| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Download ProtectWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.07.2014, 20:39
| #1 |
| |  Download Protect Hallo zusammen. Ich muss vorweg nehmen das ich ein ziemliches Greenhorn im PC Sektor bin und von daher abkürzen und Fachsprache nicht verstehe. Ich habe mir versehentlich eine Erweiterung namens Download Protect eingefangen. Kann mir jemand helfen dieses Programm komplett von meinem PC zu entfernen. Schönen Abend der Jo |
|
10.07.2014, 07:08
| #2 |
| /// the machine /// TB-Ausbilder    | Download Protect hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
10.07.2014, 17:31
| #3 |
| | Download Protect So zuerst einmal ein großes Dankeschön das du dich meiner annimst.
__________________FRST Editor: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-07-2014
Ran by Jo Lehrmann (administrator) on JOLEHRMANN on 10-07-2014 18:26:21
Running from C:\Users\Johannes\AppData\Local\Microsoft\Windows\INetCache\IE\91FS3UPX
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
() C:\Windows\System32\profextd.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-05-22] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-579152262-525530005-515234496-1001\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-579152262-525530005-515234496-1002\...\MountPoints2: {8eac516a-d9f9-11e3-be9e-3c77e65d0496} - "E:\HTC_Sync_Manager_PC.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {99789B29-C252-4374-B501-76174D17EB5F} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {99789B29-C252-4374-B501-76174D17EB5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {99789B29-C252-4374-B501-76174D17EB5F} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKCU - {99789B29-C252-4374-B501-76174D17EB5F} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: DownloadProtect Extension - {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} - C:\Program Files\{BF383C42-B9F2-4E89-87A9-5CCF49AD4CD8}\{5A40C85E-65CD-49BD-8F21-3D2152009E4F}.bin (Download Protect)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-03-09]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-03-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-03-09]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-03-09]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-03-09]
FF HKLM-x32\...\Firefox\Extensions: [{E2B2D0E7-6FA3-4056-99B9-B77244F90DFC}] - C:\WINDOWS\Installer\{68C802A5-2967-4E5B-9754-F2B8DBAB1106}\{E2B2D0E7-6FA3-4056-99B9-B77244F90DFC}.xpi
FF Extension: Download Protect - C:\WINDOWS\Installer\{68C802A5-2967-4E5B-9754-F2B8DBAB1106}\{E2B2D0E7-6FA3-4056-99B9-B77244F90DFC}.xpi [2014-05-24]
FF HKLM-x32\...\Firefox\Extensions: [{038F7C2F-4F03-48D5-9366-646F0CF3D5F8}] - C:\WINDOWS\Installer\{7DE888E3-FAC8-44B9-94AB-F17534D57E03}\{038F7C2F-4F03-48D5-9366-646F0CF3D5F8}.xpi
FF Extension: Download Protect - C:\WINDOWS\Installer\{7DE888E3-FAC8-44B9-94AB-F17534D57E03}\{038F7C2F-4F03-48D5-9366-646F0CF3D5F8}.xpi [2014-07-08]
Chrome:
=======
CHR HomePage: hxxp://www.google.de?hl=de&gl=de
CHR Extension: (Google Docs) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-08]
CHR Extension: (Google Drive) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-08]
CHR Extension: (YouTube) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-08]
CHR Extension: (Google-Suche) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-08]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-03-09]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-05-30]
CHR Extension: (Download Protect) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkebkimdfeodjmpogjbjbjdniiglimc [2014-07-08]
CHR Extension: (Virtual Keyboard) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-03-09]
CHR Extension: (Google Wallet) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-08]
CHR Extension: (Google Mail) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-08]
CHR Extension: (Anti-Banner) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-03-09]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
R2 cscriptd; C:\Windows\system32\profextd.exe [118784 2014-01-09] () [File not signed]
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-04-30] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-17] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2014-07-09] (IObit)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-06-17] (Acer Incorporate)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-03-09] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-03-09] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-03-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-03-09] (Kaspersky Lab ZAO)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-10 18:26 - 2014-07-10 18:26 - 00000000 ____D () C:\FRST
2014-07-10 18:19 - 2014-07-10 18:19 - 00000832 _____ () C:\WINDOWS\PFRO.log
2014-07-09 23:02 - 2014-07-09 23:02 - 00000187 _____ () C:\WINDOWS\setupact.log
2014-07-09 23:02 - 2014-07-09 23:02 - 00000178 _____ () C:\WINDOWS\setuperr.log
2014-07-09 23:00 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-09 22:59 - 2014-07-09 22:59 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 21:21 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-09 21:21 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-09 21:21 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-09 21:21 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-09 21:21 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-09 21:21 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-09 21:21 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-09 21:21 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-09 21:21 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-09 21:21 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-09 21:20 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-09 21:20 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-09 21:20 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-09 21:20 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-09 21:20 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-09 21:20 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-09 21:20 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-09 21:20 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-09 21:20 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-09 21:20 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-09 21:20 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-09 21:20 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-09 21:20 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-09 21:20 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-09 21:20 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-09 21:20 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-09 21:20 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-09 21:20 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-09 21:20 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-09 21:20 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-09 21:20 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-09 21:20 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-09 21:20 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-09 21:20 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-09 21:20 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-09 21:20 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-09 21:20 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-09 21:19 - 2014-07-01 00:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-09 21:19 - 2014-06-28 09:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-09 21:19 - 2014-06-28 09:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-09 21:19 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-09 21:19 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-09 21:19 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-09 21:19 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-09 21:19 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-09 21:19 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-09 21:19 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 21:19 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-09 21:19 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-09 21:19 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 21:19 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-09 21:19 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-09 21:19 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-09 21:19 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-09 21:19 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-09 21:19 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-09 21:19 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-09 21:14 - 2014-07-09 21:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-09 21:13 - 2014-07-10 18:23 - 00243525 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-09 00:22 - 2014-07-09 00:22 - 00000000 ____D () C:\Users\Johannes\AppData\Roaming\ProductData
2014-07-09 00:21 - 2014-07-09 00:22 - 00000000 ____D () C:\ProgramData\ProductData
2014-07-09 00:21 - 2014-07-09 00:22 - 00000000 ____D () C:\ProgramData\IObit
2014-07-09 00:21 - 2014-07-09 00:21 - 12906784 _____ (IObit) C:\Users\Johannes\Downloads\iobituninstaller_3.3.8.exe
2014-07-09 00:21 - 2014-07-09 00:21 - 00000000 ____D () C:\Users\Johannes\AppData\Roaming\IObit
2014-07-09 00:21 - 2014-07-09 00:21 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-07-08 21:42 - 2014-07-08 21:42 - 00000000 ____D () C:\Program Files\{BF383C42-B9F2-4E89-87A9-5CCF49AD4CD8}
2014-07-08 21:42 - 2014-07-08 21:42 - 00000000 ____D () C:\Program Files (x86)\{48C67497-55E6-47C2-9669-A39128A58E17}
2014-07-08 21:28 - 2014-07-08 21:28 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214 (3).exe
2014-07-08 20:54 - 2014-07-08 20:54 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214 (2).exe
2014-07-08 20:54 - 2014-07-08 20:54 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214 (1).exe
2014-07-08 20:42 - 2014-07-08 20:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Johannes\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager [1].exe
2014-07-08 20:42 - 2014-07-08 20:42 - 00788832 _____ ( ) C:\Users\Johannes\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager.exe
2014-07-03 23:48 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-07-03 23:47 - 2014-07-03 23:47 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214.exe
2014-07-03 23:06 - 2014-07-08 20:51 - 00000000 ____D () C:\Users\Johannes\AppData\Local\Network_Me_07032106
2014-07-03 23:06 - 2014-07-03 23:06 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-03 23:05 - 2014-07-03 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader
2014-06-29 21:04 - 2014-06-29 21:09 - 00000000 ____D () C:\Users\Johannes\Desktop\Urlaub Fritz
2014-06-29 20:18 - 2014-07-09 22:50 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-06-29 20:18 - 2014-07-08 20:50 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-06-29 20:18 - 2014-06-29 20:18 - 00000000 ____D () C:\Users\Johannes\AppData\Local\Macromedia
2014-06-28 15:13 - 2014-06-28 15:13 - 00000000 ____D () C:\Users\Johannes\AppData\Local\Mozilla
2014-06-28 15:13 - 2014-06-28 15:13 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-19 15:11 - 2014-06-26 22:55 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-19 15:11 - 2014-06-26 22:55 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-11 19:14 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-11 19:14 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 19:14 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-11 19:14 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-11 19:14 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 19:14 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 19:14 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 19:14 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 19:14 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 19:14 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 19:14 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 19:14 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 19:14 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 19:14 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 19:14 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 19:14 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 19:13 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-11 19:13 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-11 19:13 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-11 19:13 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 19:13 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-11 19:13 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-11 19:13 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-11 19:13 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-11 19:13 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-11 19:13 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-11 19:13 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-11 19:13 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-11 19:13 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-11 19:13 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-11 19:13 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-11 19:13 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-11 19:13 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-11 19:13 - 2014-04-11 08:13 - 01200128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-06-11 19:13 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-11 19:13 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-11 19:13 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-11 19:13 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-11 19:13 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-11 19:13 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-11 19:13 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-11 19:13 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-11 19:13 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-11 19:13 - 2014-04-06 18:34 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-11 19:13 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-11 19:13 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-11 19:13 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-11 19:13 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-11 19:13 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-11 19:13 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-11 19:13 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-11 19:13 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-11 19:13 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-11 19:13 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-11 19:13 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-11 19:13 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-11 19:13 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-11 19:13 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-11 19:13 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-11 19:13 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-11 19:13 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-11 19:13 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-11 19:13 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-11 19:13 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-11 19:13 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-11 19:13 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-11 19:13 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-11 19:13 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-11 19:13 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-11 19:13 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-11 19:13 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-11 19:13 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-11 19:13 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-11 19:13 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-11 19:13 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-11 19:13 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-11 19:13 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-11 19:13 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-11 19:13 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-11 19:13 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-11 19:13 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-11 19:13 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-11 19:13 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-11 19:13 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-11 19:13 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-11 19:13 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-11 19:13 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-11 19:13 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-11 19:13 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-11 19:13 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-11 19:13 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-11 19:13 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-11 19:13 - 2014-04-01 08:23 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-11 19:13 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-11 19:13 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-11 19:13 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-11 19:13 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-11 19:13 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-11 19:13 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-11 19:13 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-11 19:13 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-11 19:13 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-11 19:13 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-11 19:13 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-11 19:13 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-11 19:13 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-11 19:13 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-11 19:13 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-11 19:13 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-11 19:13 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-11 19:13 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-11 19:13 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-11 19:13 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-11 19:13 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-11 19:13 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-11 19:13 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-11 19:13 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-11 19:13 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-11 19:13 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-11 19:13 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-11 19:13 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-11 19:13 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-11 19:13 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-11 19:13 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-11 19:13 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-11 19:13 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-11 19:13 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-11 19:13 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-11 19:13 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-11 19:13 - 2014-03-18 10:19 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-11 19:13 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-11 19:13 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-11 19:13 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-11 19:13 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-11 19:13 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-11 19:13 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-11 19:13 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-11 19:13 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-11 19:13 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-11 19:13 - 2014-03-06 14:42 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-11 19:12 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-11 19:12 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-11 19:12 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-11 19:12 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-11 19:12 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-11 19:12 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-11 19:12 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 19:12 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-11 19:12 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-11 19:12 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-11 19:12 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-11 19:12 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-11 19:11 - 2014-06-11 19:11 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-10 19:13 - 2014-06-10 19:13 - 00000000 __SHD () C:\Users\Johannes\AppData\Local\EmieUserList
2014-06-10 19:13 - 2014-06-10 19:13 - 00000000 __SHD () C:\Users\Johannes\AppData\Local\EmieSiteList
==================== One Month Modified Files and Folders =======
2014-07-10 18:26 - 2014-07-10 18:26 - 00000000 ____D () C:\FRST
2014-07-10 18:23 - 2014-07-09 21:13 - 00243525 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-10 18:21 - 2014-01-16 22:41 - 00000000 __RDO () C:\Users\Johannes\SkyDrive
2014-07-10 18:20 - 2014-03-09 20:26 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-10 18:20 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-10 18:19 - 2014-07-10 18:19 - 00000832 _____ () C:\WINDOWS\PFRO.log
2014-07-10 18:19 - 2013-08-22 16:44 - 00360464 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-09 23:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-09 23:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 23:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 23:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-09 23:15 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-09 23:08 - 2013-11-14 09:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-09 23:08 - 2013-11-14 09:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-09 23:08 - 2013-11-14 09:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-09 23:02 - 2014-07-09 23:02 - 00000187 _____ () C:\WINDOWS\setupact.log
2014-07-09 23:02 - 2014-07-09 23:02 - 00000178 _____ () C:\WINDOWS\setuperr.log
2014-07-09 23:02 - 2014-01-08 16:30 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-09 23:02 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-09 23:01 - 2014-01-08 16:30 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-09 23:01 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-09 23:00 - 2013-11-14 09:13 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 23:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-09 22:59 - 2014-07-09 22:59 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 22:59 - 2014-01-08 14:20 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-579152262-525530005-515234496-1002
2014-07-09 22:50 - 2014-06-29 20:18 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-09 21:14 - 2014-07-09 21:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-09 21:14 - 2014-01-08 19:13 - 01048576 ___SH () C:\Users\Johannes\Desktop\Thumbs.db
2014-07-09 00:35 - 2014-01-28 23:00 - 00000000 ____D () C:\Users\Johannes\AppData\Roaming\Mozilla
2014-07-09 00:34 - 2014-01-08 14:21 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-09 00:22 - 2014-07-09 00:22 - 00000000 ____D () C:\Users\Johannes\AppData\Roaming\ProductData
2014-07-09 00:22 - 2014-07-09 00:21 - 00000000 ____D () C:\ProgramData\ProductData
2014-07-09 00:22 - 2014-07-09 00:21 - 00000000 ____D () C:\ProgramData\IObit
2014-07-09 00:21 - 2014-07-09 00:21 - 12906784 _____ (IObit) C:\Users\Johannes\Downloads\iobituninstaller_3.3.8.exe
2014-07-09 00:21 - 2014-07-09 00:21 - 00000000 ____D () C:\Users\Johannes\AppData\Roaming\IObit
2014-07-09 00:21 - 2014-07-09 00:21 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-07-08 21:54 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-08 21:42 - 2014-07-08 21:42 - 00000000 ____D () C:\Program Files\{BF383C42-B9F2-4E89-87A9-5CCF49AD4CD8}
2014-07-08 21:42 - 2014-07-08 21:42 - 00000000 ____D () C:\Program Files (x86)\{48C67497-55E6-47C2-9669-A39128A58E17}
2014-07-08 21:42 - 2014-03-29 13:18 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-08 21:37 - 2014-01-28 23:00 - 00000000 ____D () C:\AdwCleaner
2014-07-08 21:28 - 2014-07-08 21:28 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214 (3).exe
2014-07-08 20:54 - 2014-07-08 20:54 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214 (2).exe
2014-07-08 20:54 - 2014-07-08 20:54 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214 (1).exe
2014-07-08 20:51 - 2014-07-03 23:06 - 00000000 ____D () C:\Users\Johannes\AppData\Local\Network_Me_07032106
2014-07-08 20:50 - 2014-06-29 20:18 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-08 20:43 - 2014-01-28 22:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-08 20:42 - 2014-07-08 20:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Johannes\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager [1].exe
2014-07-08 20:42 - 2014-07-08 20:42 - 00788832 _____ ( ) C:\Users\Johannes\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager.exe
2014-07-03 23:47 - 2014-07-03 23:47 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-03 23:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-07-03 23:05 - 2014-07-03 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader
2014-07-02 23:24 - 2014-01-16 18:52 - 00000519 _____ () C:\Users\Johannes\AppData\Roaming\burnaware.ini
2014-07-01 00:45 - 2014-07-09 21:19 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-06-29 21:09 - 2014-06-29 21:04 - 00000000 ____D () C:\Users\Johannes\Desktop\Urlaub Fritz
2014-06-29 20:18 - 2014-06-29 20:18 - 00000000 ____D () C:\Users\Johannes\AppData\Local\Macromedia
2014-06-28 16:03 - 2014-01-08 18:24 - 00135168 ___SH () C:\Users\Johannes\Downloads\Thumbs.db
2014-06-28 15:13 - 2014-06-28 15:13 - 00000000 ____D () C:\Users\Johannes\AppData\Local\Mozilla
2014-06-28 15:13 - 2014-06-28 15:13 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-28 09:48 - 2014-07-09 21:19 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-28 09:07 - 2014-07-09 21:19 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-06-26 22:55 - 2014-06-19 15:11 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:55 - 2014-06-19 15:11 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-19 15:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-19 03:39 - 2014-07-09 21:20 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-19 02:48 - 2014-07-09 21:20 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-19 02:16 - 2014-07-09 21:20 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-19 02:09 - 2014-07-09 21:20 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-19 01:51 - 2014-07-09 21:20 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-09 21:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-09 21:20 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-19 01:46 - 2014-07-09 21:20 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-06-19 01:39 - 2014-07-09 21:20 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-19 01:33 - 2014-07-09 21:20 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-09 21:20 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-19 01:27 - 2014-07-09 21:20 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-19 01:12 - 2014-07-09 21:20 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-19 00:59 - 2014-07-09 21:20 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-09 21:20 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-19 00:58 - 2014-07-09 21:20 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-19 00:57 - 2014-07-09 21:20 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-06-19 00:52 - 2014-07-09 21:20 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-09 21:20 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-09 21:20 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-19 00:45 - 2014-07-09 21:20 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-09 21:20 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-09 21:20 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-09 21:20 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-09 21:20 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-09 21:20 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-09 21:20 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-18 20:20 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-18 20:20 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-17 00:26 - 2014-07-09 21:21 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-06-17 00:24 - 2014-07-09 21:21 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-06-11 19:11 - 2014-06-11 19:11 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-10 19:13 - 2014-06-10 19:13 - 00000000 __SHD () C:\Users\Johannes\AppData\Local\EmieUserList
2014-06-10 19:13 - 2014-06-10 19:13 - 00000000 __SHD () C:\Users\Johannes\AppData\Local\EmieSiteList
Some content of TEMP:
====================
C:\Users\Johannes\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-01 21:12
==================== End Of Log ============================
Addition Editor Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-07-2014
Ran by Jo Lehrmann at 2014-07-10 18:27:16
Running from C:\Users\Johannes\AppData\Local\Microsoft\Windows\INetCache\IE\91FS3UPX
Boot Mode: Normal
==========================================================
==================== Security Center ========================
==================== Installed Programs ======================
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3013 - Acer Incorporated)
Acer Games (HKCU\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.7.42206 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3005 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer USB Charge Manager (HKLM\...\{07E867C5-0C48-40FF-A013-DDAF4565AD47}) (Version: 2.00.3004 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BurnAware Free 6.9 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
ETDWare PS/2-X64 11.6.24.203_WHQL (HKLM\...\Elantech) (Version: 11.6.24.203 - ELAN Microelectronic Corp.)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.0.0.1083 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.28140 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 8.1.0.17 - WildTangent, Inc.)
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 8.1.0.17 - WildTangent, Inc.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Updater (HKLM-x32\...\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
==================== Restore Points =========================
18-06-2014 17:02:56 Windows Update
27-06-2014 16:10:10 Geplanter Prüfpunkt
08-07-2014 19:54:59 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {02F3AC5D-8CE0-4FE8-B1AF-AC53E209B589} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {26063261-DB8C-41B0-9B9F-D51464454F37} - \YourFile DownloaderUpdate No Task File <==== ATTENTION
Task: {2C19A70C-4FCD-4FAD-BBC6-72203E19DD13} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2DB9470A-7099-4698-84DD-5063F4A5A139} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {370D989C-B29F-4D59-9A2A-F91BCAAA5AD1} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4C078CE1-8AF1-41C6-BEE1-0A8F8C178575} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {513AE43D-0425-4B6C-97B8-4DCBDFF82F33} - \SaveSenseLiveUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {5CC5BD7E-F3C8-4647-9DE5-FDE0B12F4877} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {5FDFC84B-052F-44EF-9434-70B8501B23B2} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {6991F5D1-8E4F-4F27-AABE-D667913BA310} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-06-17] (Acer Incorporate)
Task: {6A94BAF6-7EA3-4031-B2A2-925B9E6EA2A1} - \SaveSense No Task File <==== ATTENTION
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8F2B5D50-FC49-4F37-99F2-E4CA803398A2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {985111C1-65CB-4B37-889E-6ACD2F67B880} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {9CC5A4E9-5AA7-4931-8633-4E7CE0A597B0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A035285B-C18A-46AC-89FC-26E5D7640A25} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-09] (Microsoft Corporation)
Task: {B1DDD69E-E689-4000-87C3-4602E7137ED7} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {C8BD14FB-137F-450C-A668-0FE49F425729} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E0016269-49ED-4B59-9C2E-237CEE23361A} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E7ABD9AA-2D21-42EB-A334-7A22A12E99E3} - \UpdaterEX No Task File <==== ATTENTION
Task: {FCCAE345-2BF8-45DE-B463-05E7FB15AA27} - \SaveSenseLiveUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {FDFD768C-4075-4EAE-B2BE-7AAABD520744} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-08-27] (Symantec Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-09-05 03:36 - 2013-09-05 03:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-01-09 19:46 - 2014-01-09 19:46 - 00118784 _____ () C:\Windows\system32\profextd.exe
2013-10-24 15:32 - 2013-02-20 22:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-01-25 00:09 - 2013-01-25 00:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-25 00:05 - 2013-01-25 00:05 - 00084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-25 00:12 - 2013-01-25 00:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-06-17 13:35 - 2013-06-17 13:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 15:52 - 2013-05-08 15:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2013-10-24 15:05 - 2013-01-23 09:57 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Johannes\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (07/08/2014 09:53:48 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (07/08/2014 09:53:48 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (07/08/2014 09:53:48 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (07/08/2014 09:16:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: delegate_execute.exe, Version: 34.0.1847.137, Zeitstempel: 0x536aae9d
Name des fehlerhaften Moduls: delegate_execute.exe, Version: 34.0.1847.137, Zeitstempel: 0x536aae9d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003232d
ID des fehlerhaften Prozesses: 0x12a8
Startzeit der fehlerhaften Anwendung: 0xdelegate_execute.exe0
Pfad der fehlerhaften Anwendung: delegate_execute.exe1
Pfad des fehlerhaften Moduls: delegate_execute.exe2
Berichtskennung: delegate_execute.exe3
Vollständiger Name des fehlerhaften Pakets: delegate_execute.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: delegate_execute.exe5
Error: (07/08/2014 09:09:41 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database
Error: (07/03/2014 11:22:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wdBlockAndSurfx.exe, Version: 1.174.0.0, Zeitstempel: 0x53b50c27
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0xb80
Startzeit der fehlerhaften Anwendung: 0xwdBlockAndSurfx.exe0
Pfad der fehlerhaften Anwendung: wdBlockAndSurfx.exe1
Pfad des fehlerhaften Moduls: wdBlockAndSurfx.exe2
Berichtskennung: wdBlockAndSurfx.exe3
Vollständiger Name des fehlerhaften Pakets: wdBlockAndSurfx.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wdBlockAndSurfx.exe5
Error: (07/03/2014 11:12:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wdBlockAndSurfx.exe, Version: 1.174.0.0, Zeitstempel: 0x53b50c27
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x9b4
Startzeit der fehlerhaften Anwendung: 0xwdBlockAndSurfx.exe0
Pfad der fehlerhaften Anwendung: wdBlockAndSurfx.exe1
Pfad des fehlerhaften Moduls: wdBlockAndSurfx.exe2
Berichtskennung: wdBlockAndSurfx.exe3
Vollständiger Name des fehlerhaften Pakets: wdBlockAndSurfx.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wdBlockAndSurfx.exe5
Error: (07/03/2014 08:00:05 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (07/03/2014 08:00:05 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (07/03/2014 08:00:05 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
System errors:
=============
Error: (07/09/2014 11:02:18 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (07/09/2014 10:19:50 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (07/09/2014 00:11:30 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "JOHANNESLEHRMAN",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{0EB48AB8-9E4A-4189-B971-0B0AD7F56158}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/08/2014 08:22:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 03.07.2014 um 23:52:26 unerwartet heruntergefahren.
Error: (06/29/2014 08:50:21 PM) (Source: DCOM) (EventID: 10010) (User: JOLEHRMANN)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}
Error: (06/02/2014 09:18:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SaveSenseLive Service (savesenselive)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/02/2014 09:16:10 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 01.06.2014 um 14:10:59 unerwartet heruntergefahren.
Error: (05/30/2014 06:42:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SaveSenseLive Service (savesenselive)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/30/2014 06:41:08 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (05/30/2014 06:40:23 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x0000000000000004, 0x000000000000012c, 0xffffe00042c40880, 0xfffff80205623ca0)C:\WINDOWS\MEMORY.DMP053014-17953-01
Microsoft Office Sessions:
=========================
Error: (07/08/2014 09:53:48 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4
Error: (07/08/2014 09:53:48 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4
Error: (07/08/2014 09:53:48 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4
Error: (07/08/2014 09:16:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: delegate_execute.exe34.0.1847.137536aae9ddelegate_execute.exe34.0.1847.137536aae9dc00000050003232d12a801cf9ae11ddf4e6bC:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\delegate_execute.exeC:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\delegate_execute.exe5cf8a198-06d4-11e4-beac-3c77e65d0496
Error: (07/08/2014 09:09:41 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883
Error: (07/03/2014 11:22:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wdBlockAndSurfx.exe1.174.0.053b50c27unknown0.0.0.000000000c000000500000000b8001cf9704d833d397C:\Program Files (x86)\v01BlockAndSurf\wdBlockAndSurfx.exeunknown188ce79e-02f8-11e4-bea9-3c77e65d0496
Error: (07/03/2014 11:12:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wdBlockAndSurfx.exe1.174.0.053b50c27unknown0.0.0.000000000c0000005000000009b401cf97036a25ec85C:\Program Files (x86)\v01BlockAndSurf\wdBlockAndSurfx.exeunknownac6db8ce-02f6-11e4-bea8-3c77e65d0496
Error: (07/03/2014 08:00:05 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4
Error: (07/03/2014 08:00:05 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4
Error: (07/03/2014 08:00:05 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4
==================== Memory info ===========================
Percentage of memory in use: 20%
Total physical RAM: 8072.27 MB
Available physical RAM: 6418.79 MB
Total Pagefile: 9352.27 MB
Available Pagefile: 7548.14 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:447.61 GB) (Free:367.84 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: AA164C04)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
11.07.2014, 11:14
| #4 |
| /// the machine /// TB-Ausbilder | Download Protect Adware & Co. deinstallieren
Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter: Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.07.2014, 17:43
| #5 |
| | Download Protect Mbam Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 11.07.2014 Suchlauf-Zeit: 17:27:46 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.07.11.06 Rootkit Datenbank: v2014.07.09.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Jo Lehrmann Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 326419 Verstrichene Zeit: 9 Min, 0 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 7 PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\Wd\wd.exe, 6844, Löschen bei Neustart, [4ef4b1edc7b449ed535d1cbc877bb14f] PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\Proxy\pwdg.exe, 7592, Löschen bei Neustart, [0d359608df9cce681227d4f537cbe719] PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe, 7420, Löschen bei Neustart, [7bc7fba3b0cb251140f455bb9d679a66] PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 7748, Löschen bei Neustart, [ec56f2acbfbc82b446c7c6d743bf06fa] PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bservice.exe, 4224, Löschen bei Neustart, [9ea4edb1cface2541254574a2dd532ce] PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bservice64.exe, 3708, Löschen bei Neustart, [9ea4edb1cface2541254574a2dd532ce] PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\Proxy\proc.exe, 2164, Löschen bei Neustart, [8eb4a1fdff7ca88e16e86446ee147a86] Module: 13 PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\FiddlerCore.dll, Löschen bei Neustart, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\Newtonsoft.Json.dll, Löschen bei Neustart, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bhelper.dll, Löschen bei Neustart, [9ea4edb1cface2541254574a2dd532ce], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bhelper.dll, Löschen bei Neustart, [9ea4edb1cface2541254574a2dd532ce], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bhelper.dll, Löschen bei Neustart, [9ea4edb1cface2541254574a2dd532ce], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bhelper.dll, Löschen bei Neustart, [9ea4edb1cface2541254574a2dd532ce], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bhelper.dll, Löschen bei Neustart, [9ea4edb1cface2541254574a2dd532ce], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bhelper.dll, Löschen bei Neustart, [9ea4edb1cface2541254574a2dd532ce], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bhelper.dll, Löschen bei Neustart, [9ea4edb1cface2541254574a2dd532ce], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bhelper.dll, Löschen bei Neustart, [9ea4edb1cface2541254574a2dd532ce], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bhelper.dll, Löschen bei Neustart, [9ea4edb1cface2541254574a2dd532ce], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bhelper.dll, Löschen bei Neustart, [9ea4edb1cface2541254574a2dd532ce], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bhelper.dll, Löschen bei Neustart, [9ea4edb1cface2541254574a2dd532ce], Registrierungsschlüssel: 12 PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\System Speedup_is1, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\Wajam, In Quarantäne, [21219e00b0cb2e08c079ed2383812cd4], PUP.Optional.Bench.A, HKLM\SOFTWARE\WOW6432NODE\BENCH\BService, In Quarantäne, [73cfc2dc99e244f265a393319c662ed2], PUP.Optional.Bench.A, HKLM\SOFTWARE\WOW6432NODE\BENCH\InstalledExtensions, In Quarantäne, [a69ca3fb86f5f83e6b9ed9eb3dc533cd], PUP.Optional.Bench.A, HKLM\SOFTWARE\WOW6432NODE\BENCH\NmHost, In Quarantäne, [72d06638225940f611f9bf05a55db54b], PUP.Optional.Bench.A, HKLM\SOFTWARE\WOW6432NODE\BENCH\Updater, In Quarantäne, [063cdbc393e8c1755bb04b79b74bde22], PUP.Optional.Bench.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\NATIVEMESSAGINGHOSTS\com.bench.nmhost, In Quarantäne, [af93b0ee6b10de583bc6ca4455af15eb], PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, In Quarantäne, [0240e0be2e4d8da913d4befb7b87b24e], PUP.Optional.Wajam.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Wajam Internet Enhancer Service, In Quarantäne, [7bc7fba3b0cb251140f455bb9d679a66], PUP.Optional.SystemSpeedup, HKU\S-1-5-21-579152262-525530005-515234496-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [271b930b56254de93ea87742d1316898], PUP.Optional.Wajam.A, HKU\S-1-5-21-579152262-525530005-515234496-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM, In Quarantäne, [54ee9c02710a70c65c943fb901021fe1], PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Wajam, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], Registrierungswerte: 7 PUP.Optional.Bench.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Wd, C:\Program Files (x86)\Bench\Wd\wd.exe, In Quarantäne, [4ef4b1edc7b449ed535d1cbc877bb14f] PUP.Optional.Bench.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Bench Communicator Watcher, C:\Program Files (x86)\Bench\Proxy\pwdg.exe, In Quarantäne, [0d359608df9cce681227d4f537cbe719] PUP.Optional.Bench.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Bench Settings Cleaner, C:\Program Files (x86)\Bench\Proxy\cl.exe, In Quarantäne, [1230633bc8b3e84e95a557726c96e21e] PUP.Optional.SmartApps, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|SafetySearch-repairJob, wscript.exe "C:\Users\Johannes\AppData\Local\SafetySearch\repair.js" "SafetySearch-repairJob", In Quarantäne, [340e4d514635d066e9dad23cda2a758b] PUP.Optional.Wajam.A, HKU\S-1-5-21-579152262-525530005-515234496-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM|affiliate_id, 1401, In Quarantäne, [54ee9c02710a70c65c943fb901021fe1] PUP.Optional.Bench.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BService, C:\Program Files (x86)\Bench\BService\1.1\bservice.exe, In Quarantäne, [9ea4edb1cface2541254574a2dd532ce] PUP.Optional.Bench.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BService64, C:\Program Files (x86)\Bench\BService\1.1\bservice64.exe, In Quarantäne, [9ea4edb1cface2541254574a2dd532ce] Registrierungsdaten: 0 (No malicious items detected) Ordner: 18 PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup, In Quarantäne, [5ae84b538eedba7c3ea661582cd6d62a], PUP.Optional.BenchUpdater, C:\Program Files (x86)\Bench\NmHost, In Quarantäne, [e75b4559fa812412121b25bb35cdb749], PUP.Optional.BenchUpdater.A, C:\Users\Johannes\AppData\Local\BenchUpdater, In Quarantäne, [fe445e402a51c472e05c14cd917124dc], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam, Löschen bei Neustart, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer, Löschen bei Neustart, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.AdwarePlugin, C:\Program Files (x86)\Bench\Updater, In Quarantäne, [350d0e90a3d89d9966190f8f3dc5d729], PUP.Optional.AdwarePlugin, C:\Program Files (x86)\Bench\Updater\1.7.0.0, In Quarantäne, [350d0e90a3d89d9966190f8f3dc5d729], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Uninstall Wajam, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService, Löschen bei Neustart, [9ea4edb1cface2541254574a2dd532ce], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1, Löschen bei Neustart, [9ea4edb1cface2541254574a2dd532ce], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\Wd, Löschen bei Neustart, [f64ceab42d4e25116403e0c1cb370cf4], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\Proxy, Löschen bei Neustart, [8eb4a1fdff7ca88e16e86446ee147a86], PUP.Optional.SystemSpeedup, C:\Users\Johannes\AppData\Roaming\Systweak\ssd, In Quarantäne, [c181adf15f1c171fdd5acbeb03ffce32], Dateien: 155 PUP.Optional.AppInstaller, C:\Users\Johannes\AppData\Local\Temp\n2011\FLVMPlayerSetup-c45490cb.exe, In Quarantäne, [ec5647570c6f6ccaed75bccb0001c43c], PUP.Optional.BundleInstaller.A, C:\Users\Johannes\AppData\Local\Temp\n2011\s2011.exe, In Quarantäne, [78cab3ebbfbc0333fe5b47040df328d8], PUP.Optional.Wajam.A, C:\Users\Johannes\AppData\Local\Temp\n2011\wajam_2207-6c14163c.exe, In Quarantäne, [d072c4dae99242f4030a66e144bcd030], PUP.Optional.SystemSpeedup, C:\Windows\Tasks\System Speedup_DEFAULT.job, In Quarantäne, [172bb4ea2853cf6792f7c6f32cd60cf4], PUP.Optional.SystemSpeedup, C:\Windows\System32\Tasks\System Speedup_DEFAULT, In Quarantäne, [7fc3ebb3d2a991a561297841cc3604fc], PUP.Optional.SystemSpeedup, C:\Windows\Tasks\System Speedup_UPDATES.job, In Quarantäne, [5fe3dbc34c2f66d0f09bfcbdcd350cf4], PUP.Optional.SystemSpeedup, C:\Windows\System32\Tasks\System Speedup_UPDATES, In Quarantäne, [083a524ccbb0ae88f39933861ce656aa], PUP.Optional.SystemSpeedup, C:\Users\Public\Desktop\System Speedup.lnk, In Quarantäne, [cd7599052f4cc37329b92c8dec162bd5], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\SystemSpeedup.exe, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\eng_uninst.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\russian_rcp_ru.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\BeforeUninstall.exe, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\Chinese_rcp.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\Chinese_uninst.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\CleanSchedule.exe, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\Danish_rcp.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\Danish_uninst.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\Dutch_rcp.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\Dutch_uninst.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\eng_rcp.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\Japanese_rcp.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\Japanese_uninst.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\korean_rcp_ko.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\korean_uninst_ko.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\Norwegian_rcp.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\Norwegian_uninst.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\polish_rcp_pl.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\polish_uninst_pl.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\portugese_rcp_pt.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\portugese_uninst_pt.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\Portuguese_rcp.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\Portuguese_uninst.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\RegCleanPro.dll, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\Finnish_rcp_fi.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\Finnish_uninst_fi.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\French_rcp.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\French_uninst.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\German_rcp.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\German_uninst.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\greek_rcp_el.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\greek_uninst_el.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\install_left_image.bmp, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\isxdl.dll, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\Italian_rcp.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\Italian_uninst.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\russian_uninst_ru.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\Spanish_rcp.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\spanish_uninst.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\Swedish_rcp.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\swedish_uninst.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\systweakasp.exe, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\TPS.ico, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\TraditionalCn_rcp_zh-tw.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\traditionalcn_uninst_zh-tw.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\turkish_rcp_tr.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\Turkish_uninst_tr.ini, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\unins000.dat, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\unins000.exe, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\unins000.msg, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\Program Files (x86)\System Speedup\xmllite.dll, In Quarantäne, [65ddfea00c6fe650974cf1c8d13146ba], PUP.Optional.SystemSpeedup, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup\System Speedup.lnk, In Quarantäne, [5ae84b538eedba7c3ea661582cd6d62a], PUP.Optional.SystemSpeedup, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup\Register System Speedup.lnk, In Quarantäne, [5ae84b538eedba7c3ea661582cd6d62a], PUP.Optional.SystemSpeedup, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup\System Speedup entfernen.lnk, In Quarantäne, [5ae84b538eedba7c3ea661582cd6d62a], PUP.Optional.BenchUpdater.A, C:\Windows\System32\Tasks\bench-S-1-5-21-579152262-525530005-515234496-1002, In Quarantäne, [7bc7910ddba0ad896c0b506cb0524cb4], PUP.Optional.BenchUpdater.A, C:\Windows\System32\Tasks\bench-sys, In Quarantäne, [b58d75292e4d66d02552d0ec48baca36], PUP.Optional.BenchUpdater, C:\Program Files (x86)\Bench\NmHost\nmhost.exe, In Quarantäne, [e75b4559fa812412121b25bb35cdb749], PUP.Optional.BenchUpdater, C:\Program Files (x86)\Bench\NmHost\manifest.json, In Quarantäne, [e75b4559fa812412121b25bb35cdb749], PUP.Optional.BenchUpdater.A, C:\Windows\Tasks\bench-S-1-5-21-579152262-525530005-515234496-1002.job, In Quarantäne, [de649707661574c21229a041ca38847c], PUP.Optional.BenchUpdater.A, C:\Windows\Tasks\bench-sys.job, In Quarantäne, [57ebe3bbbbc01b1ba893b72a08fa01ff], PUP.Optional.BenchUpdater.A, C:\Users\Johannes\AppData\Local\BenchUpdater\products.xml, In Quarantäne, [fe445e402a51c472e05c14cd917124dc], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\Wd\wd.exe, Löschen bei Neustart, [4ef4b1edc7b449ed535d1cbc877bb14f], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\Proxy\pwdg.exe, Löschen bei Neustart, [0d359608df9cce681227d4f537cbe719], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\Proxy\cl.exe, In Quarantäne, [1230633bc8b3e84e95a557726c96e21e], PUP.Optional.SmartApps, C:\Users\Johannes\AppData\Local\SafetySearch\repair.js, In Quarantäne, [340e4d514635d066e9dad23cda2a758b], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe, Löschen bei Neustart, [7bc7fba3b0cb251140f455bb9d679a66], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\uninstall.exe, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\amazon.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\argos.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\ask.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\bestbuy.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\ebay.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\etsy.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\facebook.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\favicon.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\google.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\homedepot.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\ikea.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\imdb.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\lowes.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\mercado.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\mysearchweb.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\myshopping.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\searchresult.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\sears.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\setting.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\settings.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\shopping.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\target.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\tesco.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\tripadvisor.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\twitter.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\wajam.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\walmart.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\wiki.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\yahoo.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\zalando.ico, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\2845734c09907de22309ed6090c7c5b9, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\5e3eed8d71e51fe2acf6b93a5c860ab2, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\8709317cf4c8a5379fcb0faeebabac8c, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\a12534f1688fe7d400f8d5ec8c062411, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\FiddlerCore.dll, Löschen bei Neustart, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\HtmlAgilityPack.dll, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\makecert.exe, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\Newtonsoft.Json.dll, Löschen bei Neustart, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamHttpServer.exe, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, Löschen bei Neustart, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\wie, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WJManifest, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WJProxyTools.exe, In Quarantäne, [ec56f2acbfbc82b446c7c6d743bf06fa], PUP.Optional.AdwarePlugin, C:\Program Files (x86)\Bench\Updater\products.xml, In Quarantäne, [350d0e90a3d89d9966190f8f3dc5d729], PUP.Optional.AdwarePlugin, C:\Program Files (x86)\Bench\Updater\updater.exe, In Quarantäne, [350d0e90a3d89d9966190f8f3dc5d729], PUP.Optional.AdwarePlugin, C:\Program Files (x86)\Bench\Updater\1.7.0.0\updater.exe, In Quarantäne, [350d0e90a3d89d9966190f8f3dc5d729], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Settings.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\SignIn with Facebook.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\SignIn with Twitter.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Wajam Website.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Ask.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Google.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\IMDb.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Shopping.com.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\TripAdvisor.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Wikipedia.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Yahoo!.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Amazon.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Argos.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Ebay.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Etsy.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\HomeDepot.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Ikea.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Lowe's.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Mercadolivre.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\MyShopping.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Sears.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Target.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Tesco.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Walmart.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Zalando.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Uninstall Wajam\uninstall.lnk, In Quarantäne, [be84bbe335462511c8f17d21b44eee12], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bhelper.dll, Löschen bei Neustart, [9ea4edb1cface2541254574a2dd532ce], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bhelper64.dll, Löschen bei Neustart, [9ea4edb1cface2541254574a2dd532ce], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bservice.exe, Löschen bei Neustart, [9ea4edb1cface2541254574a2dd532ce], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService\1.1\bservice64.exe, Löschen bei Neustart, [9ea4edb1cface2541254574a2dd532ce], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\Proxy\icon.ico, In Quarantäne, [8eb4a1fdff7ca88e16e86446ee147a86], PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\Proxy\proc.exe, Löschen bei Neustart, [8eb4a1fdff7ca88e16e86446ee147a86], PUP.Optional.SystemSpeedup, C:\Users\Johannes\AppData\Roaming\Systweak\ssd\SSDPTstub.exe, In Quarantäne, [c181adf15f1c171fdd5acbeb03ffce32], Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.215 - Bericht erstellt am 11/07/2014 um 18:15:23
# Aktualisiert 09/07/2014 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Jo Lehrmann - JOLEHRMANN
# Gestartet von : C:\Users\Johannes\AppData\Local\Microsoft\Windows\INetCache\IE\Z0P6TESI\adwcleaner_3.215.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\Bench
Ordner Gelöscht : C:\Program Files (x86)\FLVM Player
Ordner Gelöscht : C:\Users\Johannes\AppData\Roaming\System Speedup
Ordner Gelöscht : C:\Users\Johannes\AppData\Roaming\Systweak
Datei Gelöscht : C:\WINDOWS\System32\roboot64.exe
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Schlüssel Gelöscht : HKCU\Software\System Speedup
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKLM\Software\System Speedup
Schlüssel Gelöscht : HKLM\Software\systweak
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Google Chrome v
[ Datei : C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Datei : C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Datei : C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Datei : C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Datei : C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Datei : C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Datei : C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Datei : C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Datei : C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Datei : C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Datei : C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Datei : C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Datei : C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Datei : C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Datei : C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [12749 octets] - [28/01/2014 23:01:08]
AdwCleaner[R1].txt - [30212 octets] - [03/07/2014 23:47:33]
AdwCleaner[R2].txt - [9782 octets] - [08/07/2014 20:55:04]
AdwCleaner[R3].txt - [5702 octets] - [08/07/2014 21:28:51]
AdwCleaner[R4].txt - [3478 octets] - [11/07/2014 18:13:17]
AdwCleaner[S0].txt - [9266 octets] - [28/01/2014 23:02:41]
AdwCleaner[S1].txt - [14766 octets] - [03/07/2014 23:48:32]
AdwCleaner[S2].txt - [4233 octets] - [08/07/2014 21:37:27]
AdwCleaner[S3].txt - [3291 octets] - [11/07/2014 18:15:23]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [3351 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Jo Lehrmann on 11.07.2014 at 18:19:41,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.07.2014 at 18:23:38,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by Jo Lehrmann (administrator) on JOLEHRMANN on 11-07-2014 18:34:54
Running from C:\Users\Johannes\AppData\Local\Microsoft\Windows\INetCache\IE\Z0P6TESI
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
() C:\Windows\System32\profextd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-05-22] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-579152262-525530005-515234496-1001\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-579152262-525530005-515234496-1002\...\MountPoints2: {8eac516a-d9f9-11e3-be9e-3c77e65d0496} - "E:\HTC_Sync_Manager_PC.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {99789B29-C252-4374-B501-76174D17EB5F} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {99789B29-C252-4374-B501-76174D17EB5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {99789B29-C252-4374-B501-76174D17EB5F} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKCU - {99789B29-C252-4374-B501-76174D17EB5F} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: DownloadProtect Extension - {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} - C:\Program Files\{BF383C42-B9F2-4E89-87A9-5CCF49AD4CD8}\{5A40C85E-65CD-49BD-8F21-3D2152009E4F}.bin (Download Protect)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-03-09]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-03-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-03-09]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-03-09]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-03-09]
FF HKLM-x32\...\Firefox\Extensions: [{E2B2D0E7-6FA3-4056-99B9-B77244F90DFC}] - C:\WINDOWS\Installer\{68C802A5-2967-4E5B-9754-F2B8DBAB1106}\{E2B2D0E7-6FA3-4056-99B9-B77244F90DFC}.xpi
FF Extension: Download Protect - C:\WINDOWS\Installer\{68C802A5-2967-4E5B-9754-F2B8DBAB1106}\{E2B2D0E7-6FA3-4056-99B9-B77244F90DFC}.xpi [2014-05-24]
FF HKLM-x32\...\Firefox\Extensions: [{038F7C2F-4F03-48D5-9366-646F0CF3D5F8}] - C:\WINDOWS\Installer\{7DE888E3-FAC8-44B9-94AB-F17534D57E03}\{038F7C2F-4F03-48D5-9366-646F0CF3D5F8}.xpi
FF Extension: Download Protect - C:\WINDOWS\Installer\{7DE888E3-FAC8-44B9-94AB-F17534D57E03}\{038F7C2F-4F03-48D5-9366-646F0CF3D5F8}.xpi [2014-07-08]
Chrome:
=======
CHR HomePage: hxxp://www.google.de?hl=de&gl=de
CHR Extension: (Google Docs) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-08]
CHR Extension: (Google Drive) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-08]
CHR Extension: (YouTube) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-08]
CHR Extension: (Google-Suche) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-08]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-03-09]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-05-30]
CHR Extension: (Download Protect) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkebkimdfeodjmpogjbjbjdniiglimc [2014-07-08]
CHR Extension: (Virtual Keyboard) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-03-09]
CHR Extension: (Google Wallet) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-08]
CHR Extension: (Google Mail) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-08]
CHR Extension: (Anti-Banner) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-03-09]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
R2 cscriptd; C:\Windows\system32\profextd.exe [118784 2014-01-09] () [File not signed]
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-04-30] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-17] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2014-07-09] (IObit)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-06-17] (Acer Incorporate)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-03-09] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-03-09] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-03-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-03-09] (Kaspersky Lab ZAO)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-11 18:31 - 2014-07-11 18:31 - 02084864 _____ (Farbar) C:\Users\Johannes\Downloads\FRST64.exe
2014-07-11 18:23 - 2014-07-11 18:23 - 00000620 _____ () C:\Users\Johannes\Desktop\JRT.txt
2014-07-11 18:19 - 2014-07-11 18:19 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-11 18:11 - 2014-07-11 18:11 - 00031146 _____ () C:\Users\Johannes\Desktop\mbam.txt
2014-07-11 17:26 - 2014-07-11 18:10 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-11 17:26 - 2014-07-11 17:26 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-11 17:26 - 2014-07-11 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-11 17:26 - 2014-07-11 17:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-11 17:26 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-11 17:26 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-11 17:26 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-11 17:09 - 2014-07-11 17:09 - 00001280 _____ () C:\Users\Johannes\Desktop\Revo Uninstaller.lnk
2014-07-11 17:09 - 2014-07-11 17:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-11 17:08 - 2014-07-11 17:09 - 00000003 _____ () C:\Users\Johannes\AppData\Local\proxy.log
2014-07-11 17:08 - 2014-07-11 17:08 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Johannes\Desktop\revosetup.exe
2014-07-11 17:08 - 2014-07-11 17:08 - 00003132 _____ () C:\WINDOWS\System32\Tasks\System Speedup
2014-07-10 18:26 - 2014-07-11 18:34 - 00000000 ____D () C:\FRST
2014-07-10 18:19 - 2014-07-11 18:16 - 00044814 _____ () C:\WINDOWS\PFRO.log
2014-07-09 23:02 - 2014-07-09 23:02 - 00000187 _____ () C:\WINDOWS\setupact.log
2014-07-09 23:02 - 2014-07-09 23:02 - 00000178 _____ () C:\WINDOWS\setuperr.log
2014-07-09 23:00 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-09 22:59 - 2014-07-09 22:59 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 21:21 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-09 21:21 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-09 21:21 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-09 21:21 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-09 21:21 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-09 21:21 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-09 21:21 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-09 21:21 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-09 21:21 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-09 21:21 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-09 21:20 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-09 21:20 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-09 21:20 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-09 21:20 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-09 21:20 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-09 21:20 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-09 21:20 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-09 21:20 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-09 21:20 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-09 21:20 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-09 21:20 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-09 21:20 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-09 21:20 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-09 21:20 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-09 21:20 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-09 21:20 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-09 21:20 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-09 21:20 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-09 21:20 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-09 21:20 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-09 21:20 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-09 21:20 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-09 21:20 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-09 21:20 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-09 21:20 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-09 21:20 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-09 21:20 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-09 21:19 - 2014-07-01 00:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-09 21:19 - 2014-06-28 09:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-09 21:19 - 2014-06-28 09:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-09 21:19 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-09 21:19 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-09 21:19 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-09 21:19 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-09 21:19 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-09 21:19 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-09 21:19 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 21:19 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-09 21:19 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-09 21:19 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 21:19 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-09 21:19 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-09 21:19 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-09 21:19 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-09 21:19 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-09 21:19 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-09 21:19 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-09 21:14 - 2014-07-09 21:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-09 21:13 - 2014-07-11 18:14 - 00283654 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-09 00:22 - 2014-07-09 00:22 - 00000000 ____D () C:\Users\Johannes\AppData\Roaming\ProductData
2014-07-09 00:21 - 2014-07-09 00:22 - 00000000 ____D () C:\ProgramData\ProductData
2014-07-09 00:21 - 2014-07-09 00:22 - 00000000 ____D () C:\ProgramData\IObit
2014-07-09 00:21 - 2014-07-09 00:21 - 12906784 _____ (IObit) C:\Users\Johannes\Downloads\iobituninstaller_3.3.8.exe
2014-07-09 00:21 - 2014-07-09 00:21 - 00000000 ____D () C:\Users\Johannes\AppData\Roaming\IObit
2014-07-09 00:21 - 2014-07-09 00:21 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-07-08 21:42 - 2014-07-08 21:42 - 00000000 ____D () C:\Program Files\{BF383C42-B9F2-4E89-87A9-5CCF49AD4CD8}
2014-07-08 21:42 - 2014-07-08 21:42 - 00000000 ____D () C:\Program Files (x86)\{48C67497-55E6-47C2-9669-A39128A58E17}
2014-07-08 21:28 - 2014-07-08 21:28 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214 (3).exe
2014-07-08 20:54 - 2014-07-08 20:54 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214 (2).exe
2014-07-08 20:54 - 2014-07-08 20:54 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214 (1).exe
2014-07-08 20:42 - 2014-07-08 20:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Johannes\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager [1].exe
2014-07-08 20:42 - 2014-07-08 20:42 - 00788832 _____ ( ) C:\Users\Johannes\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager.exe
2014-07-03 23:48 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-07-03 23:06 - 2014-07-08 20:51 - 00000000 ____D () C:\Users\Johannes\AppData\Local\Network_Me_07032106
2014-07-03 23:06 - 2014-07-03 23:06 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-03 23:05 - 2014-07-03 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader
2014-06-29 21:04 - 2014-06-29 21:09 - 00000000 ____D () C:\Users\Johannes\Desktop\Urlaub Fritz
2014-06-29 20:18 - 2014-07-11 17:50 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-06-29 20:18 - 2014-07-08 20:50 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-06-29 20:18 - 2014-06-29 20:18 - 00000000 ____D () C:\Users\Johannes\AppData\Local\Macromedia
2014-06-28 15:13 - 2014-06-28 15:13 - 00000000 ____D () C:\Users\Johannes\AppData\Local\Mozilla
2014-06-28 15:13 - 2014-06-28 15:13 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-19 15:11 - 2014-06-26 22:55 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-19 15:11 - 2014-06-26 22:55 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-11 19:14 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-11 19:14 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 19:14 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-11 19:14 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-11 19:14 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 19:14 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 19:14 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 19:14 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 19:14 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 19:14 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 19:14 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 19:14 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 19:14 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 19:14 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 19:14 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 19:14 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 19:13 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-11 19:13 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-11 19:13 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-11 19:13 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 19:13 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-11 19:13 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-11 19:13 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-11 19:13 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-11 19:13 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-11 19:13 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-11 19:13 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-11 19:13 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-11 19:13 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-11 19:13 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-11 19:13 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-11 19:13 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-11 19:13 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-11 19:13 - 2014-04-11 08:13 - 01200128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-06-11 19:13 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-11 19:13 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-11 19:13 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-11 19:13 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-11 19:13 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-11 19:13 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-11 19:13 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-11 19:13 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-11 19:13 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-11 19:13 - 2014-04-06 18:34 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-11 19:13 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-11 19:13 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-11 19:13 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-11 19:13 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-11 19:13 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-11 19:13 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-11 19:13 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-11 19:13 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-11 19:13 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-11 19:13 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-11 19:13 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-11 19:13 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-11 19:13 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-11 19:13 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-11 19:13 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-11 19:13 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-11 19:13 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-11 19:13 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-11 19:13 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-11 19:13 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-11 19:13 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-11 19:13 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-11 19:13 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-11 19:13 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-11 19:13 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-11 19:13 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-11 19:13 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-11 19:13 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-11 19:13 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-11 19:13 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-11 19:13 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-11 19:13 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-11 19:13 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-11 19:13 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-11 19:13 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-11 19:13 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-11 19:13 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-11 19:13 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-11 19:13 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-11 19:13 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-11 19:13 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-11 19:13 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-11 19:13 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-11 19:13 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-11 19:13 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-11 19:13 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-11 19:13 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-11 19:13 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-11 19:13 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-11 19:13 - 2014-04-01 08:23 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-11 19:13 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-11 19:13 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-11 19:13 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-11 19:13 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-11 19:13 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-11 19:13 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-11 19:13 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-11 19:13 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-11 19:13 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-11 19:13 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-11 19:13 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-11 19:13 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-11 19:13 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-11 19:13 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-11 19:13 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-11 19:13 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-11 19:13 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-11 19:13 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-11 19:13 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-11 19:13 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-11 19:13 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-11 19:13 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-11 19:13 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-11 19:13 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-11 19:13 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-11 19:13 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-11 19:13 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-11 19:13 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-11 19:13 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-11 19:13 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-11 19:13 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-11 19:13 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-11 19:13 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-11 19:13 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-11 19:13 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-11 19:13 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-11 19:13 - 2014-03-18 10:19 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-11 19:13 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-11 19:13 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-11 19:13 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-11 19:13 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-11 19:13 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-11 19:13 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-11 19:13 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-11 19:13 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-11 19:13 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-11 19:13 - 2014-03-06 14:42 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-11 19:12 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-11 19:12 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-11 19:12 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-11 19:12 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-11 19:12 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-11 19:12 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-11 19:12 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 19:12 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-11 19:12 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-11 19:12 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-11 19:12 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-11 19:12 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-11 19:11 - 2014-06-11 19:11 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
==================== One Month Modified Files and Folders =======
2014-07-11 18:34 - 2014-07-10 18:26 - 00000000 ____D () C:\FRST
2014-07-11 18:31 - 2014-07-11 18:31 - 02084864 _____ (Farbar) C:\Users\Johannes\Downloads\FRST64.exe
2014-07-11 18:26 - 2014-01-08 14:20 - 00003592 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-579152262-525530005-515234496-1002
2014-07-11 18:23 - 2014-07-11 18:23 - 00000620 _____ () C:\Users\Johannes\Desktop\JRT.txt
2014-07-11 18:19 - 2014-07-11 18:19 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-11 18:18 - 2014-01-16 22:41 - 00000000 __RDO () C:\Users\Johannes\SkyDrive
2014-07-11 18:16 - 2014-07-10 18:19 - 00044814 _____ () C:\WINDOWS\PFRO.log
2014-07-11 18:16 - 2014-03-09 20:26 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-11 18:16 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-11 18:16 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-11 18:15 - 2014-01-28 23:00 - 00000000 ____D () C:\AdwCleaner
2014-07-11 18:14 - 2014-07-09 21:13 - 00283654 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-11 18:11 - 2014-07-11 18:11 - 00031146 _____ () C:\Users\Johannes\Desktop\mbam.txt
2014-07-11 18:10 - 2014-07-11 17:26 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-11 18:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-11 17:58 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-07-11 17:50 - 2014-06-29 20:18 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-11 17:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PLA
2014-07-11 17:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-11 17:26 - 2014-07-11 17:26 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-11 17:26 - 2014-07-11 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-11 17:26 - 2014-07-11 17:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-11 17:09 - 2014-07-11 17:09 - 00001280 _____ () C:\Users\Johannes\Desktop\Revo Uninstaller.lnk
2014-07-11 17:09 - 2014-07-11 17:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-11 17:09 - 2014-07-11 17:08 - 00000003 _____ () C:\Users\Johannes\AppData\Local\proxy.log
2014-07-11 17:08 - 2014-07-11 17:08 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Johannes\Desktop\revosetup.exe
2014-07-11 17:08 - 2014-07-11 17:08 - 00003132 _____ () C:\WINDOWS\System32\Tasks\System Speedup
2014-07-10 18:19 - 2013-08-22 16:44 - 00360464 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-09 23:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-09 23:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 23:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 23:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-09 23:08 - 2013-11-14 09:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-09 23:08 - 2013-11-14 09:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-09 23:08 - 2013-11-14 09:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-09 23:02 - 2014-07-09 23:02 - 00000187 _____ () C:\WINDOWS\setupact.log
2014-07-09 23:02 - 2014-07-09 23:02 - 00000178 _____ () C:\WINDOWS\setuperr.log
2014-07-09 23:02 - 2014-01-08 16:30 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-09 23:02 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-09 23:01 - 2014-01-08 16:30 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-09 23:01 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-09 23:00 - 2013-11-14 09:13 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 22:59 - 2014-07-09 22:59 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 21:14 - 2014-07-09 21:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-09 21:14 - 2014-01-08 19:13 - 01048576 ___SH () C:\Users\Johannes\Desktop\Thumbs.db
2014-07-09 00:35 - 2014-01-28 23:00 - 00000000 ____D () C:\Users\Johannes\AppData\Roaming\Mozilla
2014-07-09 00:34 - 2014-01-08 14:21 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-09 00:22 - 2014-07-09 00:22 - 00000000 ____D () C:\Users\Johannes\AppData\Roaming\ProductData
2014-07-09 00:22 - 2014-07-09 00:21 - 00000000 ____D () C:\ProgramData\ProductData
2014-07-09 00:22 - 2014-07-09 00:21 - 00000000 ____D () C:\ProgramData\IObit
2014-07-09 00:21 - 2014-07-09 00:21 - 12906784 _____ (IObit) C:\Users\Johannes\Downloads\iobituninstaller_3.3.8.exe
2014-07-09 00:21 - 2014-07-09 00:21 - 00000000 ____D () C:\Users\Johannes\AppData\Roaming\IObit
2014-07-09 00:21 - 2014-07-09 00:21 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-07-08 21:54 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-08 21:42 - 2014-07-08 21:42 - 00000000 ____D () C:\Program Files\{BF383C42-B9F2-4E89-87A9-5CCF49AD4CD8}
2014-07-08 21:42 - 2014-07-08 21:42 - 00000000 ____D () C:\Program Files (x86)\{48C67497-55E6-47C2-9669-A39128A58E17}
2014-07-08 21:42 - 2014-03-29 13:18 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-08 21:28 - 2014-07-08 21:28 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214 (3).exe
2014-07-08 20:54 - 2014-07-08 20:54 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214 (2).exe
2014-07-08 20:54 - 2014-07-08 20:54 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214 (1).exe
2014-07-08 20:51 - 2014-07-03 23:06 - 00000000 ____D () C:\Users\Johannes\AppData\Local\Network_Me_07032106
2014-07-08 20:50 - 2014-06-29 20:18 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-08 20:43 - 2014-01-28 22:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-08 20:42 - 2014-07-08 20:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Johannes\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager [1].exe
2014-07-08 20:42 - 2014-07-08 20:42 - 00788832 _____ ( ) C:\Users\Johannes\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-03 23:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-07-03 23:05 - 2014-07-03 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader
2014-07-02 23:24 - 2014-01-16 18:52 - 00000519 _____ () C:\Users\Johannes\AppData\Roaming\burnaware.ini
2014-07-01 00:45 - 2014-07-09 21:19 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-06-29 21:09 - 2014-06-29 21:04 - 00000000 ____D () C:\Users\Johannes\Desktop\Urlaub Fritz
2014-06-29 20:18 - 2014-06-29 20:18 - 00000000 ____D () C:\Users\Johannes\AppData\Local\Macromedia
2014-06-28 16:03 - 2014-01-08 18:24 - 00135168 ___SH () C:\Users\Johannes\Downloads\Thumbs.db
2014-06-28 15:13 - 2014-06-28 15:13 - 00000000 ____D () C:\Users\Johannes\AppData\Local\Mozilla
2014-06-28 15:13 - 2014-06-28 15:13 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-28 09:48 - 2014-07-09 21:19 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-28 09:07 - 2014-07-09 21:19 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-06-26 22:55 - 2014-06-19 15:11 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:55 - 2014-06-19 15:11 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-19 03:39 - 2014-07-09 21:20 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-19 02:48 - 2014-07-09 21:20 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-19 02:16 - 2014-07-09 21:20 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-19 02:09 - 2014-07-09 21:20 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-19 01:51 - 2014-07-09 21:20 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-09 21:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-09 21:20 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-19 01:46 - 2014-07-09 21:20 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-06-19 01:39 - 2014-07-09 21:20 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-19 01:33 - 2014-07-09 21:20 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-09 21:20 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-19 01:27 - 2014-07-09 21:20 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-19 01:12 - 2014-07-09 21:20 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-19 00:59 - 2014-07-09 21:20 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-09 21:20 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-19 00:58 - 2014-07-09 21:20 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-19 00:57 - 2014-07-09 21:20 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-06-19 00:52 - 2014-07-09 21:20 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-09 21:20 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-09 21:20 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-19 00:45 - 2014-07-09 21:20 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-09 21:20 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-09 21:20 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-09 21:20 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-09 21:20 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-09 21:20 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-09 21:20 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-18 20:20 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-18 20:20 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-17 00:26 - 2014-07-09 21:21 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-06-17 00:24 - 2014-07-09 21:21 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-06-11 19:11 - 2014-06-11 19:11 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
Some content of TEMP:
====================
C:\Users\Johannes\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-01 21:12
==================== End Of Log ============================
--- --- --- |
|
12.07.2014, 17:46
| #6 |
| /// the machine /// TB-Ausbilder | Download ProtectESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ --> Download Protect |
|
12.07.2014, 19:39
| #7 |
| | Download Protect Eset log Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=ec4b3dd0faa25e4195dacd64ccf16ebe
# engine=19145
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=false
# utc_time=2014-07-12 06:30:19
# local_time=2014-07-12 08:30:19 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777213 100 100 92395 36664241 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4247360 13516140 0 0
# scanned=174230
# found=49
# cleaned=0
# scan_time=3373
sh=91BD9A2ACE6C1F533B1EDAD826E6A7B4C42F1CC6 ft=1 fh=e0d7a37d1750a170 vn="Win32/SpeedingUpMyPC.O Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptimizerPro.exe.vir"
sh=20F9DBD232E70710AAAE5A8FD435B8077B31FC6A ft=1 fh=d4bef803184a6ed6 vn="Variante von Win32/SProtector.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProCrash.dll.vir"
sh=1375A8FFF1D262AD65AB09311A91AA9B96E83049 ft=1 fh=72898e0453db9d6a vn="Variante von Win32/SProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProCrashSvc.dll.vir"
sh=9F8E488CB68193DABA2E820964EB6BB5B0053BA0 ft=1 fh=5c179f4fc04177a8 vn="Variante von Win64/SProtector.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProCrash_x64.dll.vir"
sh=D9E274574C12779E2062951ED8D4BA4DA71E23D6 ft=1 fh=49cbf485b8b83c97 vn="Variante von Win32/AdWare.SpeedingUpMyPC.D Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProLauncher.exe.vir"
sh=47E4A554E0D12E4C5D65B45CB1CEFF5997389824 ft=1 fh=bc56293ed5818e2e vn="Variante von Win32/Adware.SpeedingUpMyPC.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProSmartScan.exe.vir"
sh=10903598F769E2AC5F1E2372E90F6722A3A860B7 ft=1 fh=89560075533c3d40 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir"
sh=88482528CE4F67A1004B50BA93282CEACCEDE534 ft=1 fh=e40b702402e604d5 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\psmachine.dll.vir"
sh=FABF99D84DAE1B16B0BDBA7003ACA991AE40DB47 ft=1 fh=2aca0aed277d57d6 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLive.exe.vir"
sh=70D49B9ABA391E6976DAB5C4BEA63733459B3F1C ft=1 fh=0b76a05977e7722a vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveBroker.exe.vir"
sh=FABF99D84DAE1B16B0BDBA7003ACA991AE40DB47 ft=1 fh=2aca0aed277d57d6 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHandler.exe.vir"
sh=F09B9B9B1D16D1539D23CC6ACDE0DC7BC983DF59 ft=1 fh=2dbadf99ca2df2d7 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveOnDemand.exe.vir"
sh=FABF99D84DAE1B16B0BDBA7003ACA991AE40DB47 ft=1 fh=2aca0aed277d57d6 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe.vir"
sh=2BAE275502BB9E38A765AA4B54C0558EEEC5A012 ft=1 fh=495be46644247fc7 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\CltMngSvc.exe.vir"
sh=C8F8049916B0E5C1953670DB20F04E87791681F2 ft=1 fh=5f5f86e71335fd15 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\SPTool.dll.vir"
sh=2481024FCCC6413F0F160C5D9376DD41FC911103 ft=1 fh=7bf0b42b611d1c72 vn="Win32/Conduit.SearchProtect.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\uninstall.exe.vir"
sh=93C43988BD2D3764C8D6C3DB5C18E871FB168558 ft=1 fh=b57e58b978f33462 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\cltmng.exe.vir"
sh=8F9E4C025E1658C4C21F4C7144FF52C026CBC7C1 ft=1 fh=ce792d954eaea4a5 vn="Variante von Win64/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPTool64.exe.vir"
sh=C17AB59BC38CE88B19C980C8B96CD9A4E115B0D5 ft=1 fh=f24dc374a6f559f2 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC32.dll.vir"
sh=2C01404FAF356585FF3C6DDAB3F636D535FE6996 ft=1 fh=74dc62d260d6be11 vn="Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC32Loader.dll.vir"
sh=A9E8001B13EF4359084CBE5CB293B5BC6ABBA5E5 ft=1 fh=c63082020c9fe963 vn="Variante von Win64/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC64.dll.vir"
sh=ABCB625E0BD3411C63048D9E0A6F53887E4C928B ft=1 fh=3f55fc963c003215 vn="Variante von Win64/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC64Loader.dll.vir"
sh=00EC6A90D84C0B61047841A07C6B5FCA122A02D9 ft=1 fh=3e5880db23bb1c4b vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\UI\bin\cltmngui.exe.vir"
sh=63A43D95149B189141788E7C493DDCF07110145A ft=1 fh=60457eaec91070ea vn="Variante von Win32/ELEX.AD evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir"
sh=189FC4DEFBF3AF52775F7A922789A0CA6A8FF6F8 ft=1 fh=4ed2a41f68ba7620 vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir"
sh=2CC5034CD4E4484E92AB6394953E946EF0C1F512 ft=1 fh=d9e83627e125fcdc vn="Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TowerTilt\updateTowerTilt.exe.vir"
sh=6A6306759D43398B2503CDC5AA416E285906B6FF ft=1 fh=bf2584f58f554c8f vn="Win32/ExpressDownloader.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YourFileDownloader\Downloader.exe.vir"
sh=C7FA366408C48B5121183C4058B3D8A41B158EE0 ft=1 fh=5797ae5e5194ec49 vn="Variante von Win32/ExpressDownloader.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YourFileDownloader\uninstall.exe.vir"
sh=946C6D775385138168AC1E9A7CD0D92E68292313 ft=1 fh=6d1c50d5739df3f8 vn="Win32/ExpressDownloader.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YourFileDownloader\YourFile.exe.vir"
sh=C7FA366408C48B5121183C4058B3D8A41B158EE0 ft=1 fh=5797ae5e5194ec49 vn="Variante von Win32/ExpressDownloader.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YourFileDownloader Updater\uninstall.exe.vir"
sh=E08768927A8308883FC868F4845012E17922812E ft=1 fh=b69fe3e5f4e8b00c vn="Variante von Win32/YourFileDownloader.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YourFileDownloader Updater\YourFileUpdater.exe.vir"
sh=11BB5507EA85E83C701D894E9AD232BC4664B8EC ft=1 fh=8016be30ba3f295f vn="Variante von Win32/Toolbar.WebApp.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe.vir"
sh=11BB5507EA85E83C701D894E9AD232BC4664B8EC ft=1 fh=8016be30ba3f295f vn="Variante von Win32/Toolbar.WebApp.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe.vir"
sh=11BB5507EA85E83C701D894E9AD232BC4664B8EC ft=1 fh=8016be30ba3f295f vn="Variante von Win32/Toolbar.WebApp.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\RHelpers\IeHelper\IeHelper.exe.vir"
sh=1AB5FE7F5654ECBB42397AE222C0B8159081D6C6 ft=1 fh=2b551abc4ed949a7 vn="Mehrere Bedrohungen" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Updater\Uninstall.exe.vir"
sh=597FD69D09837164DE65A8D32830903B4A7859DA ft=1 fh=157aa677538784ce vn="Variante von Win32/Toolbar.WebApp.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Updater\updater.exe.vir"
sh=BACADE5603A6B6124DAC4F95C23701D820861DDC ft=1 fh=c71c0011b4f86534 vn="Variante von Win32/ELEX.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir"
sh=882681090DD5A8A870CE9C88E50FF27CC3B87329 ft=1 fh=015b93fe230fa0e5 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Johannes\AppData\Local\SaveSense\SaveSenseIE.dll.vir"
sh=E465456F417ACF3A43FE496EA3E186E6B1FBE7C4 ft=1 fh=295bbdbd63d089cd vn="Variante von Win32/DealPly.M evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Johannes\AppData\Local\SaveSense\SaveSenseUpdateVer.exe.vir"
sh=E465456F417ACF3A43FE496EA3E186E6B1FBE7C4 ft=1 fh=295bbdbd63d089cd vn="Variante von Win32/DealPly.M evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Johannes\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe.vir"
sh=C0093C80E56E3D0954B9C6F3A10745A7210A8B40 ft=1 fh=7c704831bda2a0ea vn="Variante von Win32/DealPly.S evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Johannes\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe.vir"
sh=4F7293AF2B37CFAE153D96FDDB2011638A26BD00 ft=1 fh=0c867f66d5bc5174 vn="Win32/VOPackage.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Johannes\AppData\Roaming\VOPackage\runasu.exe.vir"
sh=1D43CA41BC64FAFC2E8F96644419643E77893798 ft=1 fh=6d4eeea321572fc7 vn="Win32/VOPackage.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Johannes\AppData\Roaming\VOPackage\Uninstall.exe.vir"
sh=74316024EDAF556229FBD0AB140FA05EBCE905B4 ft=1 fh=045917cd767e4856 vn="Win32/VOPackage.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Johannes\AppData\Roaming\VOPackage\VOPackage.exe.vir"
sh=626809EC6F28169BB3A2876A6944FE433586E0CC ft=1 fh=078a23a5d196d9ad vn="Variante von Win32/VOPackage.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Johannes\AppData\Roaming\VOPackage\VOsrv.exe.vir"
sh=D3D3B33A4CA0F7EC6B8B857597E4459FE7CDCD2C ft=1 fh=b7a61c36fea06732 vn="Win32/Reporter.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Johannes\AppData\Local\Temp\n2011\RegClean_0307-7366cb4a.exe"
sh=AF0BEED65DCD47213DDBCDCF4DE5165E8061DAA0 ft=1 fh=9e48023e30356ac0 vn="Variante von Win32/AdWare.SmartApps.D Anwendung" ac=I fn="C:\Users\Johannes\AppData\Local\Temp\n2011\SafetySearch_2606-d82f5459.exe"
sh=46CE09377E4D58C558F8A97A2D805104682C4A26 ft=1 fh=e590c71e282e2c20 vn="Win32/Reporter.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Johannes\AppData\Local\Temp\n2011\systemsspeedup_0307-cd6becd7.exe"
sh=E7440B6194DC612210B767CC1DB8E6AF2A427BB5 ft=1 fh=26d5397525bf9d00 vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Johannes\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.85
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 55
Java version out of Date!
Adobe Flash Player 14.0.0.145
````````Process Check: objlist.exe by Laurent````````
Kaspersky Lab Kaspersky Internet Security 14.0.0 avp.exe
Kaspersky Lab Kaspersky Internet Security 14.0.0 avpui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by Jo Lehrmann (administrator) on JOLEHRMANN on 12-07-2014 20:38:24
Running from C:\Users\Johannes\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
() C:\Windows\System32\profextd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
() C:\Users\Johannes\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-05-22] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-579152262-525530005-515234496-1001\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-579152262-525530005-515234496-1002\...\MountPoints2: {8eac516a-d9f9-11e3-be9e-3c77e65d0496} - "E:\HTC_Sync_Manager_PC.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {99789B29-C252-4374-B501-76174D17EB5F} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {99789B29-C252-4374-B501-76174D17EB5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {99789B29-C252-4374-B501-76174D17EB5F} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKCU - {99789B29-C252-4374-B501-76174D17EB5F} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: DownloadProtect Extension - {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} - C:\Program Files\{BF383C42-B9F2-4E89-87A9-5CCF49AD4CD8}\{5A40C85E-65CD-49BD-8F21-3D2152009E4F}.bin (Download Protect)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-03-09]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-03-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-03-09]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-03-09]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-03-09]
FF HKLM-x32\...\Firefox\Extensions: [{E2B2D0E7-6FA3-4056-99B9-B77244F90DFC}] - C:\WINDOWS\Installer\{68C802A5-2967-4E5B-9754-F2B8DBAB1106}\{E2B2D0E7-6FA3-4056-99B9-B77244F90DFC}.xpi
FF Extension: Download Protect - C:\WINDOWS\Installer\{68C802A5-2967-4E5B-9754-F2B8DBAB1106}\{E2B2D0E7-6FA3-4056-99B9-B77244F90DFC}.xpi [2014-05-24]
FF HKLM-x32\...\Firefox\Extensions: [{038F7C2F-4F03-48D5-9366-646F0CF3D5F8}] - C:\WINDOWS\Installer\{7DE888E3-FAC8-44B9-94AB-F17534D57E03}\{038F7C2F-4F03-48D5-9366-646F0CF3D5F8}.xpi
FF Extension: Download Protect - C:\WINDOWS\Installer\{7DE888E3-FAC8-44B9-94AB-F17534D57E03}\{038F7C2F-4F03-48D5-9366-646F0CF3D5F8}.xpi [2014-07-08]
Chrome:
=======
CHR HomePage: hxxp://www.google.de?hl=de&gl=de
CHR Extension: (Google Docs) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-08]
CHR Extension: (Google Drive) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-08]
CHR Extension: (YouTube) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-08]
CHR Extension: (Google-Suche) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-08]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-03-09]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-05-30]
CHR Extension: (Download Protect) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkebkimdfeodjmpogjbjbjdniiglimc [2014-07-08]
CHR Extension: (Virtual Keyboard) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-03-09]
CHR Extension: (Google Wallet) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-08]
CHR Extension: (Google Mail) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-08]
CHR Extension: (Anti-Banner) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-03-09]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
R2 cscriptd; C:\Windows\system32\profextd.exe [118784 2014-01-09] () [File not signed]
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-04-30] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-17] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2014-07-09] (IObit)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-06-17] (Acer Incorporate)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-03-09] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-03-09] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-03-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-03-09] (Kaspersky Lab ZAO)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-12 20:38 - 2014-07-12 20:38 - 02084864 _____ (Farbar) C:\Users\Johannes\Desktop\FRST64.exe
2014-07-12 20:38 - 2014-07-12 20:38 - 00019589 _____ () C:\Users\Johannes\Desktop\FRST.txt
2014-07-12 20:35 - 2014-07-12 20:35 - 00854390 _____ () C:\Users\Johannes\Desktop\SecurityCheck.exe
2014-07-11 19:02 - 2014-07-11 19:02 - 00000620 _____ () C:\Users\Johannes\Desktop\JRT.txt
2014-07-11 18:58 - 2014-07-11 18:58 - 01016261 _____ (Thisisu) C:\Users\Johannes\Downloads\JRT.exe
2014-07-11 18:31 - 2014-07-11 18:31 - 02084864 _____ (Farbar) C:\Users\Johannes\Downloads\FRST64.exe
2014-07-11 18:19 - 2014-07-11 18:19 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-11 18:11 - 2014-07-11 18:11 - 00031146 _____ () C:\Users\Johannes\Desktop\mbam.txt
2014-07-11 17:26 - 2014-07-11 18:10 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-11 17:26 - 2014-07-11 17:26 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-11 17:26 - 2014-07-11 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-11 17:26 - 2014-07-11 17:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-11 17:26 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-11 17:26 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-11 17:26 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-11 17:09 - 2014-07-11 17:09 - 00001280 _____ () C:\Users\Johannes\Desktop\Revo Uninstaller.lnk
2014-07-11 17:09 - 2014-07-11 17:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-11 17:08 - 2014-07-11 17:09 - 00000003 _____ () C:\Users\Johannes\AppData\Local\proxy.log
2014-07-11 17:08 - 2014-07-11 17:08 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Johannes\Desktop\revosetup.exe
2014-07-11 17:08 - 2014-07-11 17:08 - 00003132 _____ () C:\WINDOWS\System32\Tasks\System Speedup
2014-07-10 18:26 - 2014-07-12 20:38 - 00000000 ____D () C:\FRST
2014-07-10 18:19 - 2014-07-11 18:50 - 00045124 _____ () C:\WINDOWS\PFRO.log
2014-07-09 23:02 - 2014-07-09 23:02 - 00000187 _____ () C:\WINDOWS\setupact.log
2014-07-09 23:02 - 2014-07-09 23:02 - 00000178 _____ () C:\WINDOWS\setuperr.log
2014-07-09 23:00 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-09 22:59 - 2014-07-09 22:59 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 21:21 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-09 21:21 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-09 21:21 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-09 21:21 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-09 21:21 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-09 21:21 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-09 21:21 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-09 21:21 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-09 21:21 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-09 21:21 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-09 21:20 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-09 21:20 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-09 21:20 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-09 21:20 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-09 21:20 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-09 21:20 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-09 21:20 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-09 21:20 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-09 21:20 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-09 21:20 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-09 21:20 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-09 21:20 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-09 21:20 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-09 21:20 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-09 21:20 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-09 21:20 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-09 21:20 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-09 21:20 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-09 21:20 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-09 21:20 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-09 21:20 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-09 21:20 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-09 21:20 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-09 21:20 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-09 21:20 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-09 21:20 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-09 21:20 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-09 21:19 - 2014-07-01 00:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-09 21:19 - 2014-06-28 09:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-09 21:19 - 2014-06-28 09:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-09 21:19 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-09 21:19 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-09 21:19 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-09 21:19 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-09 21:19 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-09 21:19 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-09 21:19 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 21:19 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-09 21:19 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-09 21:19 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 21:19 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-09 21:19 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-09 21:19 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-09 21:19 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-09 21:19 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-09 21:19 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-09 21:19 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-09 21:14 - 2014-07-09 21:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-09 21:13 - 2014-07-12 17:04 - 00320426 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-09 00:22 - 2014-07-09 00:22 - 00000000 ____D () C:\Users\Johannes\AppData\Roaming\ProductData
2014-07-09 00:21 - 2014-07-09 00:22 - 00000000 ____D () C:\ProgramData\ProductData
2014-07-09 00:21 - 2014-07-09 00:22 - 00000000 ____D () C:\ProgramData\IObit
2014-07-09 00:21 - 2014-07-09 00:21 - 12906784 _____ (IObit) C:\Users\Johannes\Downloads\iobituninstaller_3.3.8.exe
2014-07-09 00:21 - 2014-07-09 00:21 - 00000000 ____D () C:\Users\Johannes\AppData\Roaming\IObit
2014-07-09 00:21 - 2014-07-09 00:21 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-07-08 21:42 - 2014-07-08 21:42 - 00000000 ____D () C:\Program Files\{BF383C42-B9F2-4E89-87A9-5CCF49AD4CD8}
2014-07-08 21:42 - 2014-07-08 21:42 - 00000000 ____D () C:\Program Files (x86)\{48C67497-55E6-47C2-9669-A39128A58E17}
2014-07-08 21:28 - 2014-07-08 21:28 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214 (3).exe
2014-07-08 20:54 - 2014-07-08 20:54 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214 (2).exe
2014-07-08 20:54 - 2014-07-08 20:54 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214 (1).exe
2014-07-08 20:42 - 2014-07-08 20:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Johannes\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager [1].exe
2014-07-08 20:42 - 2014-07-08 20:42 - 00788832 _____ ( ) C:\Users\Johannes\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager.exe
2014-07-03 23:48 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-07-03 23:06 - 2014-07-08 20:51 - 00000000 ____D () C:\Users\Johannes\AppData\Local\Network_Me_07032106
2014-07-03 23:06 - 2014-07-03 23:06 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-03 23:05 - 2014-07-03 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader
2014-06-29 21:04 - 2014-06-29 21:09 - 00000000 ____D () C:\Users\Johannes\Desktop\Urlaub Fritz
2014-06-29 20:18 - 2014-07-12 19:50 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-06-29 20:18 - 2014-07-08 20:50 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-06-29 20:18 - 2014-06-29 20:18 - 00000000 ____D () C:\Users\Johannes\AppData\Local\Macromedia
2014-06-28 15:13 - 2014-06-28 15:13 - 00000000 ____D () C:\Users\Johannes\AppData\Local\Mozilla
2014-06-28 15:13 - 2014-06-28 15:13 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-19 15:11 - 2014-06-26 22:55 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-19 15:11 - 2014-06-26 22:55 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== One Month Modified Files and Folders =======
2014-07-12 20:38 - 2014-07-12 20:38 - 02084864 _____ (Farbar) C:\Users\Johannes\Desktop\FRST64.exe
2014-07-12 20:38 - 2014-07-12 20:38 - 00019589 _____ () C:\Users\Johannes\Desktop\FRST.txt
2014-07-12 20:38 - 2014-07-10 18:26 - 00000000 ____D () C:\FRST
2014-07-12 20:35 - 2014-07-12 20:35 - 00854390 _____ () C:\Users\Johannes\Desktop\SecurityCheck.exe
2014-07-12 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-12 19:50 - 2014-06-29 20:18 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-12 19:36 - 2014-03-09 20:26 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-12 19:26 - 2013-11-14 09:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-12 19:26 - 2013-11-14 09:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-12 19:26 - 2013-11-14 09:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-12 17:04 - 2014-07-09 21:13 - 00320426 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-12 16:44 - 2014-01-16 22:41 - 00000000 __RDO () C:\Users\Johannes\SkyDrive
2014-07-11 20:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-11 19:08 - 2014-01-08 14:20 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-579152262-525530005-515234496-1002
2014-07-11 19:02 - 2014-07-11 19:02 - 00000620 _____ () C:\Users\Johannes\Desktop\JRT.txt
2014-07-11 18:58 - 2014-07-11 18:58 - 01016261 _____ (Thisisu) C:\Users\Johannes\Downloads\JRT.exe
2014-07-11 18:50 - 2014-07-10 18:19 - 00045124 _____ () C:\WINDOWS\PFRO.log
2014-07-11 18:50 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-11 18:46 - 2014-01-28 23:00 - 00000000 ____D () C:\AdwCleaner
2014-07-11 18:31 - 2014-07-11 18:31 - 02084864 _____ (Farbar) C:\Users\Johannes\Downloads\FRST64.exe
2014-07-11 18:19 - 2014-07-11 18:19 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-11 18:16 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-11 18:11 - 2014-07-11 18:11 - 00031146 _____ () C:\Users\Johannes\Desktop\mbam.txt
2014-07-11 18:10 - 2014-07-11 17:26 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-11 17:58 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-07-11 17:47 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PLA
2014-07-11 17:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-11 17:26 - 2014-07-11 17:26 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-11 17:26 - 2014-07-11 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-11 17:26 - 2014-07-11 17:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-11 17:09 - 2014-07-11 17:09 - 00001280 _____ () C:\Users\Johannes\Desktop\Revo Uninstaller.lnk
2014-07-11 17:09 - 2014-07-11 17:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-11 17:09 - 2014-07-11 17:08 - 00000003 _____ () C:\Users\Johannes\AppData\Local\proxy.log
2014-07-11 17:08 - 2014-07-11 17:08 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Johannes\Desktop\revosetup.exe
2014-07-11 17:08 - 2014-07-11 17:08 - 00003132 _____ () C:\WINDOWS\System32\Tasks\System Speedup
2014-07-10 18:19 - 2013-08-22 16:44 - 00360464 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-09 23:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-09 23:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 23:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 23:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-09 23:02 - 2014-07-09 23:02 - 00000187 _____ () C:\WINDOWS\setupact.log
2014-07-09 23:02 - 2014-07-09 23:02 - 00000178 _____ () C:\WINDOWS\setuperr.log
2014-07-09 23:02 - 2014-01-08 16:30 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-09 23:02 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-09 23:01 - 2014-01-08 16:30 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-09 23:01 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-09 23:00 - 2013-11-14 09:13 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 22:59 - 2014-07-09 22:59 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 21:14 - 2014-07-09 21:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-09 21:14 - 2014-01-08 19:13 - 01048576 ___SH () C:\Users\Johannes\Desktop\Thumbs.db
2014-07-09 00:35 - 2014-01-28 23:00 - 00000000 ____D () C:\Users\Johannes\AppData\Roaming\Mozilla
2014-07-09 00:34 - 2014-01-08 14:21 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-09 00:22 - 2014-07-09 00:22 - 00000000 ____D () C:\Users\Johannes\AppData\Roaming\ProductData
2014-07-09 00:22 - 2014-07-09 00:21 - 00000000 ____D () C:\ProgramData\ProductData
2014-07-09 00:22 - 2014-07-09 00:21 - 00000000 ____D () C:\ProgramData\IObit
2014-07-09 00:21 - 2014-07-09 00:21 - 12906784 _____ (IObit) C:\Users\Johannes\Downloads\iobituninstaller_3.3.8.exe
2014-07-09 00:21 - 2014-07-09 00:21 - 00000000 ____D () C:\Users\Johannes\AppData\Roaming\IObit
2014-07-09 00:21 - 2014-07-09 00:21 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-07-08 21:42 - 2014-07-08 21:42 - 00000000 ____D () C:\Program Files\{BF383C42-B9F2-4E89-87A9-5CCF49AD4CD8}
2014-07-08 21:42 - 2014-07-08 21:42 - 00000000 ____D () C:\Program Files (x86)\{48C67497-55E6-47C2-9669-A39128A58E17}
2014-07-08 21:42 - 2014-03-29 13:18 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-08 21:28 - 2014-07-08 21:28 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214 (3).exe
2014-07-08 20:54 - 2014-07-08 20:54 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214 (2).exe
2014-07-08 20:54 - 2014-07-08 20:54 - 01346519 _____ () C:\Users\Johannes\Downloads\adwcleaner_3.214 (1).exe
2014-07-08 20:51 - 2014-07-03 23:06 - 00000000 ____D () C:\Users\Johannes\AppData\Local\Network_Me_07032106
2014-07-08 20:50 - 2014-06-29 20:18 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-08 20:43 - 2014-01-28 22:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-08 20:42 - 2014-07-08 20:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Johannes\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager [1].exe
2014-07-08 20:42 - 2014-07-08 20:42 - 00788832 _____ ( ) C:\Users\Johannes\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-03 23:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-07-03 23:05 - 2014-07-03 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader
2014-07-02 23:24 - 2014-01-16 18:52 - 00000519 _____ () C:\Users\Johannes\AppData\Roaming\burnaware.ini
2014-07-01 00:45 - 2014-07-09 21:19 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-06-29 21:09 - 2014-06-29 21:04 - 00000000 ____D () C:\Users\Johannes\Desktop\Urlaub Fritz
2014-06-29 20:18 - 2014-06-29 20:18 - 00000000 ____D () C:\Users\Johannes\AppData\Local\Macromedia
2014-06-28 16:03 - 2014-01-08 18:24 - 00135168 ___SH () C:\Users\Johannes\Downloads\Thumbs.db
2014-06-28 15:13 - 2014-06-28 15:13 - 00000000 ____D () C:\Users\Johannes\AppData\Local\Mozilla
2014-06-28 15:13 - 2014-06-28 15:13 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-28 09:48 - 2014-07-09 21:19 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-28 09:07 - 2014-07-09 21:19 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-06-26 22:55 - 2014-06-19 15:11 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:55 - 2014-06-19 15:11 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-19 03:39 - 2014-07-09 21:20 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-19 02:48 - 2014-07-09 21:20 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-19 02:16 - 2014-07-09 21:20 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-19 02:09 - 2014-07-09 21:20 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-19 01:51 - 2014-07-09 21:20 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-09 21:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-09 21:20 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-19 01:46 - 2014-07-09 21:20 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-06-19 01:39 - 2014-07-09 21:20 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-19 01:33 - 2014-07-09 21:20 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-09 21:20 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-19 01:27 - 2014-07-09 21:20 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-19 01:12 - 2014-07-09 21:20 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-19 00:59 - 2014-07-09 21:20 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-09 21:20 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-19 00:58 - 2014-07-09 21:20 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-19 00:57 - 2014-07-09 21:20 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-06-19 00:52 - 2014-07-09 21:20 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-09 21:20 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-09 21:20 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-19 00:45 - 2014-07-09 21:20 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-09 21:20 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-09 21:20 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-09 21:20 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-09 21:20 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-09 21:20 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-09 21:20 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-18 20:20 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-18 20:20 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-17 00:26 - 2014-07-09 21:21 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-06-17 00:24 - 2014-07-09 21:21 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
Some content of TEMP:
====================
C:\Users\Johannes\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-01 21:12
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- So, alle beschriebenen Schritt erledigt, habe ich etwas falsch gemacht, oder ist es normal das die Erweiterung im Internet Explorer noch vorhanden ist, und nochmal ein großes Dankeschön für deine Hilfe Geändert von jojo1812 (12.07.2014 um 19:49 Uhr) |
|
13.07.2014, 15:01
| #8 |
| /// the machine /// TB-Ausbilder | Download Protect Java updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
BHO: DownloadProtect Extension - {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} - C:\Program Files\{BF383C42-B9F2-4E89-87A9-5CCF49AD4CD8}\{5A40C85E-65CD-49BD-8F21-3D2152009E4F}.bin (Download Protect)
FF Extension: Download Protect - C:\WINDOWS\Installer\{68C802A5-2967-4E5B-9754-F2B8DBAB1106}\{E2B2D0E7-6FA3-4056-99B9-B77244F90DFC}.xpi [2014-05-24]
FF HKLM-x32\...\Firefox\Extensions: [{038F7C2F-4F03-48D5-9366-646F0CF3D5F8}] - C:\WINDOWS\Installer\{7DE888E3-FAC8-44B9-94AB-F17534D57E03}\{038F7C2F-4F03-48D5-9366-646F0CF3D5F8}.xpi
FF Extension: Download Protect - C:\WINDOWS\Installer\{7DE888E3-FAC8-44B9-94AB-F17534D57E03}\{038F7C2F-4F03-48D5-9366-646F0CF3D5F8}.xpi [2014-07-08]
CHR Extension: (Download Protect) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkebkimdfeodjmpogjbjbjdniiglimc [2014-07-08]
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.07.2014, 19:04
| #9 |
| | Download ProtectCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-07-2014 01
Ran by Jo Lehrmann at 2014-07-14 19:58:28 Run:1
Running from C:\Users\Johannes\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
BHO: DownloadProtect Extension - {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} - C:\Program Files\{BF383C42-B9F2-4E89-87A9-5CCF49AD4CD8}\{5A40C85E-65CD-49BD-8F21-3D2152009E4F}.bin (Download Protect)
FF Extension: Download Protect - C:\WINDOWS\Installer\{68C802A5-2967-4E5B-9754-F2B8DBAB1106}\{E2B2D0E7-6FA3-4056-99B9-B77244F90DFC}.xpi [2014-05-24]
FF HKLM-x32\...\Firefox\Extensions: [{038F7C2F-4F03-48D5-9366-646F0CF3D5F8}] - C:\WINDOWS\Installer\{7DE888E3-FAC8-44B9-94AB-F17534D57E03}\{038F7C2F-4F03-48D5-9366-646F0CF3D5F8}.xpi
FF Extension: Download Protect - C:\WINDOWS\Installer\{7DE888E3-FAC8-44B9-94AB-F17534D57E03}\{038F7C2F-4F03-48D5-9366-646F0CF3D5F8}.xpi [2014-07-08]
CHR Extension: (Download Protect) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkebkimdfeodjmpogjbjbjdniiglimc [2014-07-08]
*****************
C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}' => Key deleted successfully.
'HKCR\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}' => Key deleted successfully.
C:\WINDOWS\Installer\{68C802A5-2967-4E5B-9754-F2B8DBAB1106}\{E2B2D0E7-6FA3-4056-99B9-B77244F90DFC}.xpi => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{038F7C2F-4F03-48D5-9366-646F0CF3D5F8} => value deleted successfully.
C:\WINDOWS\Installer\{7DE888E3-FAC8-44B9-94AB-F17534D57E03}\{038F7C2F-4F03-48D5-9366-646F0CF3D5F8}.xpi => Moved successfully.
C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkebkimdfeodjmpogjbjbjdniiglimc => Moved successfully.
The system needed a reboot.
==== End of Fixlog ====
|
|
15.07.2014, 19:14
| #10 |
| /// the machine /// TB-Ausbilder | Download Protect Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
Revo Uninstaller herunter.
dann auf 
und dann auf 
.
Linear-Darstellung
