP.Optional.FastStart.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, , [bdf41f7d1e5de3536629bef707fb3ac6] Registry Data: 12 PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}),,[dfd2fba11962a78f8b2ad0c62cd813ed] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}),,[743d68345b20ad89d1c2612a4bb9fc04] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563),,[634ed8c49ae1171f5262613534d021df] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563),,[aa077c203645191daa0c3363d52f7f81] PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[e9c8e8b4e695c0762b2324721aeaeb15] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}),,[6849683483f80234b203900643c17a86] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563),,[2190306c78030531ecc87f171aea8a76] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563),,[91200993710ac76f4b6bd1c5d52fb64a] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/web/?type=ds&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563&q={searchTerms}),,[862b6636e59670c63e5592f920e40ff1] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[d9d877254437da5cd678e5b130d48b75] PUP.Optional.SweetPage.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563),,[61502478e695a19502afc7cfb94b1ae6] PUP.Optional.SweetPage.A, HKU\S-1-5-21-1539172179-1726893121-3486313719-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/?type=hp&ts=1403333861&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9EC610563),,[664b930918632b0b09a73363f50f2fd1] Folders: 7 PUP.Optional.SupraSavings.A, C:\Program Files\SupraSavings, , [0ea3900cd1aa092db601277af70bb34d], PUP.Optional.SupraSavings.A, C:\Program Files\SupraSavings\SSL, , [0ea3900cd1aa092db601277af70bb34d], PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, , [268bbbe12f4c46f0a56720909270de22], PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, , [268bbbe12f4c46f0a56720909270de22], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger, , [753cd6c6c0bb38fecfe4b5fbf70b25db], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log, , [753cd6c6c0bb38fecfe4b5fbf70b25db], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update, , [753cd6c6c0bb38fecfe4b5fbf70b25db], Files: 10 PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, , [4f62d7c5bdbe033304c1510b59a82fd1], PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, , [8c25019b7b00ae88975c820927da07f9], Adware.Adpeak, C:\Program Files\003\vxlsnyaiet64.exe, , [e6cbcbd13744d66005d988f6d1335ca4], PUP.Optional.SupTab.A, C:\$Recycle.Bin\S-1-5-21-1539172179-1726893121-3486313719-1001\$R2JBGDE.dll, , [a0113c600675f640fd663cf96f9108f8], PUP.Optional.SupraSavings.A, C:\$Recycle.Bin\S-1-5-21-1539172179-1726893121-3486313719-1001\$RNIMYFM\2rs3.dll, , [3f726438f98226101b78e4991be913ed], PUP.Optional.AdPeak.A, C:\Program Files\003\vxlsnyaiet64.exe, , [129f0993c5b6ce6864fa4c7714eee020], PUP.Optional.SweetPage.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml, , [7f326f2d07745adc8490d82d52b27987], PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, , [268bbbe12f4c46f0a56720909270de22], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log\wprotectmanager_2014-06-21[08-58-10-052].log, , [753cd6c6c0bb38fecfe4b5fbf70b25db], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update\conf, , [753cd6c6c0bb38fecfe4b5fbf70b25db], Physical Sectors: 0 (No malicious items detected) (end) Geändert von julcek111 (07.07.2014 um 16:48 Uhr) |
|
08.07.2014, 09:33
| #5 |
| /// the machine /// TB-Ausbilder | Adwareprobleme Adware & Co. deinstallieren
Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter: Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.07.2014, 19:18
| #6 |
| | Adwareprobleme Hallo, hier erstmal der Adw-Log: Code:
ATTFilter # AdwCleaner v3.214 - Bericht erstellt am 08/07/2014 um 19:07:26
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Lukas - LUKAS
# Gestartet von : C:\Users\Lukas\Desktop\adwcleaner_3.214.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files\003
Ordner Gelöscht : C:\Users\Lukas\AppData\Local\Browsersafeguard
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\BrowserSafeGuard
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\Vittalia
Schlüssel Gelöscht : HKLM\Software\Wpm
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~1.DLL
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\c7i7dc9c.default-1404665380831\prefs.js ]
*************************
AdwCleaner[R0].txt - [2564 octets] - [08/07/2014 19:03:12]
AdwCleaner[S0].txt - [2132 octets] - [08/07/2014 19:07:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2192 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Lukas on 08.07.2014 at 19:19:42,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{40981C5A-7E4F-4A5C-818C-1831FB462759}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{40981C5A-7E4F-4A5C-818C-1831FB462759}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Lukas\appdata\local\{27A5B0C6-79A1-4ECB-A161-4E2E1757DF2A}
Successfully deleted: [Empty Folder] C:\Users\Lukas\appdata\local\{5092DC8F-341F-4B08-B167-7D5C33DF2E86}
Successfully deleted: [Empty Folder] C:\Users\Lukas\appdata\local\{531AD7D8-E186-47B1-B661-AFC6A7832A42}
Successfully deleted: [Empty Folder] C:\Users\Lukas\appdata\local\{5BE20F75-8CEB-449F-9226-64339FD539B0}
Successfully deleted: [Empty Folder] C:\Users\Lukas\appdata\local\{67E0C820-7DA2-4090-A8FB-82FC222781CC}
Successfully deleted: [Empty Folder] C:\Users\Lukas\appdata\local\{7BC4C0BB-06F9-4D83-8549-D2BE554FA60E}
Successfully deleted: [Empty Folder] C:\Users\Lukas\appdata\local\{9DAF6187-0D91-4FEB-97BD-05C570F647CC}
Successfully deleted: [Empty Folder] C:\Users\Lukas\appdata\local\{BAF1A25C-D68D-46AF-87AA-7DB11E220EFA}
Successfully deleted: [Empty Folder] C:\Users\Lukas\appdata\local\{BDFB2E80-3702-47D7-B91E-4EC02E210210}
Successfully deleted: [Empty Folder] C:\Users\Lukas\appdata\local\{BE68B929-38C0-4864-A546-279363CE7DFF}
Successfully deleted: [Empty Folder] C:\Users\Lukas\appdata\local\{C1BB5EF4-E7C4-416F-81E9-D987DBABB6C6}
Successfully deleted: [Empty Folder] C:\Users\Lukas\appdata\local\{D1B68B01-B9EC-4863-9F45-3C452BDEC4FF}
Successfully deleted: [Empty Folder] C:\Users\Lukas\appdata\local\{DE832EA9-5717-4F9B-AA51-C37C56A01AD5}
Successfully deleted: [Empty Folder] C:\Users\Lukas\appdata\local\{E012575B-2815-438F-A4A9-12B87F013E21}
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.07.2014 at 19:26:31,76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Lukas (administrator) on LUKAS on 08-07-2014 19:27:54
Running from C:\Users\Lukas\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2014-02-16] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2014-03-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-06-24] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1539172179-1726893121-3486313719-1001\...\MountPoints2: {3d13c48f-f3c8-11e3-be91-28924a499f15} - "G:\Autorun.exe"
HKU\S-1-5-21-1539172179-1726893121-3486313719-1001\...\MountPoints2: {5da81a55-6e33-11e3-be73-28924a499f15} - "I:\LaunchU3.exe" -a
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {40981C5A-7E4F-4A5C-818C-1831FB462759} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 d3oxij66pru1i3.cloudfront.net
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{A881F854-B342-4E55-B969-19B18C45F510}: [NameServer]8.8.8.8,8.8.4.4
FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\c7i7dc9c.default-1404665380831
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\IPSFF [2014-06-05]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\coFFPlgn [2014-07-08]
==================== Services (Whitelisted) =================
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe [265040 2014-05-11] (Symantec Corporation)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-05-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\BASHDefs\20140606.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1503000.00C\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-06-15] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-13] (Symantec Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-06-23] (LogMeIn Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\IPSDefs\20140704.003\IDSvia64.sys [525016 2014-06-04] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\VirusDefs\20140708.001\ENG64.SYS [126040 2014-07-05] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\VirusDefs\20140708.001\EX64.SYS [2099288 2014-07-05] (Symantec Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2014-03-07] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\system32\drivers\N360x64\1503000.00C\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1503000.00C\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1503000.00C\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-05] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1503000.00C\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1503000.00C\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-06-27] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-08 19:26 - 2014-07-08 19:26 - 00002461 _____ () C:\Users\Lukas\Desktop\JRT.txt
2014-07-08 19:19 - 2014-07-08 19:19 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-08 19:16 - 2014-07-08 19:16 - 01016261 _____ (Thisisu) C:\Users\Lukas\Desktop\JRT.exe
2014-07-08 19:02 - 2014-07-08 19:10 - 00000000 ____D () C:\AdwCleaner
2014-07-08 19:01 - 2014-07-08 19:01 - 01346519 _____ () C:\Users\Lukas\Desktop\adwcleaner_3.214.exe
2014-07-08 18:57 - 2014-07-08 18:57 - 00001284 _____ () C:\Users\Lukas\Desktop\Revo Uninstaller.lnk
2014-07-08 18:57 - 2014-07-08 18:57 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-08 18:48 - 2014-07-08 18:48 - 01148972 _____ () C:\Users\Lukas\Desktop\DoPo2.wav
2014-07-08 18:34 - 2014-07-08 18:34 - 02146348 _____ () C:\Users\Lukas\Desktop\DoPo1.wav
2014-07-08 18:21 - 2014-07-08 18:21 - 00913856 _____ () C:\Users\Lukas\Desktop\Jingle.wav
2014-07-08 17:20 - 2014-07-08 17:20 - 00001035 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-07-08 17:20 - 2014-07-08 17:20 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-07-08 17:13 - 2014-07-08 17:13 - 00000000 ____D () C:\Users\Lukas\Desktop\Musik
2014-07-06 20:06 - 2014-07-06 20:06 - 00037912 _____ () C:\Users\Lukas\Desktop\Addition.txt
2014-07-06 20:05 - 2014-07-08 19:27 - 00018210 _____ () C:\Users\Lukas\Desktop\FRST.txt
2014-07-06 20:05 - 2014-07-08 19:27 - 00000000 ____D () C:\FRST
2014-07-06 20:05 - 2014-07-06 20:05 - 02084352 _____ (Farbar) C:\Users\Lukas\Desktop\FRST64.exe
2014-07-06 19:23 - 2014-07-07 17:32 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-06 19:23 - 2014-07-06 19:23 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-06 19:23 - 2014-07-06 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-06 19:23 - 2014-07-06 19:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-06 19:23 - 2014-07-06 19:23 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-06 19:23 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-06 19:23 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-06 19:23 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-06 19:08 - 2014-07-02 18:32 - 00109974 _____ () C:\WINDOWS\_detmp.1
2014-07-06 19:08 - 2001-02-26 20:48 - 00081920 _____ (Adobe Systems, Inc.) C:\WINDOWS\_detmp.2
2014-07-06 17:39 - 2014-07-06 17:39 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack
2014-07-06 17:39 - 2014-07-06 17:39 - 00000000 ____D () C:\Program Files (x86)\Essentials Codec Pack
2014-07-06 11:34 - 2014-07-08 19:23 - 00854437 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-06 11:07 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-07-06 11:06 - 2014-07-06 11:06 - 00004563 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_60-b19.log
2014-07-06 11:06 - 2014-07-06 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-06 11:06 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-07-06 11:06 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-07-06 11:06 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-07-06 10:57 - 2014-07-08 19:08 - 00020498 _____ () C:\WINDOWS\PFRO.log
2014-07-04 14:30 - 2014-07-04 15:02 - 00000000 ____D () C:\Users\Lukas\Desktop\Unbenannt
2014-07-02 18:35 - 2014-07-02 18:35 - 00000000 ____D () C:\Program Files (x86)\Ubi Soft
2014-07-02 18:35 - 2002-06-17 08:25 - 00026088 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\xmlinst.exe
2014-07-02 18:35 - 2002-04-24 13:43 - 00035840 ____R () C:\WINDOWS\SysWOW64\comdlg32.oca
2014-07-02 18:35 - 2002-04-09 18:23 - 00029184 ____R () C:\WINDOWS\SysWOW64\MSINET.oca
2014-07-02 18:35 - 2001-05-04 12:05 - 00505104 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml.dll
2014-07-02 18:35 - 2001-05-04 12:05 - 00028432 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxmlr.dll
2014-07-02 18:35 - 2000-05-22 01:00 - 00140488 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.ocx
2014-07-02 18:35 - 2000-03-17 09:21 - 00069632 ____R () C:\WINDOWS\SysWOW64\xmltok.dll
2014-07-02 18:35 - 2000-03-17 09:21 - 00036864 ____R () C:\WINDOWS\SysWOW64\xmlparse.dll
2014-07-02 18:35 - 1998-06-24 01:00 - 00115016 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSINET.OCX
2014-07-02 18:35 - 1998-06-18 01:00 - 00089360 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5DB.DLL
2014-07-02 18:34 - 2014-07-06 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Byte
2014-07-02 18:32 - 2014-07-02 18:32 - 00001287 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader 5.0.lnk
2014-07-02 18:32 - 2014-07-02 18:32 - 00000000 ____D () C:\Users\Lukas\Documents\My eBooks
2014-07-02 18:32 - 2014-07-02 18:32 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\InterTrust
2014-07-02 18:32 - 2014-07-02 18:32 - 00000000 ____D () C:\BlueByte
2014-07-02 18:18 - 1998-11-17 12:44 - 00328704 _____ (InstallShield Software Corporation ) C:\WINDOWS\IsUn0407.exe
2014-06-26 20:41 - 2014-07-08 19:13 - 00000344 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForLukas.job
2014-06-26 20:35 - 2014-06-26 20:35 - 05417896 _____ () C:\Users\Lukas\Desktop\phase-6-backpack-all-2014-06-26.p6a
2014-06-26 20:30 - 2014-06-26 20:30 - 00000938 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-06-26 20:30 - 2014-06-26 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-06-26 20:30 - 2014-06-26 20:30 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-06-25 19:27 - 2014-07-05 17:22 - 00000000 ____D () C:\Users\Lukas\Desktop\Server
2014-06-23 11:42 - 2014-06-23 11:42 - 00046136 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-06-21 21:37 - 2014-06-21 21:37 - 00011958 _____ () C:\Users\Lukas\AppData\Local\recently-used.xbel
2014-06-21 20:47 - 2014-06-21 20:47 - 00000000 ____D () C:\Users\Lukas\Documents\Stronghold Kingdoms
2014-06-21 20:47 - 2014-06-21 20:47 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Firefly Studios
2014-06-21 20:47 - 2014-06-21 20:47 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Geckofx
2014-06-21 09:02 - 2014-07-07 16:51 - 00000000 ____D () C:\temp
2014-06-21 08:46 - 2014-05-24 04:07 - 01102945 _____ () C:\Users\Lukas\Desktop\SkaiaCraft_Launcher.jar
2014-06-19 14:32 - 2014-06-19 14:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-15 15:18 - 2014-07-06 10:55 - 00000000 ____D () C:\Users\Lukas\AppData\Local\LogMeIn Hamachi
2014-06-15 00:04 - 2014-06-15 00:04 - 00000000 ____D () C:\ProgramData\ATI
2014-06-14 23:51 - 2014-06-14 23:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Raptr
2014-06-14 23:51 - 2014-06-14 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-06-14 23:51 - 2014-06-14 23:51 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-06-14 23:44 - 2014-06-14 23:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-14 17:14 - 2014-06-14 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinypic
2014-06-14 17:14 - 2014-06-14 17:14 - 00000000 ____D () C:\Program Files (x86)\Tinypic
2014-06-12 21:05 - 2014-06-12 21:05 - 00046376 _____ (NetFilterSDK.com) C:\WINDOWS\system32\Drivers\netfilter64.sys
2014-06-12 13:50 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-12 13:50 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-12 13:50 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-12 13:50 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-12 13:50 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-12 13:50 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-12 13:50 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-12 13:50 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-12 13:50 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-12 13:50 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-12 13:50 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-12 13:50 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-12 13:50 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-12 13:50 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-12 13:50 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-12 13:50 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-12 13:50 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-12 13:50 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-12 13:50 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-12 13:50 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-12 13:50 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-12 13:50 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-12 13:50 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-12 13:50 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-12 13:50 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-12 13:49 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-12 13:49 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-12 13:49 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-12 13:49 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-12 13:49 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-12 13:49 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-12 13:49 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-12 13:49 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-12 13:49 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-12 13:49 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-12 13:49 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-12 13:49 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-12 13:49 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-12 13:49 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-12 13:49 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-12 13:49 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-12 13:49 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-12 13:49 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-12 13:49 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-12 13:49 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-12 13:49 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-12 13:49 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-12 13:49 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-12 13:49 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-06-12 13:49 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-12 13:49 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-12 13:49 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-12 13:49 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-12 13:49 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-12 13:49 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-12 13:49 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-12 13:49 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-12 13:49 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-12 13:49 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-12 13:49 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-12 13:49 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-12 13:49 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-12 13:49 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-12 13:49 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-12 13:49 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-12 13:49 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-12 13:48 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-12 13:48 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-12 13:48 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-12 13:48 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-12 13:48 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-12 13:48 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-12 13:48 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-12 13:48 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-12 13:48 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-12 13:48 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-12 13:48 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-12 13:48 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-12 13:48 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-12 13:48 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-12 13:48 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-12 13:48 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-12 13:48 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-12 13:48 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-12 13:48 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-12 13:48 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-12 13:48 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-12 13:48 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-12 13:48 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-12 13:48 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-12 13:48 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-12 13:48 - 2014-04-06 18:34 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-12 13:48 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-12 13:48 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-12 13:48 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-12 13:48 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-12 13:48 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-12 13:48 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-12 13:48 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-12 13:48 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-12 13:48 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-12 13:48 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-12 13:48 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-12 13:48 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-12 13:48 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-12 13:48 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-12 13:48 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-12 13:48 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-12 13:48 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-12 13:48 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-12 13:48 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-12 13:48 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-12 13:48 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-12 13:48 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-12 13:48 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-12 13:48 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-12 13:48 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-12 13:48 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-12 13:48 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-12 13:48 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-12 13:48 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-12 13:48 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-12 13:48 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-12 13:48 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-12 13:48 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-12 13:48 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-12 13:48 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-12 13:48 - 2014-04-01 08:23 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-12 13:48 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-12 13:48 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-12 13:48 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-12 13:48 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-12 13:48 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-12 13:48 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-12 13:48 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-12 13:48 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-12 13:48 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-12 13:48 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-12 13:48 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-12 13:48 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-12 13:48 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-12 13:48 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-12 13:48 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-12 13:48 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-12 13:48 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-12 13:48 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-12 13:48 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-12 13:48 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-12 13:48 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-12 13:48 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-12 13:48 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-12 13:48 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-12 13:48 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-12 13:48 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-12 13:48 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-12 13:48 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-12 13:48 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-12 13:48 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-12 13:48 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-12 13:48 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-12 13:48 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-12 13:48 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-12 13:48 - 2014-03-18 10:19 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-12 13:48 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-12 13:48 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-12 13:48 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-12 13:48 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-12 13:48 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-12 13:48 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-12 13:48 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-12 13:48 - 2014-03-06 14:42 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-12 13:48 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-12 13:47 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-12 13:47 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-12 13:47 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-12 13:47 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-12 13:47 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-12 13:47 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
==================== One Month Modified Files and Folders =======
2014-07-08 19:28 - 2014-07-06 20:05 - 00018210 _____ () C:\Users\Lukas\Desktop\FRST.txt
2014-07-08 19:27 - 2014-07-06 20:05 - 00000000 ____D () C:\FRST
2014-07-08 19:26 - 2014-07-08 19:26 - 00002461 _____ () C:\Users\Lukas\Desktop\JRT.txt
2014-07-08 19:26 - 2013-12-26 15:55 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1539172179-1726893121-3486313719-1001
2014-07-08 19:23 - 2014-07-06 11:34 - 00854437 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-08 19:19 - 2014-07-08 19:19 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-08 19:17 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-07-08 19:16 - 2014-07-08 19:16 - 01016261 _____ (Thisisu) C:\Users\Lukas\Desktop\JRT.exe
2014-07-08 19:13 - 2014-06-26 20:41 - 00000344 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForLukas.job
2014-07-08 19:10 - 2014-07-08 19:02 - 00000000 ____D () C:\AdwCleaner
2014-07-08 19:10 - 2014-05-02 19:25 - 00000000 __RDO () C:\Users\Lukas\OneDrive
2014-07-08 19:10 - 2014-04-27 20:02 - 00001116 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-08 19:09 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-08 19:08 - 2014-07-06 10:57 - 00020498 _____ () C:\WINDOWS\PFRO.log
2014-07-08 19:08 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-08 19:06 - 2014-04-27 20:02 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-08 19:05 - 2013-12-27 15:24 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-08 19:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-08 19:01 - 2014-07-08 19:01 - 01346519 _____ () C:\Users\Lukas\Desktop\adwcleaner_3.214.exe
2014-07-08 18:57 - 2014-07-08 18:57 - 00001284 _____ () C:\Users\Lukas\Desktop\Revo Uninstaller.lnk
2014-07-08 18:57 - 2014-07-08 18:57 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-08 18:54 - 2014-03-22 12:35 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Audacity
2014-07-08 18:48 - 2014-07-08 18:48 - 01148972 _____ () C:\Users\Lukas\Desktop\DoPo2.wav
2014-07-08 18:34 - 2014-07-08 18:34 - 02146348 _____ () C:\Users\Lukas\Desktop\DoPo1.wav
2014-07-08 18:21 - 2014-07-08 18:21 - 00913856 _____ () C:\Users\Lukas\Desktop\Jingle.wav
2014-07-08 17:20 - 2014-07-08 17:20 - 00001035 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-07-08 17:20 - 2014-07-08 17:20 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-07-08 17:20 - 2014-05-12 21:46 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2C7D984D-C797-4C08-A7FE-2964E160CBB4}
2014-07-08 17:13 - 2014-07-08 17:13 - 00000000 ____D () C:\Users\Lukas\Desktop\Musik
2014-07-08 16:59 - 2013-12-27 15:00 - 04609024 ___SH () C:\Users\Lukas\Desktop\Thumbs.db
2014-07-08 15:25 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-07 20:39 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\addins
2014-07-07 20:37 - 2014-01-02 20:35 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Skype
2014-07-07 17:32 - 2014-07-06 19:23 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-07 16:51 - 2014-06-21 09:02 - 00000000 ____D () C:\temp
2014-07-07 16:15 - 2014-01-22 17:04 - 00000000 ____D () C:\Users\Lukas\AppData\Local\PMB Files
2014-07-06 20:06 - 2014-07-06 20:06 - 00037912 _____ () C:\Users\Lukas\Desktop\Addition.txt
2014-07-06 20:05 - 2014-07-06 20:05 - 02084352 _____ (Farbar) C:\Users\Lukas\Desktop\FRST64.exe
2014-07-06 19:23 - 2014-07-06 19:23 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-06 19:23 - 2014-07-06 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-06 19:23 - 2014-07-06 19:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-06 19:23 - 2014-07-06 19:23 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-06 19:08 - 2014-07-02 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Byte
2014-07-06 19:08 - 2014-04-21 15:49 - 00000000 ____D () C:\Fraps
2014-07-06 17:39 - 2014-07-06 17:39 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack
2014-07-06 17:39 - 2014-07-06 17:39 - 00000000 ____D () C:\Program Files (x86)\Essentials Codec Pack
2014-07-06 17:32 - 2014-01-22 17:04 - 00000000 ____D () C:\ProgramData\PMB Files
2014-07-06 11:07 - 2014-02-11 17:02 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-06 11:06 - 2014-07-06 11:06 - 00004563 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_60-b19.log
2014-07-06 11:06 - 2014-07-06 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-06 11:06 - 2014-02-11 17:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-06 10:55 - 2014-06-15 15:18 - 00000000 ____D () C:\Users\Lukas\AppData\Local\LogMeIn Hamachi
2014-07-06 10:41 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-05 17:22 - 2014-06-25 19:27 - 00000000 ____D () C:\Users\Lukas\Desktop\Server
2014-07-04 16:59 - 2014-01-03 18:11 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-07-04 16:58 - 2014-01-03 18:11 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-04 15:02 - 2014-07-04 14:30 - 00000000 ____D () C:\Users\Lukas\Desktop\Unbenannt
2014-07-04 14:24 - 2013-12-27 16:32 - 00007168 _____ () C:\Users\Lukas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-04 13:18 - 2014-04-29 19:19 - 00001118 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-02 18:35 - 2014-07-02 18:35 - 00000000 ____D () C:\Program Files (x86)\Ubi Soft
2014-07-02 18:32 - 2014-07-06 19:08 - 00109974 _____ () C:\WINDOWS\_detmp.1
2014-07-02 18:32 - 2014-07-02 18:32 - 00001287 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader 5.0.lnk
2014-07-02 18:32 - 2014-07-02 18:32 - 00000000 ____D () C:\Users\Lukas\Documents\My eBooks
2014-07-02 18:32 - 2014-07-02 18:32 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\InterTrust
2014-07-02 18:32 - 2014-07-02 18:32 - 00000000 ____D () C:\BlueByte
2014-07-02 18:32 - 2013-12-26 15:47 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Adobe
2014-07-02 18:32 - 2012-08-31 15:42 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-07-01 20:18 - 2014-02-10 16:47 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\.minecraft
2014-07-01 16:05 - 2013-12-28 17:21 - 00229376 ___SH () C:\Users\Lukas\Downloads\Thumbs.db
2014-06-29 14:30 - 2014-01-01 19:34 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\TeamViewer
2014-06-26 20:39 - 2014-03-02 20:14 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\DAEMON Tools Lite
2014-06-26 20:39 - 2013-12-26 18:35 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-26 20:38 - 2014-02-28 16:44 - 00000000 ____D () C:\Users\Lukas\AppData\Local\CrashDumps
2014-06-26 20:37 - 2014-03-18 12:03 - 01980934 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-26 20:37 - 2014-03-18 11:25 - 00842568 _____ () C:\WINDOWS\system32\perfh007.dat
2014-06-26 20:37 - 2014-03-18 11:25 - 00191764 _____ () C:\WINDOWS\system32\perfc007.dat
2014-06-26 20:35 - 2014-06-26 20:35 - 05417896 _____ () C:\Users\Lukas\Desktop\phase-6-backpack-all-2014-06-26.p6a
2014-06-26 20:30 - 2014-06-26 20:30 - 00000938 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-06-26 20:30 - 2014-06-26 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-06-26 20:30 - 2014-06-26 20:30 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-06-26 20:28 - 2013-12-26 15:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-25 21:59 - 2013-12-26 15:46 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Packages
2014-06-23 11:42 - 2014-06-23 11:42 - 00046136 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-06-21 23:11 - 2013-12-29 15:31 - 00000000 ____D () C:\Users\Lukas\.gimp-2.8
2014-06-21 21:37 - 2014-06-21 21:37 - 00011958 _____ () C:\Users\Lukas\AppData\Local\recently-used.xbel
2014-06-21 20:47 - 2014-06-21 20:47 - 00000000 ____D () C:\Users\Lukas\Documents\Stronghold Kingdoms
2014-06-21 20:47 - 2014-06-21 20:47 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Firefly Studios
2014-06-21 20:47 - 2014-06-21 20:47 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Geckofx
2014-06-21 09:28 - 2014-02-10 16:29 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Craften Terminal
2014-06-21 09:13 - 2014-02-10 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craften Terminal
2014-06-21 09:13 - 2014-02-10 16:28 - 00000000 ____D () C:\Program Files (x86)\Craften Terminal
2014-06-20 16:26 - 2014-02-25 22:18 - 00000000 ___RD () C:\Users\Lukas\Dropbox
2014-06-20 14:31 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-20 14:08 - 2013-12-27 11:02 - 00000000 ___RD () C:\Users\Lukas\Desktop\Lukas
2014-06-19 14:32 - 2014-06-19 14:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 19:01 - 2014-04-27 20:02 - 00004092 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-18 19:01 - 2014-04-27 20:02 - 00003856 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-15 15:22 - 2014-04-03 15:11 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Tunngle
2014-06-15 15:22 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\Tunngle
2014-06-15 15:04 - 2014-03-02 20:14 - 00283064 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-06-15 11:51 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-06-15 00:04 - 2014-06-15 00:04 - 00000000 ____D () C:\ProgramData\ATI
2014-06-14 23:51 - 2014-06-14 23:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Raptr
2014-06-14 23:51 - 2014-06-14 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-06-14 23:51 - 2014-06-14 23:51 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-06-14 23:51 - 2013-12-27 21:21 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-06-14 23:44 - 2014-06-14 23:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-14 23:42 - 2014-05-02 18:09 - 00000000 ____D () C:\AMD
2014-06-14 19:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-14 17:14 - 2014-06-14 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinypic
2014-06-14 17:14 - 2014-06-14 17:14 - 00000000 ____D () C:\Program Files (x86)\Tinypic
2014-06-14 17:08 - 2013-12-29 15:34 - 00000000 ____D () C:\Users\Lukas\AppData\Local\gtk-2.0
2014-06-14 16:36 - 2013-12-27 20:15 - 00000909 _____ () C:\Users\Lukas\Desktop\Downloads.lnk
2014-06-14 15:32 - 2013-08-22 16:44 - 00377208 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-14 15:29 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-14 15:29 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-14 15:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-14 15:29 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-13 14:42 - 2013-12-27 18:22 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-13 14:40 - 2013-12-27 18:22 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-12 21:05 - 2014-06-12 21:05 - 00046376 _____ (NetFilterSDK.com) C:\WINDOWS\system32\Drivers\netfilter64.sys
Files to move or delete:
====================
C:\ProgramData\sysqcl1129139270.dat
Some content of TEMP:
====================
C:\Users\Lukas\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-07 20:51
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- LG Hallo, Malwarebytes-Antimalware findet keine Funde mehr  Das scheint doch ein gutes Zeichen zu sein oder? Ich merke grade.. das liegt ja daran, dass ich alles in Quarantäne habe! LG Lukas Geändert von julcek111 (08.07.2014 um 20:14 Uhr) |
|
09.07.2014, 16:26
| #7 |
| /// the machine /// TB-Ausbilder | AdwareproblemeESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.07.2014, 19:03
| #8 |
| | Adwareprobleme Hallo, vielen Dank Hier der Log von Eset: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=0b7c55633a3671478ceaa486099dc3d7
# engine=19097
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-09 05:59:51
# local_time=2014-07-09 07:59:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Norton 360'
# compatibility_mode=3598 16777213 100 100 2175865 155591287 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4673448 13287511 0 0
# scanned=246388
# found=3
# cleaned=0
# scan_time=5382
sh=5A4718EFF6A9F2C57CC1B859F5CAD9CDF4AFCF7E ft=1 fh=584050306ed3824c vn="Win32/InstallCore.OZ evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1539172179-1726893121-3486313719-1001\$RE63HM9.exe"
sh=DA5FB3EC9626A14CF284F51DEFDBC040D14854DC ft=1 fh=3ccc85b63cb510cb vn="Variante von Win32/AdWare.Adpeak.I Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1539172179-1726893121-3486313719-1001\$RNIMYFM\CustomActionInstall"
sh=F1BF41B871B373DA5582856271D7A35AF9C3D059 ft=1 fh=cecd9d37647e9ccd vn="Variante von Win32/AdWare.Adpeak.I Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1539172179-1726893121-3486313719-1001\$RNIMYFM\CustomActionUninstall"
Code:
ATTFilter Results of screen317's Security Check version 0.99.85
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
Norton 360
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 60
Adobe Flash Player 14.0.0.145
Mozilla Firefox (30.0)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Lukas (administrator) on LUKAS on 09-07-2014 20:11:21
Running from C:\Users\Lukas\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2014-02-16] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2014-03-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-06-24] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1539172179-1726893121-3486313719-1001\...\MountPoints2: {3d13c48f-f3c8-11e3-be91-28924a499f15} - "G:\Autorun.exe"
HKU\S-1-5-21-1539172179-1726893121-3486313719-1001\...\MountPoints2: {5da81a55-6e33-11e3-be73-28924a499f15} - "I:\LaunchU3.exe" -a
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {40981C5A-7E4F-4A5C-818C-1831FB462759} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 d3oxij66pru1i3.cloudfront.net
Tcpip\..\Interfaces\{A881F854-B342-4E55-B969-19B18C45F510}: [NameServer]8.8.8.8,8.8.4.4
FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\c7i7dc9c.default-1404665380831
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\IPSFF [2014-06-05]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\coFFPlgn [2014-07-08]
==================== Services (Whitelisted) =================
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe [265040 2014-05-11] (Symantec Corporation)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-05-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1503000.00C\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-06-15] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-13] (Symantec Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-06-23] (LogMeIn Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\IPSDefs\20140708.001\IDSvia64.sys [525016 2014-06-04] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\VirusDefs\20140708.023\ENG64.SYS [126040 2014-07-05] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\VirusDefs\20140708.023\EX64.SYS [2099288 2014-07-05] (Symantec Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2014-03-07] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\system32\drivers\N360x64\1503000.00C\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1503000.00C\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1503000.00C\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-05] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1503000.00C\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1503000.00C\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-06-27] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-09 18:30 - 2014-07-09 18:30 - 00854390 _____ () C:\Users\Lukas\Desktop\SecurityCheck.exe
2014-07-09 18:27 - 2014-07-09 20:01 - 00000000 ____D () C:\Users\Lukas\Desktop\Musir
2014-07-09 09:13 - 2014-07-09 09:13 - 00000000 ____D () C:\Users\Lukas\AppData\Local\{FF42DC22-681E-41BD-9250-677DB8108414}
2014-07-09 09:11 - 2014-07-09 09:11 - 00000000 _____ () C:\Users\Lukas\Desktop\~PI7FF0.tmp
2014-07-09 08:59 - 2014-07-09 08:59 - 01183788 _____ () C:\Users\Lukas\Desktop\Sprecher 2.wav
2014-07-09 08:57 - 2014-07-09 08:57 - 01212460 _____ () C:\Users\Lukas\Desktop\Sprecher 1.wav
2014-07-09 07:55 - 2014-07-09 07:55 - 00000000 ____D () C:\Users\Lukas\AppData\Local\{07A4F452-A3D7-4647-AC41-A1CB780CBF61}
2014-07-08 21:06 - 2014-07-08 21:07 - 00035736 _____ () C:\Users\Lukas\Desktop\vir.txt
2014-07-08 19:26 - 2014-07-08 19:26 - 00002461 _____ () C:\Users\Lukas\Desktop\JRT.txt
2014-07-08 19:19 - 2014-07-08 19:19 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-08 19:16 - 2014-07-08 19:16 - 01016261 _____ (Thisisu) C:\Users\Lukas\Desktop\JRT.exe
2014-07-08 19:02 - 2014-07-08 19:10 - 00000000 ____D () C:\AdwCleaner
2014-07-08 19:01 - 2014-07-08 19:01 - 01346519 _____ () C:\Users\Lukas\Desktop\adwcleaner_3.214.exe
2014-07-08 18:57 - 2014-07-08 18:57 - 00001284 _____ () C:\Users\Lukas\Desktop\Revo Uninstaller.lnk
2014-07-08 18:57 - 2014-07-08 18:57 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-08 17:20 - 2014-07-08 17:20 - 00001035 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-07-08 17:20 - 2014-07-08 17:20 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-07-06 20:06 - 2014-07-06 20:06 - 00037912 _____ () C:\Users\Lukas\Desktop\Addition.txt
2014-07-06 20:05 - 2014-07-09 20:11 - 00018112 _____ () C:\Users\Lukas\Desktop\FRST.txt
2014-07-06 20:05 - 2014-07-09 20:11 - 00000000 ____D () C:\FRST
2014-07-06 20:05 - 2014-07-06 20:05 - 02084352 _____ (Farbar) C:\Users\Lukas\Desktop\FRST64.exe
2014-07-06 19:23 - 2014-07-08 19:59 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-06 19:23 - 2014-07-06 19:23 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-06 19:23 - 2014-07-06 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-06 19:23 - 2014-07-06 19:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-06 19:23 - 2014-07-06 19:23 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-06 19:23 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-06 19:23 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-06 19:23 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-06 19:08 - 2014-07-02 18:32 - 00109974 _____ () C:\WINDOWS\_detmp.1
2014-07-06 19:08 - 2001-02-26 20:48 - 00081920 _____ (Adobe Systems, Inc.) C:\WINDOWS\_detmp.2
2014-07-06 17:39 - 2014-07-06 17:39 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack
2014-07-06 17:39 - 2014-07-06 17:39 - 00000000 ____D () C:\Program Files (x86)\Essentials Codec Pack
2014-07-06 11:34 - 2014-07-09 18:40 - 01777821 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-06 11:07 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-07-06 11:06 - 2014-07-06 11:06 - 00004563 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_60-b19.log
2014-07-06 11:06 - 2014-07-06 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-06 11:06 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-07-06 11:06 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-07-06 11:06 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-07-06 10:57 - 2014-07-08 19:08 - 00020498 _____ () C:\WINDOWS\PFRO.log
2014-07-04 14:30 - 2014-07-04 15:02 - 00000000 ____D () C:\Users\Lukas\Desktop\Unbenannt
2014-07-02 18:35 - 2014-07-02 18:35 - 00000000 ____D () C:\Program Files (x86)\Ubi Soft
2014-07-02 18:35 - 2002-06-17 08:25 - 00026088 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\xmlinst.exe
2014-07-02 18:35 - 2002-04-24 13:43 - 00035840 ____R () C:\WINDOWS\SysWOW64\comdlg32.oca
2014-07-02 18:35 - 2002-04-09 18:23 - 00029184 ____R () C:\WINDOWS\SysWOW64\MSINET.oca
2014-07-02 18:35 - 2001-05-04 12:05 - 00505104 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml.dll
2014-07-02 18:35 - 2001-05-04 12:05 - 00028432 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxmlr.dll
2014-07-02 18:35 - 2000-05-22 01:00 - 00140488 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.ocx
2014-07-02 18:35 - 2000-03-17 09:21 - 00069632 ____R () C:\WINDOWS\SysWOW64\xmltok.dll
2014-07-02 18:35 - 2000-03-17 09:21 - 00036864 ____R () C:\WINDOWS\SysWOW64\xmlparse.dll
2014-07-02 18:35 - 1998-06-24 01:00 - 00115016 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSINET.OCX
2014-07-02 18:35 - 1998-06-18 01:00 - 00089360 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5DB.DLL
2014-07-02 18:34 - 2014-07-06 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Byte
2014-07-02 18:32 - 2014-07-02 18:32 - 00001287 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader 5.0.lnk
2014-07-02 18:32 - 2014-07-02 18:32 - 00000000 ____D () C:\Users\Lukas\Documents\My eBooks
2014-07-02 18:32 - 2014-07-02 18:32 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\InterTrust
2014-07-02 18:32 - 2014-07-02 18:32 - 00000000 ____D () C:\BlueByte
2014-07-02 18:18 - 1998-11-17 12:44 - 00328704 _____ (InstallShield Software Corporation ) C:\WINDOWS\IsUn0407.exe
2014-06-26 20:41 - 2014-07-08 19:13 - 00000344 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForLukas.job
2014-06-26 20:35 - 2014-06-26 20:35 - 05417896 _____ () C:\Users\Lukas\Desktop\phase-6-backpack-all-2014-06-26.p6a
2014-06-26 20:30 - 2014-06-26 20:30 - 00000938 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-06-26 20:30 - 2014-06-26 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-06-26 20:30 - 2014-06-26 20:30 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-06-23 11:42 - 2014-06-23 11:42 - 00046136 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-06-21 21:37 - 2014-06-21 21:37 - 00011958 _____ () C:\Users\Lukas\AppData\Local\recently-used.xbel
2014-06-21 20:47 - 2014-06-21 20:47 - 00000000 ____D () C:\Users\Lukas\Documents\Stronghold Kingdoms
2014-06-21 20:47 - 2014-06-21 20:47 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Firefly Studios
2014-06-21 20:47 - 2014-06-21 20:47 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Geckofx
2014-06-21 09:02 - 2014-07-07 16:51 - 00000000 ____D () C:\temp
2014-06-19 14:32 - 2014-06-19 14:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-15 15:18 - 2014-07-06 10:55 - 00000000 ____D () C:\Users\Lukas\AppData\Local\LogMeIn Hamachi
2014-06-15 00:04 - 2014-06-15 00:04 - 00000000 ____D () C:\ProgramData\ATI
2014-06-14 23:51 - 2014-06-14 23:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Raptr
2014-06-14 23:51 - 2014-06-14 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-06-14 23:51 - 2014-06-14 23:51 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-06-14 23:44 - 2014-06-14 23:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-14 17:14 - 2014-06-14 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinypic
2014-06-14 17:14 - 2014-06-14 17:14 - 00000000 ____D () C:\Program Files (x86)\Tinypic
2014-06-12 21:05 - 2014-06-12 21:05 - 00046376 _____ (NetFilterSDK.com) C:\WINDOWS\system32\Drivers\netfilter64.sys
2014-06-12 13:50 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-12 13:50 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-12 13:50 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-12 13:50 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-12 13:50 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-12 13:50 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-12 13:50 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-12 13:50 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-12 13:50 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-12 13:50 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-12 13:50 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-12 13:50 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-12 13:50 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-12 13:50 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-12 13:50 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-12 13:50 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-12 13:50 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-12 13:50 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-12 13:50 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-12 13:50 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-12 13:50 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-12 13:50 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-12 13:50 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-12 13:50 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-12 13:50 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-12 13:49 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-12 13:49 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-12 13:49 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-12 13:49 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-12 13:49 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-12 13:49 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-12 13:49 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-12 13:49 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-12 13:49 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-12 13:49 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-12 13:49 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-12 13:49 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-12 13:49 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-12 13:49 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-12 13:49 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-12 13:49 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-12 13:49 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-12 13:49 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-12 13:49 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-12 13:49 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-12 13:49 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-12 13:49 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-12 13:49 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-12 13:49 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-06-12 13:49 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-12 13:49 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-12 13:49 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-12 13:49 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-12 13:49 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-12 13:49 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-12 13:49 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-12 13:49 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-12 13:49 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-12 13:49 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-12 13:49 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-12 13:49 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-12 13:49 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-12 13:49 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-12 13:49 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-12 13:49 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-12 13:49 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-12 13:48 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-12 13:48 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-12 13:48 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-12 13:48 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-12 13:48 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-12 13:48 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-12 13:48 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-12 13:48 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-12 13:48 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-12 13:48 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-12 13:48 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-12 13:48 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-12 13:48 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-12 13:48 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-12 13:48 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-12 13:48 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-12 13:48 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-12 13:48 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-12 13:48 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-12 13:48 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-12 13:48 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-12 13:48 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-12 13:48 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-12 13:48 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-12 13:48 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-12 13:48 - 2014-04-06 18:34 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-12 13:48 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-12 13:48 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-12 13:48 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-12 13:48 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-12 13:48 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-12 13:48 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-12 13:48 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-12 13:48 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-12 13:48 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-12 13:48 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-12 13:48 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-12 13:48 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-12 13:48 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-12 13:48 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-12 13:48 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-12 13:48 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-12 13:48 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-12 13:48 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-12 13:48 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-12 13:48 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-12 13:48 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-12 13:48 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-12 13:48 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-12 13:48 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-12 13:48 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-12 13:48 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-12 13:48 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-12 13:48 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-12 13:48 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-12 13:48 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-12 13:48 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-12 13:48 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-12 13:48 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-12 13:48 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-12 13:48 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-12 13:48 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-12 13:48 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-12 13:48 - 2014-04-01 08:23 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-12 13:48 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-12 13:48 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-12 13:48 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-12 13:48 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-12 13:48 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-12 13:48 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-12 13:48 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-12 13:48 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-12 13:48 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-12 13:48 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-12 13:48 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-12 13:48 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-12 13:48 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-12 13:48 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-12 13:48 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-12 13:48 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-12 13:48 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-12 13:48 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-12 13:48 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-12 13:48 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-12 13:48 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-12 13:48 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-12 13:48 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-12 13:48 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-12 13:48 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-12 13:48 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-12 13:48 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-12 13:48 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-12 13:48 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-12 13:48 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-12 13:48 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-12 13:48 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-12 13:48 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-12 13:48 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-12 13:48 - 2014-03-18 10:19 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-12 13:48 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-12 13:48 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-12 13:48 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-12 13:48 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-12 13:48 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-12 13:48 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-12 13:48 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-12 13:48 - 2014-03-06 14:42 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-12 13:48 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-12 13:47 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-12 13:47 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-12 13:47 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-12 13:47 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-12 13:47 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-12 13:47 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
==================== One Month Modified Files and Folders =======
2014-07-09 20:11 - 2014-07-06 20:05 - 00018112 _____ () C:\Users\Lukas\Desktop\FRST.txt
2014-07-09 20:11 - 2014-07-06 20:05 - 00000000 ____D () C:\FRST
2014-07-09 20:10 - 2014-07-06 11:34 - 01777821 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-09 20:08 - 2013-12-27 15:00 - 04694016 ___SH () C:\Users\Lukas\Desktop\Thumbs.db
2014-07-09 20:06 - 2014-04-27 20:02 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-09 20:05 - 2013-12-27 15:24 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-09 20:01 - 2014-07-09 18:27 - 00000000 ____D () C:\Users\Lukas\Desktop\Musir
2014-07-09 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-09 19:51 - 2014-01-02 20:35 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Skype
2014-07-09 19:06 - 2014-04-27 20:02 - 00001116 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-09 18:30 - 2014-07-09 18:30 - 00854390 _____ () C:\Users\Lukas\Desktop\SecurityCheck.exe
2014-07-09 18:26 - 2014-03-18 12:03 - 01980934 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-09 18:26 - 2014-03-18 11:25 - 00842568 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-09 18:26 - 2014-03-18 11:25 - 00191764 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-09 18:25 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-07-09 14:46 - 2014-05-02 19:25 - 00000000 __RDO () C:\Users\Lukas\OneDrive
2014-07-09 14:43 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-09 14:42 - 2013-12-27 18:22 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-09 14:39 - 2013-12-27 18:22 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-09 14:39 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-09 09:13 - 2014-07-09 09:13 - 00000000 ____D () C:\Users\Lukas\AppData\Local\{FF42DC22-681E-41BD-9250-677DB8108414}
2014-07-09 09:13 - 2014-03-22 12:35 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Audacity
2014-07-09 09:11 - 2014-07-09 09:11 - 00000000 _____ () C:\Users\Lukas\Desktop\~PI7FF0.tmp
2014-07-09 08:59 - 2014-07-09 08:59 - 01183788 _____ () C:\Users\Lukas\Desktop\Sprecher 2.wav
2014-07-09 08:57 - 2014-07-09 08:57 - 01212460 _____ () C:\Users\Lukas\Desktop\Sprecher 1.wav
2014-07-09 08:09 - 2014-05-12 21:46 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2C7D984D-C797-4C08-A7FE-2964E160CBB4}
2014-07-09 08:07 - 2014-06-05 12:34 - 00000000 ____D () C:\WINDOWS\system32\Drivers\N360x64
2014-07-09 07:55 - 2014-07-09 07:55 - 00000000 ____D () C:\Users\Lukas\AppData\Local\{07A4F452-A3D7-4647-AC41-A1CB780CBF61}
2014-07-08 21:07 - 2014-07-08 21:06 - 00035736 _____ () C:\Users\Lukas\Desktop\vir.txt
2014-07-08 20:29 - 2013-12-26 15:55 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1539172179-1726893121-3486313719-1001
2014-07-08 20:05 - 2013-12-27 15:24 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-08 19:59 - 2014-07-06 19:23 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-08 19:26 - 2014-07-08 19:26 - 00002461 _____ () C:\Users\Lukas\Desktop\JRT.txt
2014-07-08 19:19 - 2014-07-08 19:19 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-08 19:16 - 2014-07-08 19:16 - 01016261 _____ (Thisisu) C:\Users\Lukas\Desktop\JRT.exe
2014-07-08 19:13 - 2014-06-26 20:41 - 00000344 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForLukas.job
2014-07-08 19:10 - 2014-07-08 19:02 - 00000000 ____D () C:\AdwCleaner
2014-07-08 19:09 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-08 19:08 - 2014-07-06 10:57 - 00020498 _____ () C:\WINDOWS\PFRO.log
2014-07-08 19:08 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-08 19:01 - 2014-07-08 19:01 - 01346519 _____ () C:\Users\Lukas\Desktop\adwcleaner_3.214.exe
2014-07-08 18:57 - 2014-07-08 18:57 - 00001284 _____ () C:\Users\Lukas\Desktop\Revo Uninstaller.lnk
2014-07-08 18:57 - 2014-07-08 18:57 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-08 17:20 - 2014-07-08 17:20 - 00001035 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-07-08 17:20 - 2014-07-08 17:20 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-07-08 15:25 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-07 20:39 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\addins
2014-07-07 16:51 - 2014-06-21 09:02 - 00000000 ____D () C:\temp
2014-07-07 16:15 - 2014-01-22 17:04 - 00000000 ____D () C:\Users\Lukas\AppData\Local\PMB Files
2014-07-06 20:06 - 2014-07-06 20:06 - 00037912 _____ () C:\Users\Lukas\Desktop\Addition.txt
2014-07-06 20:05 - 2014-07-06 20:05 - 02084352 _____ (Farbar) C:\Users\Lukas\Desktop\FRST64.exe
2014-07-06 19:23 - 2014-07-06 19:23 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-06 19:23 - 2014-07-06 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-06 19:23 - 2014-07-06 19:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-06 19:23 - 2014-07-06 19:23 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-06 19:08 - 2014-07-02 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Byte
2014-07-06 19:08 - 2014-04-21 15:49 - 00000000 ____D () C:\Fraps
2014-07-06 17:39 - 2014-07-06 17:39 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack
2014-07-06 17:39 - 2014-07-06 17:39 - 00000000 ____D () C:\Program Files (x86)\Essentials Codec Pack
2014-07-06 17:32 - 2014-01-22 17:04 - 00000000 ____D () C:\ProgramData\PMB Files
2014-07-06 11:07 - 2014-02-11 17:02 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-06 11:06 - 2014-07-06 11:06 - 00004563 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_60-b19.log
2014-07-06 11:06 - 2014-07-06 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-06 11:06 - 2014-02-11 17:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-06 10:55 - 2014-06-15 15:18 - 00000000 ____D () C:\Users\Lukas\AppData\Local\LogMeIn Hamachi
2014-07-04 16:59 - 2014-01-03 18:11 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-07-04 16:58 - 2014-01-03 18:11 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-04 15:02 - 2014-07-04 14:30 - 00000000 ____D () C:\Users\Lukas\Desktop\Unbenannt
2014-07-04 14:24 - 2013-12-27 16:32 - 00007168 _____ () C:\Users\Lukas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-04 13:18 - 2014-04-29 19:19 - 00001118 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-02 18:35 - 2014-07-02 18:35 - 00000000 ____D () C:\Program Files (x86)\Ubi Soft
2014-07-02 18:32 - 2014-07-06 19:08 - 00109974 _____ () C:\WINDOWS\_detmp.1
2014-07-02 18:32 - 2014-07-02 18:32 - 00001287 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader 5.0.lnk
2014-07-02 18:32 - 2014-07-02 18:32 - 00000000 ____D () C:\Users\Lukas\Documents\My eBooks
2014-07-02 18:32 - 2014-07-02 18:32 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\InterTrust
2014-07-02 18:32 - 2014-07-02 18:32 - 00000000 ____D () C:\BlueByte
2014-07-02 18:32 - 2013-12-26 15:47 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Adobe
2014-07-02 18:32 - 2012-08-31 15:42 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-07-01 20:18 - 2014-02-10 16:47 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\.minecraft
2014-07-01 16:05 - 2013-12-28 17:21 - 00229376 ___SH () C:\Users\Lukas\Downloads\Thumbs.db
2014-06-29 14:30 - 2014-01-01 19:34 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\TeamViewer
2014-06-26 20:39 - 2014-03-02 20:14 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\DAEMON Tools Lite
2014-06-26 20:39 - 2013-12-26 18:35 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-26 20:38 - 2014-02-28 16:44 - 00000000 ____D () C:\Users\Lukas\AppData\Local\CrashDumps
2014-06-26 20:35 - 2014-06-26 20:35 - 05417896 _____ () C:\Users\Lukas\Desktop\phase-6-backpack-all-2014-06-26.p6a
2014-06-26 20:30 - 2014-06-26 20:30 - 00000938 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-06-26 20:30 - 2014-06-26 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-06-26 20:30 - 2014-06-26 20:30 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-06-26 20:28 - 2013-12-26 15:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-25 21:59 - 2013-12-26 15:46 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Packages
2014-06-23 11:42 - 2014-06-23 11:42 - 00046136 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-06-21 23:11 - 2013-12-29 15:31 - 00000000 ____D () C:\Users\Lukas\.gimp-2.8
2014-06-21 21:37 - 2014-06-21 21:37 - 00011958 _____ () C:\Users\Lukas\AppData\Local\recently-used.xbel
2014-06-21 20:47 - 2014-06-21 20:47 - 00000000 ____D () C:\Users\Lukas\Documents\Stronghold Kingdoms
2014-06-21 20:47 - 2014-06-21 20:47 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Firefly Studios
2014-06-21 20:47 - 2014-06-21 20:47 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Geckofx
2014-06-21 09:28 - 2014-02-10 16:29 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Craften Terminal
2014-06-21 09:13 - 2014-02-10 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craften Terminal
2014-06-21 09:13 - 2014-02-10 16:28 - 00000000 ____D () C:\Program Files (x86)\Craften Terminal
2014-06-20 16:26 - 2014-02-25 22:18 - 00000000 ___RD () C:\Users\Lukas\Dropbox
2014-06-20 14:08 - 2013-12-27 11:02 - 00000000 ___RD () C:\Users\Lukas\Desktop\Lukas
2014-06-19 14:32 - 2014-06-19 14:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 19:01 - 2014-04-27 20:02 - 00004092 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-18 19:01 - 2014-04-27 20:02 - 00003856 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-15 15:22 - 2014-04-03 15:11 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Tunngle
2014-06-15 15:22 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\Tunngle
2014-06-15 15:04 - 2014-03-02 20:14 - 00283064 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-06-15 11:51 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-06-15 00:04 - 2014-06-15 00:04 - 00000000 ____D () C:\ProgramData\ATI
2014-06-14 23:51 - 2014-06-14 23:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Raptr
2014-06-14 23:51 - 2014-06-14 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-06-14 23:51 - 2014-06-14 23:51 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-06-14 23:51 - 2013-12-27 21:21 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-06-14 23:44 - 2014-06-14 23:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-14 23:42 - 2014-05-02 18:09 - 00000000 ____D () C:\AMD
2014-06-14 19:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-14 17:14 - 2014-06-14 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinypic
2014-06-14 17:14 - 2014-06-14 17:14 - 00000000 ____D () C:\Program Files (x86)\Tinypic
2014-06-14 17:08 - 2013-12-29 15:34 - 00000000 ____D () C:\Users\Lukas\AppData\Local\gtk-2.0
2014-06-14 16:36 - 2013-12-27 20:15 - 00000909 _____ () C:\Users\Lukas\Desktop\Downloads.lnk
2014-06-14 15:32 - 2013-08-22 16:44 - 00377208 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-14 15:29 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-14 15:29 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-14 15:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-14 15:29 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-12 21:05 - 2014-06-12 21:05 - 00046376 _____ (NetFilterSDK.com) C:\WINDOWS\system32\Drivers\netfilter64.sys
Files to move or delete:
====================
C:\ProgramData\sysqcl1129139270.dat
Some content of TEMP:
====================
C:\Users\Lukas\AppData\Local\Temp\Quarantine.exe
C:\Users\Lukas\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-09 14:30
==================== End Of Log ============================
Alles lief mit ausgeschaltetem Virenscanner/Firewall. Probleme? Soweit nicht, aber was soll ich denn mit den ganzen Sachen in der Quarantäne von Mbam machen und was ist mit den Funden von Eset zu tun? Das ich gleich am Anfang unserer Bereinigung alles bei Mbam in Quarantäne gesteckt habe, macht aber nichts oder? LG Geändert von julcek111 (09.07.2014 um 19:14 Uhr) |
|
10.07.2014, 14:55
| #9 |
| /// the machine /// TB-Ausbilder | Adwareprobleme Passt, MBAM Quarantäne kannste leeren. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\$Recycle.Bin
C:\ProgramData\sysqcl1129139270.dat
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.07.2014, 17:01
| #10 |
| | Adwareprobleme Hallo, was ist mit den 3 Funden von ESET? Muss ich mich darum noch irgendwie kümmern? Was ist mit denen passiert? Hier der Fixlog: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-07-2014 01
Ran by Lukas at 2014-07-10 17:50:07 Run:1
Running from C:\Users\Lukas\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\$Recycle.Bin
C:\ProgramData\sysqcl1129139270.dat
*****************
C:\$Recycle.Bin => Moved successfully.
C:\ProgramData\sysqcl1129139270.dat => Moved successfully.
==== End of Fixlog ====
Als Virenprogramm werde ich Norton weiterhin verwenden+Mbam als Extrascanner! Als Cleaner benutze ich schon immer CCleaner.. Ist jetzt wirklich alles weg? Gefühlt habe ich mehr Logs erstellt als alles andere  LG Und hier der DelFix Log: Code:
ATTFilter # DelFix v10.7 - Datei am 10/07/2014 um 17:56:58 erstellt
# Aktualisiert am 27/04/2014 von Xplode
# Benutzer : Lukas - LUKAS
# Betriebssystem : Windows 8.1 (64 bits)
~ Aktiviere die Benutzerkontensteuerung ... OK
~ Entferne die Bereinigungsprogramme ...
Gelöscht : C:\FRST
Gelöscht : C:\AdwCleaner
Gelöscht : C:\Users\Lukas\Desktop\Addition.txt
Gelöscht : C:\Users\Lukas\Desktop\adwcleaner_3.214.exe
Gelöscht : C:\Users\Lukas\Desktop\Fixlog.txt
Gelöscht : C:\Users\Lukas\Desktop\FRST.txt
Gelöscht : C:\Users\Lukas\Desktop\FRST64.exe
Gelöscht : C:\Users\Lukas\Desktop\JRT.exe
Gelöscht : C:\Users\Lukas\Desktop\JRT.txt
Gelöscht : C:\Users\Lukas\Desktop\Log 2.txt
Gelöscht : C:\Users\Lukas\Desktop\Log 3.txt
Gelöscht : C:\Users\Lukas\Desktop\Log Norton.txt
Gelöscht : C:\Users\Lukas\Desktop\Log.txt
Gelöscht : C:\Users\Lukas\Desktop\SecurityCheck.exe
Gelöscht : HKLM\SOFTWARE\AdwCleaner
~ Erstelle ein Backup der Registrierungsdatenbank ... OK
~ Lösche die Wiederherstellungspunkte ...
Gelöscht : RP #13 [DirectX wurde installiert | 06/21/2014 18:43:08]
Gelöscht : RP #14 [Windows Update | 06/25/2014 18:35:17]
Gelöscht : RP #15 [Windows Update | 06/29/2014 13:13:06]
Gelöscht : RP #16 [Windows Update | 07/03/2014 14:54:16]
Gelöscht : RP #17 [Norton 360 Registry Clean | 07/06/2014 08:50:30]
Gelöscht : RP #18 [Windows Update | 07/09/2014 12:31:18]
Ein neuer Wiederherstellungspunkt wurde erstellt !
~ Stelle die Systemeinstellungen wieder her ... OK
########## - EOF - ##########
|
|
11.07.2014, 11:14
| #11 | |
| /// the machine /// TB-Ausbilder | Adwareprobleme Die Funde haben wir doch gerade mit dem FRST Fix behandelt. Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.07.2014, 13:41
| #12 |
| | Adwareprobleme Hallo Schrauber, alles klar danke Ja.. aber meine Eltern haben das Jahresabbo grade verlängert. Großer Fan von Norton bin ich auch schon nicht mehr  Kostenlose Programme sind ja vermutlich auch nicht besser oder? Oder fragen wir anders: Was würdest du denn empfehlen? Trotzdem: Vielen vielen Dank zur Bereinigung meines Pcs!  |
|
12.07.2014, 07:43
| #13 |
| /// the machine /// TB-Ausbilder | Adwareprobleme ich empfehle immer Emsisoft. Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
Revo Uninstaller herunter.
dann auf 
und dann auf 
.
Linear-Darstellung
