| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Mozilla öffnet von alleine neue TabsWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
29.07.2014, 14:22
| #1 |
| |  Mozilla öffnet von alleine neue Tabs Hallo liebes Trojaner Board Team, seit einiger Zeit öffnet sich bei meinem Firefox von alleine neue Tabs mit allerhand Werbung. Dazu kommt, dass ich auf den Seiten, auf denen ich mich befinde, immer wieder kleine Fenster mit Werbung von allen möglichen Dingen wie Spiele, Mode usw. habe die ich dann mit einem X wegklicken kann. Diese kommen aber ebenfalls immer wieder. Ich habe mal einen Scan durchgeführt aber habe auch weiter keine Ahnung davon. Ich bitte um Hilfe, liebe Grüße und vielen Dank schonmal FRST Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014 Ran by Markus (administrator) on MORGAN on 29-07-2014 15:06:36 Running from C:\Users\Markus\Downloads Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (SIEN S.A.) C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Dritek System INC.) C:\Windows\RfBtnSvc64.exe (Iminent) C:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Iminent) C:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe () C:\Program Files (x86)\SupTab\HpUI.exe (Intel Corporation) C:\Windows\System32\igfxext.exe () C:\Program Files (x86)\SupTab\Loader32.exe () C:\Program Files (x86)\SupTab\Loader64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Spotify Ltd) C:\Users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Smartbar) C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.exe (Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe () C:\Users\Markus\AppData\Local\Smartbar\Application\Lrcnta.exe (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor) HKLM-x32\...\Run: [LManager] => [X] HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-07-30] (Dritek System Inc.) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.) HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe HKLM-x32\...\Run: [AnyProtect Scanner] => "C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe" HKLM-x32\...\Run: [AnyProtect Tray] => "C:\Program Files (x86)\AnyProtectEx\AnyProtectTrayIcon.exe" HKLM-x32\...\Run: [fst_de_75] => [X] HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3478845354-2299671783-2462539787-1002\...\Run: [Spotify Web Helper] => C:\Users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-07-01] (Spotify Ltd) HKU\S-1-5-21-3478845354-2299671783-2462539787-1002\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Markus\AppData\Roaming\newnext.me\nengine.dll",EntryPoint (the data entry has 6 more characters). HKU\S-1-5-21-3478845354-2299671783-2462539787-1002\...\Run: [Browser Infrastructure Helper] => C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.exe [28952 2014-06-11] (Smartbar) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-02-21] (NVIDIA Corporation) AppInit_DLLs: C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL => C:\ProgramData\Fast And Safe\FastAndSafe_x64.dll [4302848 2014-07-24] () AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [201576 2013-02-21] (NVIDIA Corporation) AppInit_DLLs-x32: c:\progra~3\fastan~1\fastan~1.dll => c:\ProgramData\Fast And Safe\FastAndSafe.dll [4125696 2014-07-24] () IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ 9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9MmOw9z9BVWT2uaNGlcpA,,&q={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ 9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9MmOw9z9BVWT2uaNGlcpA,,&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1388195262&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms} SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKLM - {D5D69A15-4A00-4858-A6FD-DD708ED1681B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms} SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ 9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9Mly-dU_lgAWBeU3Pfbag,,&q={searchTerms} SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms} SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.iminent.com/?appId=DDDAC049-75D2-4819-AE02-A28036A20839&ref=toolbox&q={searchTerms} SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.iminent.com/?appId=DDDAC049-75D2-4819-AE02-A28036A20839&ref=toolbox&q={searchTerms} SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ 9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9MmOw9z9BVWT2uaNGlcpA,,&q={searchTerms} SearchScopes: HKCU - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms} BHO: video MediaPlay-Air -> {11111111-1111-1111-1111-110611171199} -> C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho64.dll (enter) BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: video MediaPlay-Air -> {11111111-1111-1111-1111-110611171199} -> C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho.dll (enter) BHO-x32: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> No File Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default FF NewTab: chrome://quick_start/content/index.html FF DefaultSearchEngine: StartWeb FF SearchEngineOrder.1: Sichere Suche FF SelectedSearchEngine: StartWeb FF Homepage: www.google.de FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF SearchPlugin: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\searchplugins\Web Search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nationzoom.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\StartWeb.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vi-view.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: video MediaPlay-Air - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com [2014-07-25] FF Extension: HQPureQualV1.8 - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\d55cd0d7-9f24-4660-95b3-188599e8e4f8@6b2faf04-e86f-4bcf-a878-632814acf518.com [2014-07-25] FF Extension: cosstminn - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\eeoaaaye@o-qjgl.edu [2014-07-25] FF Extension: Fast Start - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\faststartff@gmail.com [2014-07-25] FF Extension: WOwCiouuppon - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\rhooy@kafnvxxz.co.uk [2014-07-24] FF Extension: Iminent - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\webbooster@iminent.com.xpi [2014-07-03] FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\faststartff@gmail.com Chrome: ======= CHR HomePage: hxxp://start.iminent.com/?appId=DDDAC049-75D2-4819-AE02-A28036A20839 CHR StartupUrls: "https://www.google.de/?gws_rd=ssl" CHR DefaultSearchKeyword: start.iminent.com CHR DefaultNewTabURL: CHR Extension: (Google Docs) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-26] CHR Extension: (Google Drive) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-26] CHR Extension: (YouTube) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-26] CHR Extension: (Google-Suche) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-26] CHR Extension: (cosstminn) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf [2014-07-25] CHR Extension: (Google Wallet) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-26] CHR Extension: (Quick start) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-07-25] CHR Extension: (Google Mail) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-26] CHR Extension: (cosstminn) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0 [2014-07-25] CHR HKLM-x32\...\Chrome\Extension: [igdhbblpcellaljokkpfhcjlagemhgjl] - "C:\Program Files (x86)\Iminent\Iminent.crx" [2014-07-25] CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-07-25] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 64af91bf; c:\ProgramData\Fast And Safe\FastAndSafeSvc.dll [186192 2014-07-24] () [File not signed] R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2012-11-20] (ELAN Microelectronics Corp.) R2 GlobalUpdater; C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe [378152 2014-06-18] (SIEN S.A.) R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [702344 2014-07-25] (Cherished Technololgy LIMITED) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation) R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-07-30] (Dritek System INC.) R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exe [3209024 2014-07-18] (Iminent) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation) S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation) R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation) R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-07-30] (Dritek System Inc.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-29 15:06 - 2014-07-29 15:07 - 00026731 _____ () C:\Users\Markus\Downloads\FRST.txt 2014-07-29 15:05 - 2014-07-29 15:06 - 00000000 ____D () C:\FRST 2014-07-29 15:05 - 2014-07-29 15:05 - 02093568 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe 2014-07-29 14:49 - 2014-07-16 00:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys 2014-07-29 14:49 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2014-07-29 14:49 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2014-07-28 15:32 - 2014-07-28 15:32 - 00000000 ____D () C:\Program Files (x86)\WowCouponn 2014-07-25 15:29 - 2014-07-25 15:29 - 00003118 _____ () C:\Windows\System32\Tasks\{D0140B21-80DB-4F5B-9F90-290E5EA14860} 2014-07-25 15:26 - 2014-07-25 15:28 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Probit Software 2014-07-25 15:23 - 2014-07-25 15:23 - 00000000 ____D () C:\Users\Markus\AppData\Local\com 2014-07-25 15:22 - 2014-07-29 14:52 - 00001732 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1.job 2014-07-25 15:22 - 2014-07-29 14:52 - 00001566 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user.job 2014-07-25 15:22 - 2014-07-29 14:52 - 00001550 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.job 2014-07-25 15:22 - 2014-07-29 14:52 - 00001478 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.job 2014-07-25 15:22 - 2014-07-25 15:22 - 00004736 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1 2014-07-25 15:22 - 2014-07-25 15:22 - 00004554 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5 2014-07-25 15:22 - 2014-07-25 15:22 - 00004482 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2 2014-07-25 15:21 - 2014-07-29 14:52 - 00002366 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.job 2014-07-25 15:21 - 2014-07-25 15:23 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect 2014-07-25 15:21 - 2014-07-25 15:22 - 00005370 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4 2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\ProgramData\IePluginServices 2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-07-25 15:20 - 2014-07-28 15:26 - 00000000 ____D () C:\Program Files (x86)\globalUpdate 2014-07-25 15:20 - 2014-07-25 15:25 - 00000000 ____D () C:\ProgramData\cosstminn 2014-07-25 15:20 - 2014-07-25 15:22 - 00000000 ____D () C:\Program Files (x86)\video MediaPlay-Air 2014-07-25 15:20 - 2014-07-25 15:21 - 00000000 ____D () C:\Program Files (x86)\cosstminn 2014-07-25 15:20 - 2014-07-25 15:20 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\globalUpdate 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\Chromatic Browser 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser 2014-07-25 15:19 - 2014-07-25 15:28 - 00000000 ____D () C:\Program Files (x86)\Probit Software 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\SearchProtect 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$ 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 _____ () C:\END 2014-07-25 15:18 - 2014-07-25 15:18 - 01399360 _____ () C:\Users\Markus\Downloads\Setup.exe 2014-07-24 07:26 - 2014-07-28 15:32 - 00000000 ____D () C:\ProgramData\7a791e75f7c17ac 2014-07-24 07:25 - 2014-07-29 12:26 - 00000000 ____D () C:\ProgramData\WowCouponn 2014-07-24 07:05 - 2014-07-24 07:05 - 00000000 ____D () C:\ProgramData\Fast And Safe 2014-07-11 14:53 - 2014-07-11 14:53 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iTunes 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iPod 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-07-11 13:42 - 2014-07-11 13:42 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive 2014-07-11 13:30 - 2014-07-11 13:30 - 00000000 __RHD () C:\MSOCache 2014-07-10 20:35 - 2014-07-10 20:35 - 00421880 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-10 11:37 - 2014-06-26 22:53 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-10 11:37 - 2014-06-26 22:53 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-10 11:34 - 2014-07-10 11:35 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-09 00:38 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-09 00:38 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-09 00:38 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-09 00:38 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2014-07-09 00:38 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2014-07-09 00:38 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2014-07-09 00:38 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-09 00:38 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll 2014-07-09 00:38 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-07-09 00:38 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-07-09 00:38 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2014-07-09 00:38 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2014-07-09 00:38 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe 2014-07-09 00:38 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe 2014-07-09 00:38 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2014-07-09 00:38 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-07-09 00:38 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2014-07-09 00:38 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-07-09 00:37 - 2014-07-01 00:42 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-09 00:37 - 2014-07-01 00:42 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2014-07-09 00:37 - 2014-07-01 00:42 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2014-07-09 00:37 - 2014-06-28 05:35 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-09 00:37 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-09 00:37 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-09 00:37 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2014-07-09 00:37 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2014-07-09 00:37 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-09 00:37 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-09 00:37 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-09 00:37 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-09 00:37 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-09 00:37 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-09 00:37 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-09 00:37 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-09 00:37 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 00:37 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-09 00:37 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 00:37 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 00:37 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-09 00:37 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-09 00:37 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 00:37 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2014-07-09 00:37 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-09 00:37 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-09 00:37 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-03 18:50 - 2014-07-03 18:50 - 00001077 _____ () C:\Users\Markus\Desktop\DENON DJ ASIO Driver.lnk 2014-07-03 18:50 - 2014-07-03 18:50 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ 2014-07-03 18:49 - 2014-07-03 18:49 - 00435075 _____ () C:\Users\Markus\Downloads\DDJAsioDrv101.zip 2014-07-03 17:52 - 2014-07-03 17:52 - 00001098 _____ () C:\Users\Public\Desktop\Controller Editor.lnk 2014-07-03 17:52 - 2014-07-03 17:52 - 00000000 __HDC () C:\ProgramData\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9} 2014-07-03 17:45 - 2014-07-03 17:46 - 00000000 ____D () C:\Users\Markus\Documents\Native Instruments 2014-07-03 17:41 - 2014-07-03 17:41 - 00001006 _____ () C:\Users\Public\Desktop\Traktor 2.lnk 2014-07-03 17:41 - 2014-07-03 17:41 - 00000000 __HDC () C:\ProgramData\{05C334F7-C2A4-418A-9BC8-1542AE38D62B} 2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896} 2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28} 2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731} 2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{018F1C44-00D1-417B-B251-92A5634F74AE} 2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757} 2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73} 2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042} 2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD} 2014-07-03 17:34 - 2014-07-03 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments 2014-07-03 17:34 - 2014-07-03 17:52 - 00000000 ____D () C:\Program Files\Native Instruments 2014-07-03 17:34 - 2014-07-03 17:52 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments 2014-07-03 17:34 - 2014-07-03 17:37 - 00000000 ____D () C:\ProgramData\Native Instruments 2014-07-03 17:34 - 2014-07-03 17:34 - 00001063 _____ () C:\Users\Public\Desktop\Service Center.lnk 2014-07-03 17:34 - 2014-07-03 17:34 - 00000000 __HDC () C:\ProgramData\{C6A355F5-168B-4EEC-AB7C-75594F783EDB} 2014-07-03 17:19 - 2014-07-03 17:26 - 534450853 _____ () C:\Users\Markus\Downloads\Traktor_2_268_PC.zip 2014-07-03 15:36 - 2014-07-11 13:25 - 00000000 ____D () C:\Users\Markus\Desktop\Noten 2014-07-03 15:35 - 2014-07-03 15:54 - 00000000 ____D () C:\Users\Markus\Desktop\Musik Markus 2014-07-03 15:07 - 2014-07-24 07:05 - 00000000 ____D () C:\ProgramData\374311380 2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\Smartbar 2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\LPT 2014-07-03 15:03 - 2014-07-03 15:07 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 2014-07-03 15:02 - 2014-07-03 15:02 - 00797384 _____ (Company limited) C:\Users\Markus\Downloads\Virtual DJ v7.0 PRO Crack [ChattChitto RG].exe 2014-07-03 14:54 - 2014-07-03 14:54 - 01250584 _____ () C:\Users\Markus\Downloads\jvlsetup.exe 2014-07-03 13:53 - 2014-07-03 13:53 - 00000000 ____D () C:\Program Files (x86)\predm 2014-07-03 13:41 - 2014-06-18 09:54 - 00000000 ____D () C:\Program Files (x86)\Iminent 2014-07-03 13:40 - 2014-07-03 13:54 - 00000000 ____D () C:\Users\Markus\AppData\Local\Genesis_07031140 2014-07-03 13:40 - 2014-07-03 13:40 - 00000000 ____D () C:\Program Files\003 2014-07-03 13:27 - 2014-07-03 13:47 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job 2014-07-03 13:27 - 2014-07-03 13:36 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job 2014-07-03 13:27 - 2014-07-03 13:36 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job 2014-07-03 13:27 - 2014-07-03 13:28 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP3 2014-07-03 13:27 - 2014-07-03 13:28 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP2 2014-07-03 13:27 - 2014-07-03 13:27 - 00002810 _____ () C:\Windows\System32\Tasks\APSnotifierPP1 2014-07-03 13:27 - 2014-07-03 13:27 - 00000318 _____ () C:\Users\Markus\AppData\Roaming\aps.uninstall.scan.results 2014-07-03 13:26 - 2014-07-03 13:41 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up 2014-07-03 13:26 - 2014-07-03 13:26 - 00623696 _____ (Click Me In Limited) C:\Users\Markus\AppData\Local\nsbB897.tmp 2014-07-03 13:26 - 2014-07-03 13:26 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\InetStat 2014-07-03 12:35 - 2014-07-03 12:35 - 00012800 ___SH () C:\Users\Markus\Documents\Thumbs.db 2014-07-02 17:51 - 2014-07-03 12:22 - 00000000 ____D () C:\Users\Markus\AppData\Local\Deployment 2014-07-02 17:51 - 2014-07-02 17:51 - 00000000 ____D () C:\Users\Markus\AppData\Local\Apps\2.0 2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ___RD () C:\Users\Markus\SkyDrive 2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive 2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive 2014-07-01 15:18 - 2014-07-01 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-07-01 15:17 - 2014-07-10 12:04 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-07-01 15:17 - 2014-07-01 15:17 - 00989376 _____ (Microsoft Corporation) C:\Users\Markus\Downloads\Setup.X86.de-DE_O365HomePremRetail_87ed99a4-6c59-4399-a86e-769502a1fec2_TX_DB_.exe 2014-07-01 10:46 - 2014-07-01 10:46 - 00000000 ____D () C:\Users\Markus\AppData\Local\Tracker Software ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-29 15:07 - 2014-07-29 15:06 - 00026731 _____ () C:\Users\Markus\Downloads\FRST.txt 2014-07-29 15:06 - 2014-07-29 15:05 - 00000000 ____D () C:\FRST 2014-07-29 15:05 - 2014-07-29 15:05 - 02093568 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe 2014-07-29 15:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru 2014-07-29 14:58 - 2013-07-31 03:19 - 00753134 _____ () C:\Windows\system32\perfh007.dat 2014-07-29 14:58 - 2013-07-31 03:19 - 00155826 _____ () C:\Windows\system32\perfc007.dat 2014-07-29 14:58 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-29 14:52 - 2014-07-25 15:22 - 00001732 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1.job 2014-07-29 14:52 - 2014-07-25 15:22 - 00001566 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user.job 2014-07-29 14:52 - 2014-07-25 15:22 - 00001550 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.job 2014-07-29 14:52 - 2014-07-25 15:22 - 00001478 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.job 2014-07-29 14:52 - 2014-07-25 15:21 - 00002366 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.job 2014-07-29 14:52 - 2014-03-26 21:09 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-29 14:52 - 2013-12-28 03:48 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\newnext.me 2014-07-29 14:51 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-29 14:50 - 2013-10-28 22:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-29 14:50 - 2013-07-30 17:35 - 01098036 _____ () C:\Windows\WindowsUpdate.log 2014-07-29 14:50 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-07-29 14:49 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp 2014-07-29 14:35 - 2014-03-26 21:09 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-29 12:26 - 2014-07-24 07:25 - 00000000 ____D () C:\ProgramData\WowCouponn 2014-07-29 12:26 - 2013-05-23 06:13 - 00042110 _____ () C:\Windows\PFRO.log 2014-07-28 16:01 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent 2014-07-28 15:32 - 2014-07-28 15:32 - 00000000 ____D () C:\Program Files (x86)\WowCouponn 2014-07-28 15:32 - 2014-07-24 07:26 - 00000000 ____D () C:\ProgramData\7a791e75f7c17ac 2014-07-28 15:26 - 2014-07-25 15:20 - 00000000 ____D () C:\Program Files (x86)\globalUpdate 2014-07-25 15:29 - 2014-07-25 15:29 - 00003118 _____ () C:\Windows\System32\Tasks\{D0140B21-80DB-4F5B-9F90-290E5EA14860} 2014-07-25 15:28 - 2014-07-25 15:26 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Probit Software 2014-07-25 15:28 - 2014-07-25 15:19 - 00000000 ____D () C:\Program Files (x86)\Probit Software 2014-07-25 15:26 - 2014-03-26 21:09 - 00002237 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-07-25 15:25 - 2014-07-25 15:20 - 00000000 ____D () C:\ProgramData\cosstminn 2014-07-25 15:23 - 2014-07-25 15:23 - 00000000 ____D () C:\Users\Markus\AppData\Local\com 2014-07-25 15:23 - 2014-07-25 15:21 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect 2014-07-25 15:22 - 2014-07-25 15:22 - 00004736 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1 2014-07-25 15:22 - 2014-07-25 15:22 - 00004554 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5 2014-07-25 15:22 - 2014-07-25 15:22 - 00004482 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2 2014-07-25 15:22 - 2014-07-25 15:21 - 00005370 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4 2014-07-25 15:22 - 2014-07-25 15:20 - 00000000 ____D () C:\Program Files (x86)\video MediaPlay-Air 2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\ProgramData\IePluginServices 2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-07-25 15:21 - 2014-07-25 15:20 - 00000000 ____D () C:\Program Files (x86)\cosstminn 2014-07-25 15:21 - 2014-03-26 21:09 - 00000000 ____D () C:\Program Files (x86)\Google 2014-07-25 15:20 - 2014-07-25 15:20 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\globalUpdate 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\Chromatic Browser 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser 2014-07-25 15:20 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-07-25 15:20 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\SearchProtect 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$ 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 _____ () C:\END 2014-07-25 15:19 - 2014-03-26 21:09 - 00000000 ____D () C:\Users\Markus\AppData\Local\Google 2014-07-25 15:18 - 2014-07-25 15:18 - 01399360 _____ () C:\Users\Markus\Downloads\Setup.exe 2014-07-24 07:05 - 2014-07-24 07:05 - 00000000 ____D () C:\ProgramData\Fast And Safe 2014-07-24 07:05 - 2014-07-03 15:07 - 00000000 ____D () C:\ProgramData\374311380 2014-07-20 16:25 - 2012-07-26 09:21 - 00036379 _____ () C:\Windows\setupact.log 2014-07-16 00:51 - 2014-07-29 14:49 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys 2014-07-11 17:54 - 2013-10-26 15:38 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3478845354-2299671783-2462539787-1002 2014-07-11 14:53 - 2014-07-11 14:53 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iTunes 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iPod 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-07-11 13:42 - 2014-07-11 13:42 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive 2014-07-11 13:30 - 2014-07-11 13:30 - 00000000 __RHD () C:\MSOCache 2014-07-11 13:25 - 2014-07-03 15:36 - 00000000 ____D () C:\Users\Markus\Desktop\Noten 2014-07-11 13:20 - 2014-01-06 00:33 - 00083456 ___SH () C:\Users\Markus\Desktop\Thumbs.db 2014-07-10 20:35 - 2014-07-10 20:35 - 00421880 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-10 13:22 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache 2014-07-10 12:04 - 2014-07-01 15:17 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-07-10 11:35 - 2014-07-10 11:34 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-10 11:35 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-07-10 11:35 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-07-10 11:34 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore 2014-07-10 11:34 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-09 12:21 - 2013-10-27 04:04 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-09 12:18 - 2013-10-27 04:04 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-09 00:50 - 2013-10-28 22:33 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-04 16:36 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2014-07-04 01:19 - 2013-11-18 02:03 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-07-04 01:11 - 2013-12-04 22:06 - 00036352 ___SH () C:\Users\Markus\Downloads\Thumbs.db 2014-07-03 18:50 - 2014-07-03 18:50 - 00001077 _____ () C:\Users\Markus\Desktop\DENON DJ ASIO Driver.lnk 2014-07-03 18:50 - 2014-07-03 18:50 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ 2014-07-03 18:49 - 2014-07-03 18:49 - 00435075 _____ () C:\Users\Markus\Downloads\DDJAsioDrv101.zip 2014-07-03 17:52 - 2014-07-03 17:52 - 00001098 _____ () C:\Users\Public\Desktop\Controller Editor.lnk 2014-07-03 17:52 - 2014-07-03 17:52 - 00000000 __HDC () C:\ProgramData\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9} 2014-07-03 17:52 - 2014-07-03 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments 2014-07-03 17:52 - 2014-07-03 17:34 - 00000000 ____D () C:\Program Files\Native Instruments 2014-07-03 17:52 - 2014-07-03 17:34 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments 2014-07-03 17:46 - 2014-07-03 17:45 - 00000000 ____D () C:\Users\Markus\Documents\Native Instruments 2014-07-03 17:41 - 2014-07-03 17:41 - 00001006 _____ () C:\Users\Public\Desktop\Traktor 2.lnk 2014-07-03 17:41 - 2014-07-03 17:41 - 00000000 __HDC () C:\ProgramData\{05C334F7-C2A4-418A-9BC8-1542AE38D62B} 2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896} 2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28} 2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731} 2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100} 2014-07-03 17:37 - 2014-07-03 17:34 - 00000000 ____D () C:\ProgramData\Native Instruments 2014-07-03 17:37 - 2013-07-30 17:48 - 00118426 _____ () C:\Windows\DPINST.LOG 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{018F1C44-00D1-417B-B251-92A5634F74AE} 2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757} 2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73} 2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042} 2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD} 2014-07-03 17:34 - 2014-07-03 17:34 - 00001063 _____ () C:\Users\Public\Desktop\Service Center.lnk 2014-07-03 17:34 - 2014-07-03 17:34 - 00000000 __HDC () C:\ProgramData\{C6A355F5-168B-4EEC-AB7C-75594F783EDB} 2014-07-03 17:26 - 2014-07-03 17:19 - 534450853 _____ () C:\Users\Markus\Downloads\Traktor_2_268_PC.zip 2014-07-03 15:54 - 2014-07-03 15:35 - 00000000 ____D () C:\Users\Markus\Desktop\Musik Markus 2014-07-03 15:07 - 2014-07-03 15:03 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\Smartbar 2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\LPT 2014-07-03 15:02 - 2014-07-03 15:02 - 00797384 _____ (Company limited) C:\Users\Markus\Downloads\Virtual DJ v7.0 PRO Crack [ChattChitto RG].exe 2014-07-03 14:54 - 2014-07-03 14:54 - 01250584 _____ () C:\Users\Markus\Downloads\jvlsetup.exe 2014-07-03 13:54 - 2014-07-03 13:40 - 00000000 ____D () C:\Users\Markus\AppData\Local\Genesis_07031140 2014-07-03 13:53 - 2014-07-03 13:53 - 00000000 ____D () C:\Program Files (x86)\predm 2014-07-03 13:47 - 2014-07-03 13:27 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job 2014-07-03 13:41 - 2014-07-03 13:26 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up 2014-07-03 13:40 - 2014-07-03 13:40 - 00000000 ____D () C:\Program Files\003 2014-07-03 13:37 - 2013-05-23 06:45 - 00000000 ____D () C:\ProgramData\McAfee 2014-07-03 13:36 - 2014-07-03 13:27 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job 2014-07-03 13:36 - 2014-07-03 13:27 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job 2014-07-03 13:35 - 2013-10-28 22:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-07-03 13:28 - 2014-07-03 13:27 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP3 2014-07-03 13:28 - 2014-07-03 13:27 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP2 2014-07-03 13:27 - 2014-07-03 13:27 - 00002810 _____ () C:\Windows\System32\Tasks\APSnotifierPP1 2014-07-03 13:27 - 2014-07-03 13:27 - 00000318 _____ () C:\Users\Markus\AppData\Roaming\aps.uninstall.scan.results 2014-07-03 13:26 - 2014-07-03 13:26 - 00623696 _____ (Click Me In Limited) C:\Users\Markus\AppData\Local\nsbB897.tmp 2014-07-03 13:26 - 2014-07-03 13:26 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\InetStat 2014-07-03 12:35 - 2014-07-03 12:35 - 00012800 ___SH () C:\Users\Markus\Documents\Thumbs.db 2014-07-03 12:22 - 2014-07-02 17:51 - 00000000 ____D () C:\Users\Markus\AppData\Local\Deployment 2014-07-02 17:51 - 2014-07-02 17:51 - 00000000 ____D () C:\Users\Markus\AppData\Local\Apps\2.0 2014-07-01 16:21 - 2013-10-26 15:34 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Spotify 2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ___RD () C:\Users\Markus\SkyDrive 2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive 2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive 2014-07-01 15:23 - 2013-10-26 15:28 - 00000000 ____D () C:\Users\Markus 2014-07-01 15:20 - 2014-07-01 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-07-01 15:18 - 2013-10-26 15:29 - 00000000 ____D () C:\Users\Markus\AppData\Local\VirtualStore 2014-07-01 15:17 - 2014-07-01 15:17 - 00989376 _____ (Microsoft Corporation) C:\Users\Markus\Downloads\Setup.X86.de-DE_O365HomePremRetail_87ed99a4-6c59-4399-a86e-769502a1fec2_TX_DB_.exe 2014-07-01 10:48 - 2013-05-23 06:45 - 00000000 ____D () C:\Program Files\mcafee 2014-07-01 10:46 - 2014-07-01 10:46 - 00000000 ____D () C:\Users\Markus\AppData\Local\Tracker Software 2014-07-01 10:24 - 2013-10-26 15:34 - 00000000 ____D () C:\Users\Markus\AppData\Local\Spotify 2014-07-01 00:42 - 2014-07-09 00:37 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-01 00:42 - 2014-07-09 00:37 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2014-07-01 00:42 - 2014-07-09 00:37 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll Some content of TEMP: ==================== C:\Users\Markus\AppData\Local\Temp\BackupSetup.exe C:\Users\Markus\AppData\Local\Temp\COMAP.EXE C:\Users\Markus\AppData\Local\Temp\fp_pl_pfs_installer-1.exe C:\Users\Markus\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\Markus\AppData\Local\Temp\Installer.exe C:\Users\Markus\AppData\Local\Temp\MSETUP4.EXE C:\Users\Markus\AppData\Local\Temp\nsb6A5.exe C:\Users\Markus\AppData\Local\Temp\nsd3F29.exe C:\Users\Markus\AppData\Local\Temp\nsg467E.exe C:\Users\Markus\AppData\Local\Temp\nsiCC9.exe C:\Users\Markus\AppData\Local\Temp\nsk1026.exe C:\Users\Markus\AppData\Local\Temp\nsm93E.exe C:\Users\Markus\AppData\Local\Temp\nsz42B4.exe C:\Users\Markus\AppData\Local\Temp\OptimizerPro.exe C:\Users\Markus\AppData\Local\Temp\Setup.exe C:\Users\Markus\AppData\Local\Temp\UNT268F.exe C:\Users\Markus\AppData\Local\Temp\UNT26B0.exe C:\Users\Markus\AppData\Local\Temp\VOPackage.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-28 15:29 ==================== End Of Log ============================ Addition Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014 Ran by Markus at 2014-07-29 15:07:38 Running from C:\Users\Markus\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated) Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated) AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated) AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.) Canon MG2200 series Benutzerregistrierung (HKLM-x32\...\Canon MG2200 series Benutzerregistrierung) (Version: - Canon Inc.) Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.00 - Canon Inc.) Canon MG2200 series On-screen Manual (HKLM-x32\...\Canon MG2200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.) clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated) clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated) Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden DENON DJ ASIO Driver (HKLM-x32\...\{E2BF2060-D1DB-441A-8739-30E7BAA534BA}) (Version: 1.0.0 - DENON_DJ) Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.) ETDWare PS/2-X64 11.6.16.003_WHQL (HKLM\...\Elantech) (Version: 11.6.16.003 - ELAN Microelectronic Corp.) Fast And Safe (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf}) (Version: - GTgroup) <==== ATTENTION Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.) Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.) Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.) Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated) Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4631.1002 - Microsoft Corporation) Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others) Native Instruments Audio 2 DJ Driver (HKLM-x32\...\Native Instruments Audio 2 DJ Driver) (Version: - Native Instruments) Native Instruments Audio 2 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden Native Instruments Audio 4 DJ Driver (HKLM-x32\...\Native Instruments Audio 4 DJ Driver) (Version: - Native Instruments) Native Instruments Audio 4 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden Native Instruments Audio 8 DJ Driver (HKLM-x32\...\Native Instruments Audio 8 DJ Driver) (Version: - Native Instruments) Native Instruments Audio 8 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.3.46 - Native Instruments) Native Instruments Controller Editor (Version: 1.6.3.46 - Native Instruments) Hidden Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments) Native Instruments Service Center (Version: 2.5.2.1549 - Native Instruments) Hidden Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.8.382 - Native Instruments) Native Instruments Traktor 2 (Version: 2.6.8.382 - Native Instruments) Hidden Native Instruments Traktor Audio 10 Driver (HKLM-x32\...\Native Instruments Traktor Audio 10 Driver) (Version: - Native Instruments) Native Instruments Traktor Audio 10 Driver (Version: 3.1.0.761 - Native Instruments) Hidden Native Instruments Traktor Audio 2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 Driver) (Version: - Native Instruments) Native Instruments Traktor Audio 2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden Native Instruments Traktor Audio 2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 MK2 Driver) (Version: - Native Instruments) Native Instruments Traktor Audio 2 MK2 Driver (Version: 3.1.3.804 - Native Instruments) Hidden Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version: - Native Instruments) Native Instruments Traktor Audio 6 Driver (Version: 3.1.0.761 - Native Instruments) Hidden Native Instruments Traktor Kontrol F1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol F1 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol F1 Driver (Version: 3.0.2.664 - Native Instruments) Hidden Native Instruments Traktor Kontrol S2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol S2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol S2 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden Native Instruments Traktor Kontrol S4 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol S4 Driver (Version: 3.1.0.761 - Native Instruments) Hidden Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol S4 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden Native Instruments Traktor Kontrol X1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol X1 Driver (Version: 3.0.1.648 - Native Instruments) Hidden Native Instruments Traktor Kontrol X1 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 MK2 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol X1 MK2 Driver (Version: 3.1.1.780 - Native Instruments) Hidden Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol Z1 Driver (Version: 3.1.1.780 - Native Instruments) Hidden Native Instruments Traktor Kontrol Z2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z2 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol Z2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG) Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r2 - Symantec Corporation) Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden NVIDIA Grafiktreiber 311.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.30 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation) NVIDIA Systemsteuerung 311.30 (Version: 311.30 - NVIDIA Corporation) Hidden NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation) NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer) Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.213.1 - Tracker Software Products Ltd) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB) Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden Yahoo Community Smartbar (HKLM-x32\...\{3BC7022B-CDE0-4664-9AB6-E3EC25CE644A}) (Version: 11.63.66.17714 - Linkury Inc.) <==== ATTENTION ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 08-07-2014 22:50:54 Windows Update 18-07-2014 10:30:50 Geplanter Prüfpunkt 28-07-2014 13:27:40 Geplanter Prüfpunkt ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05213698-A30E-4087-A857-31B7B60B5F25} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] () Task: {12421D3C-85C4-48C8-9352-53C1AC3B0385} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe Task: {1A15979C-EE4A-4CF4-8CF5-4D52683E0C06} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {1BA20418-F45D-4183-A8A4-9192CAC32CD6} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe [2014-07-25] (enter) <==== ATTENTION Task: {20850515-6079-456E-AB44-DCEBB8D45EF1} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] () Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {24E43C6C-F3AC-463B-8C4B-0B2053EDFC8F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation) Task: {39CE24A0-32CB-4D61-8019-FEF551B287F2} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated) Task: {4586CBE0-97ED-4137-A2C6-712A2A5C4805} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-09] (Microsoft Corporation) Task: {4C5BD0C1-8937-43CB-B64F-9120AA18F3B8} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation) Task: {4FB017EE-E51B-40C1-A86A-5F5DC43A7801} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated) Task: {545A398B-78E7-464F-A80E-3A033AD37198} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1 => C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-codedownloader.exe [2014-07-25] (enter) <==== ATTENTION Task: {5FDBD969-AC66-42BA-B22F-58849328109C} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe Task: {744490FD-A8F4-4CC0-878F-02D587DA55F1} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4 => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.exe [2014-07-25] (enter) <==== ATTENTION Task: {9174E7C1-BD86-402F-A9A3-A50B8AB03EEE} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe Task: {A198AA06-64A7-4996-A258-2E17F6098A91} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {E80D32C7-3C42-4C4E-B26A-F5B8567B330D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {E85FF466-D7B9-4206-8906-1898F42B0397} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5 => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe [2014-07-25] (enter) <==== ATTENTION Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {EC07CB73-2C28-41A7-AD5F-140BA260C200} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated) Task: {EC2BCA28-D75E-477D-A070-22C6183A4EE7} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2 => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.exe [2014-07-25] (enter) <==== ATTENTION Task: {FDDCCCB6-C4DD-4184-AE57-C7D07889303D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-10] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1.job => C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-codedownloader.exe Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.exe Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.exe Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-07-02 10:01 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-11-18 02:03 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2014-07-23 16:32 - 2014-07-25 15:21 - 00106376 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll 2014-07-23 16:32 - 2014-07-25 15:21 - 00732040 _____ () C:\Program Files (x86)\SupTab\HpUI.exe 2014-07-16 11:16 - 2014-07-16 11:16 - 00064000 _____ () C:\Program Files (x86)\SupTab\Loader32.exe 2014-07-16 10:55 - 2014-07-16 10:55 - 00073216 _____ () C:\Program Files (x86)\SupTab\Loader64.exe 2013-05-23 07:06 - 2012-10-23 20:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-06-11 15:27 - 2014-06-11 15:27 - 00024344 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Lrcnta.exe 2014-07-24 07:05 - 2014-07-24 07:05 - 00186192 _____ () c:\ProgramData\Fast And Safe\FastAndSafeSvc.dll 2014-07-24 07:05 - 2014-07-24 07:05 - 04125696 _____ () c:\ProgramData\Fast And Safe\FastAndSafe.dll 2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-07-23 16:32 - 2014-07-25 15:21 - 00093576 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00045848 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00070936 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srau.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00166680 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 02337048 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00067864 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\spbl.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00156952 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00015128 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\siem.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00066840 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\sppsm.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00697624 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00015640 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00079640 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00027928 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll 2014-06-11 15:29 - 2014-06-11 15:29 - 00060184 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srut.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00030488 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srsbs.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00066328 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00150296 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\smti.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00032024 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srom.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00031512 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\smtu.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00040216 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\smta.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00046872 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srbu.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00024856 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\sgml.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00062744 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00025368 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srpdm.dll 2014-06-11 15:27 - 2014-06-11 15:27 - 00044312 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\MACTrackBarLib.dll 2014-06-11 15:27 - 2014-06-11 15:27 - 00025880 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00036120 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00256280 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srns.dll 2014-06-24 21:41 - 2014-06-24 21:41 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-06-11 15:27 - 2014-06-11 15:27 - 00034072 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\lrcnt.dll 2013-07-30 17:40 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird. Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird. Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird. Error: (07/28/2014 03:18:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Umbrella210.exe, Version: 4.29.0.1, Zeitstempel: 0x53c89bf9 Name des fehlerhaften Moduls: Umbrella210.exe, Version: 4.29.0.1, Zeitstempel: 0x53c89bf9 Ausnahmecode: 0x40000015 Fehleroffset: 0x001c05a9 ID des fehlerhaften Prozesses: 0xe2c Startzeit der fehlerhaften Anwendung: 0xUmbrella210.exe0 Pfad der fehlerhaften Anwendung: Umbrella210.exe1 Pfad des fehlerhaften Moduls: Umbrella210.exe2 Berichtskennung: Umbrella210.exe3 Vollständiger Name des fehlerhaften Pakets: Umbrella210.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Umbrella210.exe5 Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15594 Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15594 Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 12265 Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 12265 Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (07/29/2014 02:53:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (07/29/2014 02:51:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (07/29/2014 00:29:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (07/29/2014 00:26:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (07/28/2014 03:18:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "SProtection" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (07/25/2014 03:28:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (07/25/2014 03:26:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (07/25/2014 03:26:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (07/25/2014 03:26:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht. Error: (07/22/2014 01:40:25 PM) (Source: Tcpip) (EventID: 4199) (User: ) Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.2.100 mit dem Computer mit der Netzwerkhardwareadresse 00-26-AB-68-ED-8E ermittelt. Netzwerkvorgänge könnten daher auf diesem System unterbrochen werden. Microsoft Office Sessions: ========================= Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4 Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4 Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4 Error: (07/28/2014 03:18:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Umbrella210.exe4.29.0.153c89bf9Umbrella210.exe4.29.0.153c89bf940000015001c05a9e2c01cfa80c05658c6eC:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exeC:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exea45faa4e-1659-11e4-be8c-208984ce3dc2 Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15594 Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15594 Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 12265 Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 12265 Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second ==================== Memory info =========================== Percentage of memory in use: 26% Total physical RAM: 8007.27 MB Available physical RAM: 5922.41 MB Total Pagefile: 11463.27 MB Available Pagefile: 9320.42 MB Total Virtual: 8192 MB Available Virtual: 8191.76 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:682.19 GB) (Free:598.92 GB) NTFS Drive d: (27 Jun 2014) (CDROM) (Total:0.69 GB) (Free:0.3 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 699 GB) (Disk ID: B716F7A2) Partition: GPT Partition Type. ==================== End Of Log ============================ |
Baum-Darstellung